bka
385 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Sultan Alsawaf
|
26a793cb28 |
Revert "mutex: Add a delay into the SPIN_ON_OWNER wait loop."
This reverts commit
|
||
|
Wilson Sung
|
67711e47f3 |
Merge android-4.9-q (4.9.292) into android-msm-pixel-4.9-sc-lts
Merge 4.9.292 into android-4.9-q
Linux 4.9.292
* serial: core: fix transmit-buffer reset and memleak
drivers/tty/serial/serial_core.c
* serial: pl011: Add ACPI SBSA UART match id
drivers/tty/serial/amba-pl011.c
* tty: serial: msm_serial: Deactivate RX DMA for polling support
drivers/tty/serial/msm_serial.c
* vgacon: Propagate console boot parameters before calling `vc_resize'
drivers/video/console/vgacon.c
* parisc: Fix "make install" on newer debian releases
arch/parisc/install.sh
* net/rds: correct socket tunable error in rds_tcp_tune()
net/rds/tcp.c
* siphash: use _unaligned version by default
include/linux/siphash.h
lib/siphash.c
* net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings()
drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.c
* natsemi: xtensa: fix section mismatch warnings
drivers/net/ethernet/natsemi/xtsonic.c
* fget: check that the fd still exists after getting a ref to it
fs/file.c
* fs: add fget_many() and fput_many()
fs/file.c
fs/file_table.c
include/linux/file.h
include/linux/fs.h
* sata_fsl: fix warning in remove_proc_entry when rmmod sata_fsl
drivers/ata/sata_fsl.c
* sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl
drivers/ata/sata_fsl.c
* kprobes: Limit max data_size of the kretprobe instances
include/linux/kprobes.h
kernel/kprobes.c
* vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit
drivers/net/vrf.c
* net: ethernet: dec: tulip: de4x5: fix possible array overflows in type3_infoblock()
drivers/net/ethernet/dec/tulip/de4x5.c
* net: tulip: de4x5: fix the problem that the array 'lp->phy[8]' may be out of bound
drivers/net/ethernet/dec/tulip/de4x5.c
* ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()
drivers/net/ethernet/hisilicon/hns/hns_dsaf_misc.c
* scsi: iscsi: Unblock session then wake up error handler
drivers/scsi/scsi_transport_iscsi.c
* thermal: core: Reset previous low and high trip during thermal zone init
drivers/thermal/thermal_core.c
* s390/setup: avoid using memblock_enforce_memory_limit
arch/s390/kernel/setup.c
* platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3 deep
drivers/platform/x86/thinkpad_acpi.c
* net: return correct error code
net/ipv4/devinet.c
* hugetlb: take PMD sharing into account when flushing tlb/caches
mm/hugetlb.c
* NFSv42: Fix pagecache invalidation after COPY/CLONE
fs/nfs/nfs42proc.c
* shm: extend forced shm destroy to support objects from several IPC nses
include/linux/ipc_namespace.h
include/linux/sched.h
include/linux/shm.h
ipc/shm.c
* tty: hvc: replace BUG_ON() with negative return value
drivers/tty/hvc/hvc_xen.c
* xen/netfront: don't trust the backend response data blindly
drivers/net/xen-netfront.c
* xen/netfront: disentangle tx_skb_freelist
drivers/net/xen-netfront.c
* xen/netfront: don't read data from request on the ring page
drivers/net/xen-netfront.c
* xen/netfront: read response from backend only once
drivers/net/xen-netfront.c
* xen/blkfront: don't trust the backend response data blindly
drivers/block/xen-blkfront.c
* xen/blkfront: don't take local copy of a request from the ring page
drivers/block/xen-blkfront.c
* xen/blkfront: read response from backend only once
drivers/block/xen-blkfront.c
* xen: sync include/xen/interface/io/ring.h with Xen's newest version
include/xen/interface/io/ring.h
* fuse: release pipe buf after last use
fs/fuse/dev.c
* NFC: add NCI_UNREG flag to eliminate the race
include/net/nfc/nci_core.h
net/nfc/nci/core.c
* proc/vmcore: fix clearing user buffer by properly using clear_user()
fs/proc/vmcore.c
* vhost/vsock: fix incorrect used length reported to the guest
drivers/vhost/vsock.c
* hugetlbfs: flush TLBs correctly after huge_pmd_unshare
arch/arm/include/asm/tlb.h
arch/ia64/include/asm/tlb.h
arch/s390/include/asm/tlb.h
arch/sh/include/asm/tlb.h
arch/um/include/asm/tlb.h
include/asm-generic/tlb.h
mm/hugetlb.c
mm/memory.c
* tracing: Check pid filtering when creating events
kernel/trace/trace_events.c
* tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited flows
net/ipv4/tcp_cubic.c
* PM: hibernate: use correct mode for swsusp_close()
kernel/power/hibernate.c
* drm/vc4: fix error code in vc4_create_object()
drivers/gpu/drm/vc4/vc4_bo.c
* scsi: mpt3sas: Fix kernel panic during drive powercycle test
drivers/scsi/mpt3sas/mpt3sas_scsih.c
* ARM: socfpga: Fix crash with CONFIG_FORTIRY_SOURCE
arch/arm/mach-socfpga/core.h
arch/arm/mach-socfpga/platsmp.c
* NFSv42: Don't fail clone() unless the OP_CLONE operation failed
fs/nfs/nfs42xdr.c
* net: ieee802154: handle iftypes as u32
include/net/nl802154.h
* ASoC: topology: Add missing rwsem around snd_ctl_remove() calls
sound/soc/soc-topology.c
* ARM: dts: BCM5301X: Add interrupt properties to GPIO node
arch/arm/boot/dts/bcm5301x.dtsi
* tracing: Fix pid filtering when triggers are attached
kernel/trace/trace.h
* xen: detect uninitialized xenbus in xenbus_init
drivers/xen/xenbus/xenbus_probe.c
* xen: don't continue xenstore initialization in case of errors
drivers/xen/xenbus/xenbus_probe.c
* fuse: fix page stealing
fs/fuse/dev.c
* staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()
drivers/staging/rtl8192e/rtl8192e/rtl_core.c
* ALSA: ctxfi: Fix out-of-range access
sound/pci/ctxfi/ctamixer.c
sound/pci/ctxfi/ctdaio.c
sound/pci/ctxfi/ctresource.c
sound/pci/ctxfi/ctresource.h
sound/pci/ctxfi/ctsrc.c
* binder: fix test regression due to sender_euid change
drivers/android/binder.c
* usb: hub: Fix locking issues with address0_mutex
drivers/usb/core/hub.c
* usb: hub: Fix usb enumeration issue due to address0 race
drivers/usb/core/hub.c
* USB: serial: option: add Fibocom FM101-GL variants
drivers/usb/serial/option.c
* USB: serial: option: add Telit LE910S1 0x9200 composition
drivers/usb/serial/option.c
* staging: ion: Prevent incorrect reference counting behavour
drivers/staging/android/ion/ion.c
Merge 4.9.291 into android-4.9-q
Linux 4.9.291
* soc/tegra: pmc: Fix imbalanced clock disabling in error code path
drivers/soc/tegra/pmc.c
* usb: max-3421: Use driver data instead of maintaining a list of bound devices
drivers/usb/host/max3421-hcd.c
* ASoC: DAPM: Cover regression by kctl change notification fix
sound/soc/soc-dapm.c
* batman-adv: Don't always reallocate the fragmentation skb head
net/batman-adv/fragmentation.c
* batman-adv: Reserve needed_*room for fragments
net/batman-adv/fragmentation.c
* batman-adv: Consider fragmentation for needed_headroom
net/batman-adv/hard-interface.c
* batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh
net/batman-adv/bridge_loop_avoidance.c
* batman-adv: mcast: fix duplicate mcast packets in BLA backbone from LAN
net/batman-adv/multicast.c
net/batman-adv/multicast.h
net/batman-adv/soft-interface.c
* batman-adv: Fix own OGM check in aggregated OGMs
net/batman-adv/bat_v_ogm.c
* batman-adv: Keep fragments equally sized
net/batman-adv/fragmentation.c
* drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga and dvi connectors
drivers/gpu/drm/amd/amdgpu/amdgpu_connectors.c
* drm/udl: fix control-message timeout
drivers/gpu/drm/udl/udl_connector.c
* cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
net/wireless/util.c
* parisc/sticon: fix reverse colors
drivers/video/console/sticon.c
* btrfs: fix memory ordering between normal and ordered work functions
fs/btrfs/async-thread.c
* mm: kmemleak: slob: respect SLAB_NOLEAKTRACE flag
mm/slab.h
* hexagon: export raw I/O routines for modules
arch/hexagon/lib/io.c
* tun: fix bonding active backup with arp monitoring
drivers/net/tun.c
* perf/x86/intel/uncore: Fix IIO event constraints for Skylake Server
arch/x86/events/intel/uncore_snbep.c
* perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake Server
arch/x86/events/intel/uncore_snbep.c
* NFC: reorder the logic in nfc_{un,}register_device
net/nfc/core.c
* NFC: reorganize the functions in nci_request
net/nfc/nci/core.c
* platform/x86: hp_accel: Fix an error handling path in 'lis3lv02d_probe()'
drivers/platform/x86/hp_accel.c
* mips: bcm63xx: add support for clk_get_parent()
arch/mips/bcm63xx/clk.c
* iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset
drivers/net/ethernet/intel/i40evf/i40evf_main.c
* net: bnx2x: fix variable dereferenced before check
drivers/net/ethernet/broadcom/bnx2x/bnx2x_init_ops.h
* sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain()
kernel/sched/core.c
* mips: BCM63XX: ensure that CPU_SUPPORTS_32BIT_KERNEL is set
arch/mips/Kconfig
* sh: define __BIG_ENDIAN for math-emu
arch/sh/include/asm/sfp-machine.h
* sh: fix kconfig unmet dependency warning for FRAME_POINTER
arch/sh/Kconfig.debug
* maple: fix wrong return value of maple_bus_init().
drivers/sh/maple/maple.c
* sh: check return code of request_irq
arch/sh/kernel/cpu/sh4a/smp-shx3.c
* powerpc/dcr: Use cmplwi instead of 3-argument cmpli
arch/powerpc/sysdev/dcr-low.S
* ALSA: gus: fix null pointer dereference on pointer block
sound/isa/gus/gus_dma.c
* powerpc/5200: dts: fix memory node unit name
arch/powerpc/boot/dts/charon.dts
arch/powerpc/boot/dts/digsy_mtc.dts
arch/powerpc/boot/dts/lite5200.dts
arch/powerpc/boot/dts/lite5200b.dts
arch/powerpc/boot/dts/media5200.dts
arch/powerpc/boot/dts/mpc5200b.dtsi
arch/powerpc/boot/dts/o2d.dts
arch/powerpc/boot/dts/o2d.dtsi
arch/powerpc/boot/dts/o2dnt2.dts
arch/powerpc/boot/dts/o3dnt.dts
arch/powerpc/boot/dts/pcm032.dts
arch/powerpc/boot/dts/tqm5200.dts
* scsi: target: Fix alua_tg_pt_gps_count tracking
drivers/target/target_core_alua.c
* scsi: target: Fix ordered tag handling
drivers/target/target_core_device.c
drivers/target/target_core_internal.h
drivers/target/target_core_transport.c
include/target/target_core_base.h
* MIPS: sni: Fix the build
arch/mips/sni/time.c
* tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
drivers/tty/tty_buffer.c
* usb: host: ohci-tmio: check return value after calling platform_get_resource()
drivers/usb/host/ohci-tmio.c
* ARM: dts: omap: fix gpmc,mux-add-data type
arch/arm/boot/dts/omap-gpmc-smsc9221.dtsi
arch/arm/boot/dts/omap3-overo-tobiduo-common.dtsi
* scsi: advansys: Fix kernel pointer leak
drivers/scsi/advansys.c
* usb: musb: tusb6010: check return value after calling platform_get_resource()
drivers/usb/musb/tusb6010.c
* scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()
drivers/scsi/lpfc/lpfc_sli.c
* PCI/MSI: Destroy sysfs before freeing entries
drivers/pci/msi.c
* parisc/entry: fix trace test in syscall exit path
arch/parisc/kernel/entry.S
* net: mdio-mux: fix unbalanced put_device
drivers/net/phy/mdio-mux.c
* PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros
include/uapi/linux/pci_regs.h
* mm, oom: do not trigger out_of_memory from the #PF
mm/oom_kill.c
* mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks
mm/oom_kill.c
* powerpc/bpf: Fix BPF_SUB when imm == 0x80000000
arch/powerpc/net/bpf_jit_comp64.c
* powerpc/bpf: Validate branch ranges
arch/powerpc/net/bpf_jit.h
arch/powerpc/net/bpf_jit_comp64.c
* ARM: 9156/1: drop cc-option fallbacks for architecture selection
arch/arm/Makefile
* USB: chipidea: fix interrupt deadlock
drivers/usb/chipidea/core.c
* vsock: prevent unnecessary refcnt inc for nonblocking connect
net/vmw_vsock/af_vsock.c
* nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails
drivers/nfc/pn533/pn533.c
* llc: fix out-of-bound array index in llc_sk_dev_hash()
include/net/llc.h
* mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and zs_unregister_migration()
mm/zsmalloc.c
* bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed
drivers/net/bonding/bond_sysfs_slave.c
* ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses
drivers/acpi/pmic/intel_pmic.c
* net: davinci_emac: Fix interrupt pacing disable
drivers/net/ethernet/ti/davinci_emac.c
* xen-pciback: Fix return in pm_ctrl_init()
drivers/xen/xen-pciback/conf_space_capability.c
* i2c: xlr: Fix a resource leak in the error handling path of 'xlr_i2c_probe()'
drivers/i2c/busses/i2c-xlr.c
* scsi: qla2xxx: Turn off target reset during issue_lip
drivers/scsi/qla2xxx/qla_gbl.h
drivers/scsi/qla2xxx/qla_mr.c
drivers/scsi/qla2xxx/qla_os.c
* watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT
drivers/watchdog/f71808e_wdt.c
* m68k: set a default value for MEMORY_RESERVE
arch/m68k/Kconfig.machine
* dmaengine: dmaengine_desc_callback_valid(): Check for `callback_result`
drivers/dma/dmaengine.h
* netfilter: nfnetlink_queue: fix OOB when mac header was cleared
net/netfilter/nfnetlink_queue.c
* auxdisplay: img-ascii-lcd: Fix lock-up when displaying empty string
drivers/auxdisplay/img-ascii-lcd.c
* dmaengine: at_xdmac: fix AT_XDMAC_CC_PERID() macro
drivers/dma/at_xdmac.c
* mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare()
drivers/mtd/spi-nor/hisi-sfc.c
* fs: orangefs: fix error return code of orangefs_revalidate_lookup()
fs/orangefs/dcache.c
* PCI: aardvark: Don't spam about PIO Response Status
drivers/pci/host/pci-aardvark.c
* drm/plane-helper: fix uninitialized variable reference
drivers/gpu/drm/drm_plane_helper.c
* pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds
fs/nfs/flexfilelayout/flexfilelayoutdev.c
fs/nfs/pnfs_nfs.c
* power: supply: bq27xxx: Fix kernel crash on IRQ handler register error
drivers/power/supply/bq27xxx_battery_i2c.c
* serial: xilinx_uartps: Fix race condition causing stuck TX
drivers/tty/serial/xilinx_uartps.c
* RDMA/mlx4: Return missed an error if device doesn't support steering
drivers/infiniband/hw/mlx4/qp.c
* scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn()
drivers/scsi/csiostor/csio_lnode.c
* power: supply: rt5033_battery: Change voltage values to µV
drivers/power/supply/rt5033_battery.c
* usb: gadget: hid: fix error code in do_config()
drivers/usb/gadget/legacy/hid.c
* serial: 8250_dw: Drop wrong use of ACPI_PTR()
drivers/tty/serial/8250/8250_dw.c
* video: fbdev: chipsfb: use memset_io() instead of memset()
drivers/video/fbdev/chipsfb.c
* memory: fsl_ifc: fix leak of irq and nand_irq in fsl_ifc_ctrl_probe
drivers/memory/fsl_ifc.c
* soc/tegra: Fix an error handling path in tegra_powergate_power_up()
drivers/soc/tegra/pmc.c
* arm: dts: omap3-gta04a4: accelerometer irq fix
arch/arm/boot/dts/omap3-gta04.dtsi
* JFS: fix memleak in jfs_mount
fs/jfs/jfs_mount.c
* MIPS: loongson64: make CPU_LOONGSON64 depends on MIPS_FP_SUPPORT
arch/mips/Kconfig
* scsi: dc395: Fix error case unwinding
drivers/scsi/dc395x.c
* ARM: s3c: irq-s3c24xx: Fix return value check for s3c24xx_init_intc()
drivers/irqchip/irq-s3c24xx.c
* RDMA/rxe: Fix wrong port_cap_flags
drivers/infiniband/sw/rxe/rxe_param.h
* crypto: pcrypt - Delay write to padata->info
crypto/pcrypt.c
* libertas: Fix possible memory leak in probe and disconnect
drivers/net/wireless/marvell/libertas/if_usb.c
* libertas_tf: Fix possible memory leak in probe and disconnect
drivers/net/wireless/marvell/libertas_tf/if_usb.c
* samples/kretprobes: Fix return value if register_kretprobe() failed
samples/kprobes/kretprobe_example.c
* irq: mips: avoid nested irq_enter()
drivers/irqchip/irq-bcm6345-l1.c
* s390/gmap: don't unconditionally call pte_unmap_unlock() in __gmap_zap()
arch/s390/mm/gmap.c
* smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi
security/smack/smackfs.c
* phy: micrel: ksz8041nl: do not use power down mode
drivers/net/phy/micrel.c
* mwifiex: Send DELBA requests according to spec
drivers/net/wireless/marvell/mwifiex/11n.c
* platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning
drivers/platform/x86/thinkpad_acpi.c
* mmc: mxs-mmc: disable regulator on error and in the remove function
drivers/mmc/host/mxs-mmc.c
* net: stream: don't purge sk_error_queue in sk_stream_kill_queues()
net/core/stream.c
* drm/msm: uninitialized variable in msm_gem_import()
drivers/gpu/drm/msm/msm_gem.c
* ath10k: fix max antenna gain unit
drivers/net/wireless/ath/ath10k/mac.c
drivers/net/wireless/ath/ath10k/wmi.h
* hwmon: Fix possible memleak in __hwmon_device_register()
drivers/hwmon/hwmon.c
* memstick: jmb38x_ms: use appropriate free function in jmb38x_ms_alloc_host()
drivers/memstick/host/jmb38x_ms.c
* memstick: avoid out-of-range warning
drivers/memstick/core/ms_block.c
* b43: fix a lower bounds test
drivers/net/wireless/broadcom/b43/phy_g.c
* b43legacy: fix a lower bounds test
drivers/net/wireless/broadcom/b43legacy/radio.c
* crypto: qat - disregard spurious PFVF interrupts
drivers/crypto/qat/qat_common/adf_pf2vf_msg.c
drivers/crypto/qat/qat_common/adf_vf_isr.c
* crypto: qat - detect PFVF collision after ACK
drivers/crypto/qat/qat_common/adf_pf2vf_msg.c
* ath9k: Fix potential interrupt storm on queue reset
drivers/net/wireless/ath/ath9k/main.c
* cpuidle: Fix kobject memory leaks in error paths
drivers/cpuidle/sysfs.c
* media: si470x: Avoid card name truncation
drivers/media/radio/si470x/radio-si470x-i2c.c
drivers/media/radio/si470x/radio-si470x-usb.c
* media: mtk-vpu: Fix a resource leak in the error handling path of 'mtk_vpu_probe()'
drivers/media/platform/mtk-vpu/mtk_vpu.c
* media: dvb-usb: fix ununit-value in az6027_rc_query
drivers/media/usb/dvb-usb/az6027.c
* cgroup: Make rebind_subsystems() disable v2 controllers all at once
kernel/cgroup.c
* parisc/kgdb: add kgdb_roundup() to make kgdb work with idle polling
arch/parisc/kernel/smp.c
* parisc: fix warning in flush_tlb_all
arch/parisc/mm/init.c
* spi: bcm-qspi: Fix missing clk_disable_unprepare() on error in bcm_qspi_probe()
drivers/spi/spi-bcm-qspi.c
* ARM: 9136/1: ARMv7-M uses BE-8, not BE-32
arch/arm/mm/Kconfig
* ARM: clang: Do not rely on lr register for stacktrace
arch/arm/kernel/stacktrace.c
* smackfs: use __GFP_NOFAIL for smk_cipso_doi()
security/smack/smackfs.c
* iwlwifi: mvm: disable RX-diversity in powersave
drivers/net/wireless/intel/iwlwifi/mvm/utils.c
* PM: hibernate: Get block device exclusively in swsusp_check()
kernel/power/swap.c
* mwl8k: Fix use-after-free in mwl8k_fw_state_machine()
drivers/net/wireless/marvell/mwl8k.c
* tracing/cfi: Fix cmp_entries_* functions signature mismatch
kernel/trace/tracing_map.c
* lib/xz: Validate the value before assigning it to an enum variable
lib/xz/xz_dec_stream.c
* lib/xz: Avoid overlapping memcpy() with invalid input with in-place decompression
lib/decompress_unxz.c
lib/xz/xz_dec_lzma2.c
* memstick: r592: Fix a UAF bug when removing the driver
drivers/memstick/host/r592.c
* ACPI: battery: Accept charges over the design capacity as full
drivers/acpi/battery.c
* ath: dfs_pattern_detector: Fix possible null-pointer dereference in channel_detector_create()
drivers/net/wireless/ath/dfs_pattern_detector.c
* tracefs: Have tracefs directories not set OTH permission bits by default
fs/tracefs/inode.c
* media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte()
drivers/media/usb/dvb-usb/dibusb-common.c
* ACPICA: Avoid evaluating methods too early during system resume
drivers/acpi/acpica/acglobal.h
drivers/acpi/acpica/hwesleep.c
drivers/acpi/acpica/hwsleep.c
drivers/acpi/acpica/hwxfsleep.c
* ia64: don't do IA64_CMPXCHG_DEBUG without CONFIG_PRINTK
arch/ia64/Kconfig.debug
* media: mceusb: return without resubmitting URB in case of -EPROTO error.
drivers/media/rc/mceusb.c
* media: s5p-mfc: fix possible null-pointer dereference in s5p_mfc_probe()
drivers/media/platform/s5p-mfc/s5p_mfc.c
* media: uvcvideo: Set capability in s_param
drivers/media/usb/uvc/uvc_v4l2.c
* media: netup_unidvb: handle interrupt properly according to the firmware
drivers/media/pci/netup_unidvb/netup_unidvb_core.c
* media: mt9p031: Fix corrupted frame after restarting stream
drivers/media/i2c/mt9p031.c
* x86: Increase exception stack sizes
arch/x86/include/asm/page_64_types.h
* smackfs: Fix use-after-free in netlbl_catmap_walk()
security/smack/smackfs.c
* locking/lockdep: Avoid RCU-induced noinstr fail
kernel/locking/lockdep.c
* MIPS: lantiq: dma: reset correct number of channel
arch/mips/lantiq/xway/dma.c
* MIPS: lantiq: dma: add small delay after reset
arch/mips/lantiq/xway/dma.c
* platform/x86: wmi: do not fail if disabling fails
drivers/platform/x86/wmi.c
* Bluetooth: fix use-after-free error in lock_sock_nested()
net/bluetooth/l2cap_sock.c
* Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()
net/bluetooth/sco.c
* USB: iowarrior: fix control-message timeouts
drivers/usb/misc/iowarrior.c
* USB: serial: keyspan: fix memleak on probe errors
drivers/usb/serial/keyspan.c
* iio: dac: ad5446: Fix ad5622_write() return value
drivers/iio/dac/ad5446.c
* quota: correct error number in free_dqentry()
fs/quota/quota_tree.c
* quota: check block number when reading the block in quota file
fs/quota/quota_tree.c
* PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG
drivers/pci/host/pci-aardvark.c
* ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume
sound/core/oss/mixer_oss.c
* ALSA: mixer: oss: Fix racy access to slots
sound/core/oss/mixer_oss.c
* serial: core: Fix initializing and restoring termios speed
drivers/tty/serial/serial_core.c
include/linux/console.h
* powerpc/85xx: Fix oops when mpc85xx_smp_guts_ids node cannot be found
arch/powerpc/platforms/85xx/mpc85xx_pm_ops.c
* power: supply: max17042_battery: use VFSOC for capacity when no rsns
drivers/power/supply/max17042_battery.c
* power: supply: max17042_battery: Prevent int underflow in set_soc_threshold
drivers/power/supply/max17042_battery.c
* signal/mips: Update (_save|_restore)_fp_context to fail with -EFAULT
arch/mips/kernel/r2300_fpu.S
arch/mips/kernel/syscall.c
* signal: Remove the bogus sigkill_pending in ptrace_stop
kernel/signal.c
* RDMA/qedr: Fix NULL deref for query_qp on the GSI QP
drivers/infiniband/hw/qedr/verbs.c
* wcn36xx: handle connection loss indication
drivers/net/wireless/ath/wcn36xx/smd.c
* mwifiex: Read a PCI register after writing the TX ring write pointer
drivers/net/wireless/marvell/mwifiex/pcie.c
* wcn36xx: Fix HT40 capability for 2Ghz band
drivers/net/wireless/ath/wcn36xx/main.c
* evm: mark evm_fixmode as __ro_after_init
security/integrity/evm/evm_main.c
* rtl8187: fix control-message timeouts
drivers/net/wireless/realtek/rtl818x/rtl8187/rtl8225.c
* PCI: Mark Atheros QCA6174 to avoid bus reset
drivers/pci/quirks.c
* ath6kl: fix control-message timeout
drivers/net/wireless/ath/ath6kl/usb.c
* ath6kl: fix division by zero in send path
drivers/net/wireless/ath/ath6kl/usb.c
* mwifiex: fix division by zero in fw download path
drivers/net/wireless/marvell/mwifiex/usb.c
* EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell
drivers/edac/sb_edac.c
* regulator: dt-bindings: samsung,s5m8767: correct s5m8767,pmic-buck-default-dvs-idx property
Documentation/devicetree/bindings/regulator/samsung,s5m8767.txt
* regulator: s5m8767: do not use reset value as DVS voltage if GPIO DVS is disabled
Documentation/devicetree/bindings/regulator/samsung,s5m8767.txt
drivers/regulator/s5m8767.c
* hwmon: (pmbus/lm25066) Add offset coefficients
drivers/hwmon/pmbus/lm25066.c
* btrfs: fix lost error handling when replaying directory deletes
fs/btrfs/tree-log.c
* vmxnet3: do not stop tx queues after netif_device_detach()
drivers/net/vmxnet3/vmxnet3_drv.c
* watchdog: Fix OMAP watchdog early handling
drivers/watchdog/omap_wdt.c
* spi: spl022: fix Microwire full duplex mode
drivers/spi/spi-pl022.c
* xen/netfront: stop tx queues during live migration
drivers/net/xen-netfront.c
* bpf: Prevent increasing bpf_jit_limit above max
include/linux/filter.h
kernel/bpf/core.c
net/core/sysctl_net_core.c
* mmc: winbond: don't build on M68K
drivers/mmc/host/Kconfig
* hyperv/vmbus: include linux/bitops.h
drivers/hv/hyperv_vmbus.h
* sfc: Don't use netif_info before net_device setup
drivers/net/ethernet/sfc/ptp.c
drivers/net/ethernet/sfc/siena_sriov.c
* x86/irq: Ensure PI wakeup handler is unregistered before module unload
arch/x86/kernel/irq.c
* ALSA: timer: Unconditionally unlink slave instances, too
sound/core/timer.c
* ALSA: timer: Fix use-after-free problem
sound/core/timer.c
* ALSA: synth: missing check for possible NULL after the call to kstrdup
sound/synth/emux/emux.c
* ALSA: line6: fix control and interrupt message timeouts
sound/usb/line6/driver.c
sound/usb/line6/driver.h
sound/usb/line6/podhd.c
sound/usb/line6/toneport.c
* ALSA: 6fire: fix control and bulk message timeouts
sound/usb/6fire/comm.c
sound/usb/6fire/firmware.c
* ALSA: ua101: fix division by zero at probe
sound/usb/misc/ua101.c
* media: ite-cir: IR receiver stop working after receive overflow
drivers/media/rc/ite-cir.c
* parisc: Fix ptrace check on syscall return
arch/parisc/kernel/entry.S
* mmc: dw_mmc: Dont wait for DRTO on Write RSP error
drivers/mmc/host/dw_mmc.c
* ocfs2: fix data corruption on truncate
fs/ocfs2/file.c
* libata: fix read log timeout value
drivers/ata/libata-eh.c
include/linux/libata.h
* Input: i8042 - Add quirk for Fujitsu Lifebook T725
drivers/input/serio/i8042-x86ia64io.h
* Input: elantench - fix misreporting trackpoint coordinates
drivers/input/mouse/elantech.c
* xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good delay
drivers/usb/host/xhci-hub.c
* binder: use cred instead of task for selinux checks
drivers/android/binder.c
include/linux/lsm_hooks.h
include/linux/security.h
security/security.c
security/selinux/hooks.c
* binder: use euid from cred instead of using task
drivers/android/binder.c
* ANDROID: arm64: process: Match upstream formatting when dumping memory areas
arch/arm64/kernel/process.c
* FROMGIT: binder: fix test regression due to sender_euid change
drivers/android/binder.c
* BACKPORT: binder: use cred instead of task for selinux checks
drivers/android/binder.c
include/linux/lsm_hooks.h
include/linux/security.h
security/security.c
security/selinux/hooks.c
* UPSTREAM: binder: use euid from cred instead of using task
drivers/android/binder.c
Merge 4.9.290 into android-4.9-q
Linux 4.9.290
* rsi: fix control-message timeout
drivers/net/wireless/rsi/rsi_91x_usb.c
* staging: rtl8192u: fix control-message timeouts
drivers/staging/rtl8192u/r8192U_core.c
* staging: r8712u: fix control-message timeout
drivers/staging/rtl8712/usb_ops_linux.c
* comedi: vmk80xx: fix bulk and interrupt message timeouts
drivers/staging/comedi/drivers/vmk80xx.c
* comedi: vmk80xx: fix bulk-buffer overflow
drivers/staging/comedi/drivers/vmk80xx.c
* comedi: vmk80xx: fix transfer-buffer overflows
drivers/staging/comedi/drivers/vmk80xx.c
* comedi: ni_usb6501: fix NULL-deref in command paths
drivers/staging/comedi/drivers/ni_usb6501.c
* comedi: dt9812: fix DMA buffers on stack
drivers/staging/comedi/drivers/dt9812.c
* isofs: Fix out of bound access for corrupted isofs image
fs/isofs/inode.c
* printk/console: Allow to disable console output by using console="" or console=null
kernel/printk/printk.c
* usb-storage: Add compatibility quirk flags for iODD 2531/2541
drivers/usb/storage/unusual_devs.h
* usb: musb: Balance list entry in musb_gadget_queue
drivers/usb/musb/musb_gadget.c
* usb: gadget: Mark USB_FSL_QE broken on 64-bit
drivers/usb/gadget/udc/Kconfig
* IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields
drivers/infiniband/hw/qib/qib_user_sdma.c
* IB/qib: Use struct_size() helper
drivers/infiniband/hw/qib/qib_user_sdma.c
* Revert "x86/kvm: fix vcpu-id indexed array sizes"
arch/x86/kvm/ioapic.c
arch/x86/kvm/ioapic.h
* usb: hso: fix error handling code of hso_create_net_device
drivers/net/usb/hso.c
* net: hso: register netdev later to avoid a race condition
drivers/net/usb/hso.c
* ARM: 9120/1: Revert "amba: make use of -1 IRQs warn"
drivers/amba/bus.c
* arch: pgtable: define MAX_POSSIBLE_PHYSMEM_BITS where needed
arch/arc/include/asm/pgtable.h
arch/arm/include/asm/pgtable-2level.h
arch/arm/include/asm/pgtable-3level.h
arch/mips/include/asm/pgtable-32.h
arch/powerpc/include/asm/pte-common.h
include/asm-generic/pgtable.h
* mm/zsmalloc: Prepare to variable MAX_PHYSMEM_BITS
arch/x86/include/asm/pgtable-3level_types.h
mm/zsmalloc.c
* scsi: core: Put LLD module refcnt after SCSI device is released
drivers/scsi/scsi.c
drivers/scsi/scsi_sysfs.c
* UPSTREAM: security: selinux: allow per-file labeling for bpffs
security/selinux/hooks.c
Bug: 210364486
Change-Id: Ia31d19943f4638a9b2ac8122a4c8728a56e8aa0a
Signed-off-by: JohnnLee <johnnlee@google.com>
|
||
|
Peter Zijlstra
|
dd339667a3 |
locking/lockdep: Avoid RCU-induced noinstr fail
[ Upstream commit ce0b9c805dd66d5e49fd53ec5415ae398f4c56e6 ] vmlinux.o: warning: objtool: look_up_lock_class()+0xc7: call to rcu_read_lock_any_held() leaves .noinstr.text section Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Link: https://lore.kernel.org/r/20210624095148.311980536@infradead.org Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Lucas Wei
|
a7836adcc8 |
Merge android-4.9-q (4.9.264) into android-msm-pixel-4.9-lts
Merge 4.9.264 into android-4.9-q
Linux 4.9.264
xen-blkback: don't leak persistent grants from xen_blkbk_map()
mac80211: fix double free in ibss_leave
net: qrtr: fix a kernel-infoleak in qrtr_recvmsg()
net: sched: validate stab values
* can: dev: Move device back to init netns on owning netns delete
include/net/rtnetlink.h
net/core/dev.c
* futex: Handle transient "ownerless" rtmutex state correctly
kernel/futex.c
* futex: Fix incorrect should_fail_futex() handling
kernel/futex.c
* futex: Prevent robust futex exit race
kernel/futex.c
* arm64: futex: Bound number of LDXR/STXR loops in FUTEX_WAKE_OP
arch/arm64/include/asm/futex.h
* locking/futex: Allow low-level atomic operations to return -EAGAIN
kernel/futex.c
* futex: Fix (possible) missed wakeup
kernel/futex.c
* futex: Handle early deadlock return correctly
kernel/futex.c
kernel/locking/rtmutex.c
* futex,rt_mutex: Fix rt_mutex_cleanup_proxy_lock()
kernel/locking/rtmutex.c
* futex: Avoid freeing an active timer
kernel/futex.c
* futex: Drop hb->lock before enqueueing on the rtmutex
kernel/futex.c
kernel/locking/rtmutex.c
kernel/locking/rtmutex_common.h
* futex: Rework futex_lock_pi() to use rt_mutex_*_proxy_lock()
kernel/futex.c
kernel/locking/rtmutex.c
kernel/locking/rtmutex_common.h
* futex,rt_mutex: Introduce rt_mutex_init_waiter()
kernel/futex.c
kernel/locking/rtmutex.c
kernel/locking/rtmutex_common.h
* futex: Use smp_store_release() in mark_wake_futex()
kernel/futex.c
* idr: add ida_is_empty
drivers/usb/gadget/function/f_hid.c
include/linux/idr.h
perf auxtrace: Fix auxtrace queue conflict
ACPI: scan: Use unique number for instance_no
ACPI: scan: Rearrange memory allocation in acpi_device_add()
RDMA/cxgb4: Fix adapter LE hash errors while destroying ipv6 listening server
net: cdc-phonet: fix data-interface release on probe failure
mac80211: fix rate mask reset
can: m_can: m_can_do_rx_poll(): fix extraneous msg loss warning
can: c_can: move runtime PM enable/disable to c_can_platform
can: c_can_pci: c_can_pci_remove(): fix use-after-free
net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template
e1000e: Fix error handling in e1000_set_d0_lplu_state_82571
e1000e: add rtnl_lock() to e1000_reset_task
net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port
* macvlan: macvlan_count_rx() needs to be aware of preemption
include/linux/if_macvlan.h
bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD
arm64: dts: ls1043a: mark crypto engine dma coherent
squashfs: fix xattr id and id lookup sanity checks
* squashfs: fix inode lookup sanity checks
fs/squashfs/squashfs_fs.h
x86/tlb: Flush global mappings when KAISER is disabled
ia64: fix ptrace(PTRACE_SYSCALL_INFO_EXIT) sign
ia64: fix ia64_syscall_get_set_arguments() for break-based syscalls
nfs: we don't support removing system.nfs4_acl
* u64_stats,lockdep: Fix u64_stats_init() vs lockdep
include/linux/u64_stats_sync.h
atm: idt77252: fix null-ptr-dereference
atm: uPD98402: fix incorrect allocation
net: wan: fix error return code of uhdlc_init()
NFS: Correct size calculation for create reply length
* nfs: fix PNFS_FLEXFILE_LAYOUT Kconfig default
fs/nfs/Kconfig
sun/niu: fix wrong RXMAC_BC_FRM_CNT_COUNT count
net: tehuti: fix error return code in bdx_probe()
ixgbe: Fix memleak in ixgbe_configure_clsu32
atm: lanai: dont run lanai_dev_close if not open
atm: eni: dont release is never initialized
powerpc/4xx: Fix build errors from mfdcr()
net: fec: ptp: avoid register access when ipg clock is disabled
ANDROID: Make vsock virtio packet buff size configurable
Merge 4.9.263 into android-4.9-q
Linux 4.9.263
* genirq: Disable interrupts for force threaded handlers
kernel/irq/manage.c
* ext4: fix potential error in ext4_do_update_inode
fs/ext4/inode.c
* ext4: find old entry again if failed to rename whiteout
fs/ext4/namei.c
x86: Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall()
x86: Move TS_COMPAT back to asm/thread_info.h
* kernel, fs: Introduce and use set_restart_fn() and arch_set_restart_data()
fs/select.c
include/linux/thread_info.h
kernel/futex.c
kernel/time/alarmtimer.c
kernel/time/hrtimer.c
kernel/time/posix-cpu-timers.c
x86/ioapic: Ignore IRQ2 again
perf/x86/intel: Fix a crash caused by zero PEBS status
PCI: rpadlpar: Fix potential drc_name corruption in store functions
iio: adis16400: Fix an error code in adis16400_initial_setup()
* usb: gadget: configfs: Fix KASAN use-after-free
drivers/usb/gadget/configfs.c
* USB: replace hardcode maximum usb string length by definition
drivers/usb/gadget/composite.c
drivers/usb/gadget/configfs.c
drivers/usb/gadget/usbstring.c
include/uapi/linux/usb/ch9.h
scsi: lpfc: Fix some error codes in debugfs
net/qrtr: fix __netdev_alloc_skb call
sunrpc: fix refcount leak for rpc auth modules
svcrdma: disable timeouts on rdma backchannel
NFSD: Repair misuse of sv_lock in 5.10.16-rt30.
nvmet: don't check iosqes,iocqes for discovery controllers
btrfs: fix race when cloning extent buffer during rewind of an old root
ixgbe: prevent ptp_rx_hang from running when in FILTER_ALL mode
ixgbe: check for Tx timestamp timeouts during watchdog
net: dsa: b53: Support setting learning on port
* ext4: check journal inode extents more carefully
fs/ext4/block_validity.c
fs/ext4/ext4.h
fs/ext4/extents.c
fs/ext4/indirect.c
fs/ext4/inode.c
fs/ext4/mballoc.c
* ext4: don't allow overlapping system zones
fs/ext4/block_validity.c
* ext4: handle error of ext4_setup_system_zone() on remount
fs/ext4/super.c
Merge 4.9.262 into android-4.9-q
* FROMGIT: configfs: fix a use-after-free in __configfs_open_file
fs/configfs/file.c
Linux 4.9.262
xen/events: avoid handling the same event on two cpus at the same time
xen/events: don't unmask an event channel when an eoi is pending
xen/events: reset affinity of 2-level event when tearing it down
iio: imu: adis16400: fix memory leak
iio: imu: adis16400: release allocated memory on failure
KVM: arm64: Fix exclusive limit for IPA size
hwmon: (lm90) Fix max6658 sporadic wrong temperature reading
binfmt_misc: fix possible deadlock in bm_register_write
powerpc/64s: Fix instruction encoding for lis in ppc_function_entry()
alpha: switch __copy_user() and __do_clean_user() to normal calling conventions
alpha: Package string routines together
alpha: make short build log available for division routines
alpha: merge build rules of division routines
alpha: add $(src)/ rather than $(obj)/ to make source file path
* configfs: fix a use-after-free in __configfs_open_file
fs/configfs/file.c
block: rsxx: fix error return code of rsxx_pci_probe()
NFSv4.2: fix return value of _nfs4_get_security_label()
sh_eth: fix TRSCER mask for R7S72100
staging: comedi: pcl818: Fix endian problem for AI command data
staging: comedi: pcl711: Fix endian problem for AI command data
staging: comedi: me4000: Fix endian problem for AI command data
staging: comedi: dmm32at: Fix endian problem for AI command data
staging: comedi: das800: Fix endian problem for AI command data
staging: comedi: das6402: Fix endian problem for AI command data
staging: comedi: adv_pci1710: Fix endian problem for AI command data
staging: comedi: addi_apci_1500: Fix endian problem for command sample
staging: comedi: addi_apci_1032: Fix endian problem for COS sample
staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan
staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd
staging: ks7010: prevent buffer overflow in ks_wlan_set_scan()
staging: rtl8188eu: fix potential memory corruption in rtw_check_beacon_data()
staging: rtl8712: unterminated string leads to read overflow
staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()
staging: rtl8192u: fix ->ssid overflow in r8192_wx_set_scan()
usbip: fix vhci_hcd attach_store() races leading to gpf
usbip: fix stub_dev usbip_sockfd_store() races leading to gpf
usbip: fix vudc to check for stream socket
usbip: fix vhci_hcd to check for stream socket
usbip: fix stub_dev to check for stream socket
USB: serial: cp210x: add some more GE USB IDs
USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter
USB: serial: ch341: add new Product ID
USB: serial: io_edgeport: fix memory leak in edge_startup
* xhci: Improve detection of device initiated wake signal.
drivers/usb/host/xhci.c
usb: renesas_usbhs: Clear PIPECFG for re-enabling pipe with other EPNUM
usb: gadget: f_uac2: always increase endpoint max_packet_size by one audio slot
Goodix Fingerprint device is not a modem
scripts/recordmcount.{c,pl}: support -ffunction-sections .text.* section names
* mmc: core: Fix partition switch time for eMMC
drivers/mmc/core/mmc.c
s390/dasd: fix hanging DASD driver unbind
* ALSA: usb-audio: Fix "cannot get freq eq" errors on Dell AE515 sound bar
sound/usb/quirks.c
ALSA: hda: Avoid spurious unsol event handling during S3/S4
ALSA: hda/hdmi: Cancel pending works before suspend
scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling
s390/smp: __smp_rescan_cpus() - move cpumask away from stack
PCI: xgene-msi: Fix race in installing chained irq handler
powerpc/perf: Record counter overflow always if SAMPLE_IP is unset
mmc: mediatek: fix race condition between msdc_request_timeout and irq
mmc: mxs-mmc: Fix a resource leak in an error handling path in 'mxs_mmc_probe()'
udf: fix silent AED tagLocation corruption
media: usbtv: Fix deadlock on suspend
net: davicom: Fix regulator not turned off on driver removal
net: davicom: Fix regulator not turned off on failed probe
net: lapbether: Remove netif_start_queue / netif_stop_queue
* net: sched: avoid duplicates in classes dump
net/sched/sch_api.c
net/mlx4_en: update moderation when config reset
* Revert "mm, slub: consider rest of partial list if acquire_slab() fails"
mm/slub.c
cifs: return proper error code in statfs(2)
* netfilter: x_tables: gpf inside xt_find_revision()
net/netfilter/x_tables.c
can: flexcan: enable RX FIFO after FRZ/HALT valid
can: flexcan: assert FRZ bit in flexcan_chip_freeze()
can: skb: can_skb_set_owner(): fix ref counting if socket was closed before setting skb ownership
net: avoid infinite loop in mpls_gso_segment when mpls_hlen == 0
* net: Fix gro aggregation for udp encaps with zero csum
net/ipv4/udp_offload.c
ath9k: fix transmitting to stations in dynamic SMPS mode
ethernet: alx: fix order of calls on resume
uapi: nfnetlink_cthelper.h: fix userspace compilation error
Merge 4.9.261 into android-4.9-q
Linux 4.9.261
misc: eeprom_93xx46: Add quirk to support Microchip 93LC46B eeprom
* PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller
drivers/pci/quirks.c
platform/x86: acer-wmi: Add new force_caps module parameter
iommu/amd: Fix sleeping in atomic in increase_address_space()
* dm table: fix DAX iterate_devices based device capability checks
drivers/md/dm-table.c
* dm table: fix iterate_devices based device capability checks
drivers/md/dm-table.c
rsxx: Return -EFAULT if copy_to_user() fails
ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits
usbip: tools: fix build error for multiple definition
btrfs: fix raid6 qstripe kmap
btrfs: raid56: simplify tracking of Q stripe presence
Merge 4.9.260 into android-4.9-q
Linux 4.9.260
* media: v4l: ioctl: Fix memory leak in video_usercopy
drivers/media/v4l2-core/v4l2-ioctl.c
* swap: fix swapfile read/write offset
mm/page_io.c
mm/swapfile.c
* zsmalloc: account the number of compacted pages correctly
drivers/block/zram/zram_drv.c
include/linux/zsmalloc.h
mm/zsmalloc.c
xen-netback: respect gnttab_map_refs()'s return value
Xen/gnttab: handle p2m update errors on a per-slot basis
scsi: iscsi: Verify lengths on passthrough PDUs
scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE
* sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
fs/sysfs/file.c
include/linux/sysfs.h
scsi: iscsi: Restrict sessions and handles to admin capabilities
media: uvcvideo: Allow entities with no pads
staging: most: sound: add sanity check for function argument
* Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data
net/bluetooth/amp.c
x86/build: Treat R_386_PLT32 relocation as R_386_PC32
ath10k: fix wmi mgmt tx queue full due to race condition
pktgen: fix misuse of BUG_ON() in pktgen_thread_worker()
wlcore: Fix command execute failure 19 for wl12xx
* vt/consolemap: do font sum unsigned
drivers/tty/vt/consolemap.c
x86/reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk
staging: fwserial: Fix error handling in fwserial_create
mm/hugetlb.c: fix unnecessary address expansion of pmd sharing
* net: fix up truesize of cloned skb in skb_prepare_for_shift()
net/core/skbuff.c
* smackfs: restrict bytes count in smackfs write functions
security/smack/smackfs.c
xfs: Fix assert failure in xfs_setattr_size()
JFS: more checks for invalid superblock
* arm64: Use correct ll/sc atomic constraints
arch/arm64/include/asm/atomic_ll_sc.h
* arm64: cmpxchg: Use "K" instead of "L" for ll/sc immediate constraint
arch/arm64/include/asm/atomic_ll_sc.h
* arm64: Avoid redundant type conversions in xchg() and cmpxchg()
arch/arm64/include/asm/atomic_ll_sc.h
arch/arm64/include/asm/cmpxchg.h
* arm64: Remove redundant mov from LL/SC cmpxchg
arch/arm64/include/asm/atomic_ll_sc.h
printk: fix deadlock when kernel panic
hugetlb: fix update_and_free_page contig page struct assumption
* scripts: set proper OpenSSL include dir also for sign-file
scripts/Makefile
* scripts: use pkg-config to locate libcrypto
scripts/Makefile
arm: kprobes: Allow to handle reentered kprobe on single-stepping
net: usb: qmi_wwan: support ZTE P685M modem
* futex: Don't enable IRQs unconditionally in put_pi_state()
kernel/futex.c
* futex: Fix more put_pi_state() vs. exit_pi_state_list() races
kernel/futex.c
* futex: Fix pi_state->owner serialization
kernel/futex.c
* futex: Futex_unlock_pi() determinism
kernel/futex.c
* futex: Pull rt_mutex_futex_unlock() out from under hb->lock
kernel/futex.c
* futex: Cleanup refcounting
kernel/futex.c
* futex: Cleanup variable names for futex_top_waiter()
kernel/futex.c
Merge 4.9.259 into android-4.9-q
Linux 4.9.259
dm era: Update in-core bitset after committing the metadata
* net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending
include/linux/icmpv6.h
include/linux/ipv6.h
include/net/icmp.h
net/ipv4/icmp.c
net/ipv6/icmp.c
net/ipv6/ip6_icmp.c
* ipv6: silence compilation warning for non-IPV6 builds
include/linux/icmpv6.h
* ipv6: icmp6: avoid indirect call for icmpv6_send()
include/linux/icmpv6.h
net/ipv6/icmp.c
net/ipv6/ip6_icmp.c
sunvnet: use icmp_ndo_send helper
gtp: use icmp_ndo_send helper
* icmp: allow icmpv6_ndo_send to work with CONFIG_IPV6=n
include/linux/icmpv6.h
* icmp: introduce helper for nat'd source address in network device context
include/linux/icmpv6.h
include/net/icmp.h
net/ipv4/icmp.c
net/ipv6/ip6_icmp.c
* futex: fix dead code in attach_to_pi_owner()
kernel/futex.c
* futex: Fix OWNER_DEAD fixup
kernel/futex.c
dm era: only resize metadata in preresume
dm era: Reinitialize bitset cache before digesting a new writeset
dm era: Use correct value size in equality function of writeset tree
dm era: Fix bitset memory leaks
dm era: Verify the data block size hasn't changed
dm era: Recover committed writeset after crash
gfs2: Don't skip dlm unlock if glock has an lvb
sparc32: fix a user-triggerable oops in clear_user()
* f2fs: fix out-of-repair __setattr_copy()
fs/f2fs/file.c
gpio: pcf857x: Fix missing first interrupt
mmc: sdhci-esdhc-imx: fix kernel panic when remove module
* module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols
kernel/module.c
libnvdimm/dimm: Avoid race between probe and available_slots_show()
usb: renesas_usbhs: Clear pipe running flag in usbhs_pkt_pop()
mm: hugetlb: fix a race between freeing and dissolving the page
mtd: spi-nor: hisi-sfc: Put child node np on error path
floppy: reintroduce O_NDELAY fix
x86/reboot: Force all cpus to exit VMX root if VMX is supported
staging: rtl8188eu: Add Edimax EW-7811UN V2 to device table
drivers/misc/vmw_vmci: restrict too big queue size in qp_host_alloc_queue
* seccomp: Add missing return in non-void function
kernel/seccomp.c
btrfs: fix extent buffer leak on failure to copy root
btrfs: fix reloc root leak with 0 ref reloc roots on recovery
btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root
KEYS: trusted: Fix migratable=1 failing
* usb: dwc3: gadget: Fix dep->interval for fullspeed interrupt
drivers/usb/dwc3/gadget.c
* usb: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1
drivers/usb/dwc3/gadget.c
USB: serial: mos7720: fix error code in mos7720_write()
USB: serial: mos7840: fix error code in mos7840_write()
usb: musb: Fix runtime PM race in musb_queue_resume_work
USB: serial: option: update interface mapping for ZTE P685M
Input: i8042 - add ASUS Zenbook Flip to noselftest list
Input: joydev - prevent potential read overflow in ioctl
* Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox Series X|S
drivers/input/joystick/xpad.c
Input: raydium_ts_i2c - do not send zero length
ACPI: configfs: add missing check after configfs_register_default_group()
* blk-settings: align max_sectors on "logical_block_size" boundary
block/blk-settings.c
* scsi: bnx2fc: Fix Kconfig warning & CNIC build errors
drivers/scsi/bnx2fc/Kconfig
i2c: brcmstb: Fix brcmstd_send_i2c_cmd condition
* arm64: Add missing ISB after invalidating TLB in __primary_switch
arch/arm64/kernel/head.S
mm/hugetlb: fix potential double free in hugetlb_register_node() error path
* mm/memory.c: fix potential pte_unmap_unlock pte error
mm/memory.c
ocfs2: fix a use after free on error
net/mlx4_core: Add missed mlx4_free_cmd_mailbox()
i40e: Fix flow for IPv6 next header (extension header)
drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY)
* PCI: Align checking of syscall user config accessors
drivers/pci/syscall.c
VMCI: Use set_page_dirty_lock() when unregistering guest memory
pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare()
misc: eeprom_93xx46: Add module alias to avoid breaking support for non device tree users
misc: eeprom_93xx46: Fix module alias to enable module autoprobe
sparc64: only select COMPAT_BINFMT_ELF if BINFMT_ELF is set
Input: elo - fix an error code in elo_connect()
perf test: Fix unaligned access in sample parsing test
perf intel-pt: Fix missing CYC processing in PSB
spi: pxa2xx: Fix the controller numbering for Wildcat Point
powerpc/pseries/dlpar: handle ibm, configure-connector delay status
mfd: wm831x-auxadc: Prevent use after free in wm831x_auxadc_read_irq()
RDMA/rxe: Fix coding error in rxe_recv.c
perf tools: Fix DSO filtering when not finding a map for a sampled address
* tracepoint: Do not fail unregistering a probe due to memory failure
kernel/tracepoint.c
* amba: Fix resource leak for drivers without .remove
drivers/amba/bus.c
ARM: 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores
mmc: usdhi6rol0: Fix a resource leak in the error handling path of the probe
powerpc/47x: Disable 256k page size
IB/umad: Return EIO in case of when device disassociated
isofs: release buffer head before return
regulator: axp20x: Fix reference cout leak
clocksource/drivers/mxs_timer: Add missing semicolon when DEBUG is defined
power: reset: at91-sama5d2_shdwc: fix wkupdbc mask
* of/fdt: Make sure no-map does not remove already reserved regions
drivers/of/fdt.c
* fdt: Properly handle "no-map" field in the memory region
drivers/of/fdt.c
dmaengine: fsldma: Fix a resource leak in an error handling path of the probe function
dmaengine: fsldma: Fix a resource leak in the remove function
* HID: core: detect and skip invalid inputs to snto32()
drivers/hid/hid-core.c
spi: cadence-quadspi: Abort read if dummy cycles required are too many
clk: meson: clk-pll: fix initializing the old rate (fallback) for a PLL
jffs2: fix use after free in jffs2_sum_write_data()
fs/jfs: fix potential integer overflow on shift of a int
crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key()
btrfs: clarify error returns values in __load_free_space_cache
ata: ahci_brcm: Add back regulators management
media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values
media: pxa_camera: declare variable when DEBUG is defined
media: cx25821: Fix a bug when reallocating some dma memory
media: qm1d1c0042: fix error return code in qm1d1c0042_init()
media: lmedm04: Fix misuse of comma
ASoC: cs42l56: fix up error handling in probe
media: tm6000: Fix memleak in tm6000_start_stream
media: media/pci: Fix memleak in empress_init
media: vsp1: Fix an error handling path in the probe function
MIPS: lantiq: Explicitly compare LTQ_EBU_PCC_ISTAT against 0
MIPS: c-r4k: Fix section mismatch for loongson2_sc_init
gma500: clean up error handling in init
drm/gma500: Fix error return code in psb_driver_load()
* fbdev: aty: SPARC64 requires FB_ATY_CT
drivers/video/fbdev/Kconfig
b43: N-PHY: Fix the update of coef for the PHY revision >= 3case
mac80211: fix potential overflow when multiplying to u32 integers
xen/netback: fix spurious event detection for common event case
bnxt_en: reverse order of TX disable and carrier off
ARM: s3c: fix fiq for clang IAS
arm64: dts: msm8916: Fix reserved and rfsa nodes unit address
usb: dwc2: Make "trimming xfer length" a debug message
usb: dwc2: Abort transaction after errors with unknown reason
usb: dwc2: Do not update data length if it is 0 on inbound transfers
ARM: dts: Configure missing thermal interrupt for 4430
* Bluetooth: Put HCI device if inquiry procedure interrupts
net/bluetooth/hci_core.c
* Bluetooth: drop HCI device reference before return
net/bluetooth/a2mp.c
arm64: dts: exynos: correct PMIC interrupt trigger level on Espresso
ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale Octa
ARM: dts: exynos: correct PMIC interrupt trigger level on Spring
* Bluetooth: Fix initializing response id after clearing struct
net/bluetooth/a2mp.c
mm, thp: make do_huge_pmd_wp_page() lock page for testing mapcount
* random: fix the RNDRESEEDCRNG ioctl
drivers/char/random.c
MIPS: vmlinux.lds.S: add missing PAGE_ALIGNED_DATA() section
* kdb: Make memory allocations more robust
kernel/debug/kdb/kdb_private.h
scripts/recordmcount.pl: support big endian for ARCH sh
cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath.
NET: usb: qmi_wwan: Adding support for Cinterion MV31
arm64: tegra: Add power-domain for Tegra210 HDA
igb: Remove incorrect "unexpected SYS WRAP" log message
ntfs: check for valid standard information attribute
* usb: quirks: add quirk to start video capture on ELMO L-12F document camera reliable
drivers/usb/core/quirks.c
* HID: make arrays usage and value to be the same
drivers/hid/hid-core.c
Bug: 184596728
Change-Id: I50e867d3e8d2d62938b73e54b8d6e614bb3f2d1b
Signed-off-by: Lucas Wei <lucaswei@google.com>
|
||
|
Thomas Gleixner
|
b4f92d8dec |
futex: Handle early deadlock return correctly
commit 1a1fb985f2e2b85ec0d3dc2e519ee48389ec2434 upstream.
commit 56222b212e8e ("futex: Drop hb->lock before enqueueing on the
rtmutex") changed the locking rules in the futex code so that the hash
bucket lock is not longer held while the waiter is enqueued into the
rtmutex wait list. This made the lock and the unlock path symmetric, but
unfortunately the possible early exit from __rt_mutex_proxy_start() due to
a detected deadlock was not updated accordingly. That allows a concurrent
unlocker to observe inconsitent state which triggers the warning in the
unlock path.
futex_lock_pi() futex_unlock_pi()
lock(hb->lock)
queue(hb_waiter) lock(hb->lock)
lock(rtmutex->wait_lock)
unlock(hb->lock)
// acquired hb->lock
hb_waiter = futex_top_waiter()
lock(rtmutex->wait_lock)
__rt_mutex_proxy_start()
---> fail
remove(rtmutex_waiter);
---> returns -EDEADLOCK
unlock(rtmutex->wait_lock)
// acquired wait_lock
wake_futex_pi()
rt_mutex_next_owner()
--> returns NULL
--> WARN
lock(hb->lock)
unqueue(hb_waiter)
The problem is caused by the remove(rtmutex_waiter) in the failure case of
__rt_mutex_proxy_start() as this lets the unlocker observe a waiter in the
hash bucket but no waiter on the rtmutex, i.e. inconsistent state.
The original commit handles this correctly for the other early return cases
(timeout, signal) by delaying the removal of the rtmutex waiter until the
returning task reacquired the hash bucket lock.
Treat the failure case of __rt_mutex_proxy_start() in the same way and let
the existing cleanup code handle the eventual handover of the rtmutex
gracefully. The regular rt_mutex_proxy_start() gains the rtmutex waiter
removal for the failure case, so that the other callsites are still
operating correctly.
Add proper comments to the code so all these details are fully documented.
Thanks to Peter for helping with the analysis and writing the really
valuable code comments.
Fixes: 56222b212e8e ("futex: Drop hb->lock before enqueueing on the rtmutex")
Reported-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Co-developed-by: Peter Zijlstra <peterz@infradead.org>
Signed-off-by: Peter Zijlstra <peterz@infradead.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Tested-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: linux-s390@vger.kernel.org
Cc: Stefan Liebler <stli@linux.ibm.com>
Cc: Sebastian Sewior <bigeasy@linutronix.de>
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/alpine.DEB.2.21.1901292311410.1950@nanos.tec.linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Peter Zijlstra
|
99f4e930a7 |
futex,rt_mutex: Fix rt_mutex_cleanup_proxy_lock()
commit 04dc1b2fff4e96cb4142227fbdc63c8871ad4ed9 upstream.
Markus reported that the glibc/nptl/tst-robustpi8 test was failing after
commit:
cfafcd117da0 ("futex: Rework futex_lock_pi() to use rt_mutex_*_proxy_lock()")
The following trace shows the problem:
ld-linux-x86-64-2161 [019] .... 410.760971: SyS_futex: 00007ffbeb76b028: 80000875 op=FUTEX_LOCK_PI
ld-linux-x86-64-2161 [019] ...1 410.760972: lock_pi_update_atomic: 00007ffbeb76b028: curval=80000875 uval=80000875 newval=80000875 ret=0
ld-linux-x86-64-2165 [011] .... 410.760978: SyS_futex: 00007ffbeb76b028: 80000875 op=FUTEX_UNLOCK_PI
ld-linux-x86-64-2165 [011] d..1 410.760979: do_futex: 00007ffbeb76b028: curval=80000875 uval=80000875 newval=80000871 ret=0
ld-linux-x86-64-2165 [011] .... 410.760980: SyS_futex: 00007ffbeb76b028: 80000871 ret=0000
ld-linux-x86-64-2161 [019] .... 410.760980: SyS_futex: 00007ffbeb76b028: 80000871 ret=ETIMEDOUT
Task 2165 does an UNLOCK_PI, assigning the lock to the waiter task 2161
which then returns with -ETIMEDOUT. That wrecks the lock state, because now
the owner isn't aware it acquired the lock and removes the pending robust
list entry.
If 2161 is killed, the robust list will not clear out this futex and the
subsequent acquire on this futex will then (correctly) result in -ESRCH
which is unexpected by glibc, triggers an internal assertion and dies.
Task 2161 Task 2165
rt_mutex_wait_proxy_lock()
timeout();
/* T2161 is still queued in the waiter list */
return -ETIMEDOUT;
futex_unlock_pi()
spin_lock(hb->lock);
rtmutex_unlock()
remove_rtmutex_waiter(T2161);
mark_lock_available();
/* Make the next waiter owner of the user space side */
futex_uval = 2161;
spin_unlock(hb->lock);
spin_lock(hb->lock);
rt_mutex_cleanup_proxy_lock()
if (rtmutex_owner() !== current)
...
return FAIL;
....
return -ETIMEOUT;
This means that rt_mutex_cleanup_proxy_lock() needs to call
try_to_take_rt_mutex() so it can take over the rtmutex correctly which was
assigned by the waker. If the rtmutex is owned by some other task then this
call is harmless and just confirmes that the waiter is not able to acquire
it.
While there, fix what looks like a merge error which resulted in
rt_mutex_cleanup_proxy_lock() having two calls to
fixup_rt_mutex_waiters() and rt_mutex_wait_proxy_lock() not having any.
Both should have one, since both potentially touch the waiter list.
Fixes: 38d589f2fd08 ("futex,rt_mutex: Restructure rt_mutex_finish_proxy_lock()")
Reported-by: Markus Trippelsdorf <markus@trippelsdorf.de>
Bug-Spotted-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Florian Weimer <fweimer@redhat.com>
Cc: Darren Hart <dvhart@infradead.org>
Cc: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Cc: Markus Trippelsdorf <markus@trippelsdorf.de>
Link: http://lkml.kernel.org/r/20170519154850.mlomgdsd26drq5j6@hirez.programming.kicks-ass.net
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Peter Zijlstra
|
fc9f98f6e5 |
futex: Drop hb->lock before enqueueing on the rtmutex
commit 56222b212e8edb1cf51f5dd73ff645809b082b40 upstream.
When PREEMPT_RT_FULL does the spinlock -> rt_mutex substitution the PI
chain code will (falsely) report a deadlock and BUG.
The problem is that it hold hb->lock (now an rt_mutex) while doing
task_blocks_on_rt_mutex on the futex's pi_state::rtmutex. This, when
interleaved just right with futex_unlock_pi() leads it to believe to see an
AB-BA deadlock.
Task1 (holds rt_mutex, Task2 (does FUTEX_LOCK_PI)
does FUTEX_UNLOCK_PI)
lock hb->lock
lock rt_mutex (as per start_proxy)
lock hb->lock
Which is a trivial AB-BA.
It is not an actual deadlock, because it won't be holding hb->lock by the
time it actually blocks on the rt_mutex, but the chainwalk code doesn't
know that and it would be a nightmare to handle this gracefully.
To avoid this problem, do the same as in futex_unlock_pi() and drop
hb->lock after acquiring wait_lock. This still fully serializes against
futex_unlock_pi(), since adding to the wait_list does the very same lock
dance, and removing it holds both locks.
Aside of solving the RT problem this makes the lock and unlock mechanism
symetric and reduces the hb->lock held time.
Reported-and-tested-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Suggested-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: juri.lelli@arm.com
Cc: xlpang@redhat.com
Cc: rostedt@goodmis.org
Cc: mathieu.desnoyers@efficios.com
Cc: jdesfossez@efficios.com
Cc: dvhart@infradead.org
Cc: bristot@redhat.com
Link: http://lkml.kernel.org/r/20170322104152.161341537@infradead.org
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Peter Zijlstra
|
13c98b088c |
futex: Rework futex_lock_pi() to use rt_mutex_*_proxy_lock()
commit cfafcd117da0216520568c195cb2f6cd1980c4bb upstream. By changing futex_lock_pi() to use rt_mutex_*_proxy_lock() all wait_list modifications are done under both hb->lock and wait_lock. This closes the obvious interleave pattern between futex_lock_pi() and futex_unlock_pi(), but not entirely so. See below: Before: futex_lock_pi() futex_unlock_pi() unlock hb->lock lock hb->lock unlock hb->lock lock rt_mutex->wait_lock unlock rt_mutex_wait_lock -EAGAIN lock rt_mutex->wait_lock list_add unlock rt_mutex->wait_lock schedule() lock rt_mutex->wait_lock list_del unlock rt_mutex->wait_lock <idem> -EAGAIN lock hb->lock After: futex_lock_pi() futex_unlock_pi() lock hb->lock lock rt_mutex->wait_lock list_add unlock rt_mutex->wait_lock unlock hb->lock schedule() lock hb->lock unlock hb->lock lock hb->lock lock rt_mutex->wait_lock list_del unlock rt_mutex->wait_lock lock rt_mutex->wait_lock unlock rt_mutex_wait_lock -EAGAIN unlock hb->lock It does however solve the earlier starvation/live-lock scenario which got introduced with the -EAGAIN since unlike the before scenario; where the -EAGAIN happens while futex_unlock_pi() doesn't hold any locks; in the after scenario it happens while futex_unlock_pi() actually holds a lock, and then it is serialized on that lock. Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Cc: juri.lelli@arm.com Cc: bigeasy@linutronix.de Cc: xlpang@redhat.com Cc: rostedt@goodmis.org Cc: mathieu.desnoyers@efficios.com Cc: jdesfossez@efficios.com Cc: dvhart@infradead.org Cc: bristot@redhat.com Link: http://lkml.kernel.org/r/20170322104152.062785528@infradead.org Signed-off-by: Thomas Gleixner <tglx@linutronix.de> [bwh: Backported to 4.9: adjust context] Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Peter Zijlstra
|
55404ebc97 |
futex,rt_mutex: Introduce rt_mutex_init_waiter()
commit 50809358dd7199aa7ce232f6877dd09ec30ef374 upstream. Since there's already two copies of this code, introduce a helper now before adding a third one. Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Cc: juri.lelli@arm.com Cc: bigeasy@linutronix.de Cc: xlpang@redhat.com Cc: rostedt@goodmis.org Cc: mathieu.desnoyers@efficios.com Cc: jdesfossez@efficios.com Cc: dvhart@infradead.org Cc: bristot@redhat.com Link: http://lkml.kernel.org/r/20170322104151.950039479@infradead.org Signed-off-by: Thomas Gleixner <tglx@linutronix.de> [bwh: Backported to 4.9: adjust context] Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Lucas Wei
|
28ab10340e |
Merge android-4.9-q (4.9.258) into android-msm-pixel-4.9-lts
Merge 4.9.258 into android-4.9-q
Linux 4.9.258
kvm: check tlbs_dirty directly
scsi: qla2xxx: Fix crash during driver load on big endian machines
xen-blkback: fix error handling in xen_blkbk_map()
xen-scsiback: don't "handle" error by BUG()
xen-netback: don't "handle" error by BUG()
xen-blkback: don't "handle" error by BUG()
xen/arm: don't ignore return errors from set_phys_to_machine
Xen/gntdev: correct error checking in gntdev_map_grant_pages()
Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages()
Xen/x86: also check kernel mapping in set_foreign_p2m_mapping()
Xen/x86: don't bail early from clear_foreign_p2m_mapping()
* tracing: Avoid calling cc-option -mrecord-mcount for every Makefile
Makefile
scripts/Makefile.build
* tracing: Fix SKIP_STACK_VALIDATION=1 build due to bad merge with -mrecord-mcount
scripts/Makefile.build
* trace: Use -mcount-record for dynamic ftrace
scripts/Makefile.build
x86/build: Disable CET instrumentation in the kernel for 32-bit too
vsock: fix locking in vsock_shutdown()
vsock/virtio: update credit only if socket is not closed
* net: watchdog: hold device global xmit lock during tx disable
include/linux/netdevice.h
net/vmw_vsock: improve locking in vsock_connect_timeout()
usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one
usb: dwc3: ulpi: fix checkpatch warning
h8300: fix PREEMPTION build, TI_PRE_COUNT undefined
* netfilter: conntrack: skip identical origin tuple in same zone only
net/netfilter/nf_conntrack_core.c
xen/netback: avoid race in xenvif_rx_ring_slots_available()
netfilter: xt_recent: Fix attempt to update deleted entry
* bpf: Check for integer overflow when using roundup_pow_of_two()
kernel/bpf/stackmap.c
* memblock: do not start bottom-up allocations with kernel_end
mm/memblock.c
ARM: dts: lpc32xx: Revert set default clock rate of HCLK PLL
* ovl: skip getxattr of security labels
fs/overlayfs/copy_up.c
* tracing: Check length before giving out the filter buffer
kernel/trace/trace.c
* tracing: Do not count ftrace events in top level enable output
kernel/trace/trace_events.c
squashfs: add more sanity checks in xattr id lookup
squashfs: add more sanity checks in inode lookup
squashfs: add more sanity checks in id lookup
* futex: Cure exit race
kernel/futex.c
* futex: Change locking rules
kernel/futex.c
* futex: Ensure the correct return value from futex_lock_pi()
kernel/futex.c
* memcg: fix a crash in wb_workfn when a device disappears
fs/fs-writeback.c
include/linux/backing-dev.h
include/trace/events/writeback.h
mm/backing-dev.c
* include/trace/events/writeback.h: fix -Wstringop-truncation warnings
include/trace/events/writeback.h
* lib/string: Add strscpy_pad() function
include/linux/string.h
lib/string.c
SUNRPC: Handle 0 length opaque XDR object data properly
* SUNRPC: Move simple_get_bytes and simple_get_netobj into private header
include/linux/sunrpc/xdr.h
iwlwifi: mvm: guard against device removal in reprobe
iwlwifi: pcie: add a NULL check in iwl_pcie_txq_unmap
iwlwifi: mvm: take mutex for calling iwl_mvm_get_sync_time()
* af_key: relax availability checks for skb size calculation
net/key/af_key.c
remoteproc: qcom_q6v5_mss: Validate MBA firmware size before load
* fgraph: Initialize tracing_graph_pause at task creation
include/linux/ftrace.h
* mm: memcontrol: fix NULL pointer crash in test_clear_page_writeback()
include/linux/memcontrol.h
mm/page-writeback.c
Merge 4.9.257 into android-4.9-q
Linux 4.9.257
ALSA: hda/realtek - Fix typo of pincfg for Dell quirk
iommu/vt-d: Do not use flush-queue when caching-mode is on
ACPI: thermal: Do not call acpi_thermal_check() directly
* Input: xpad - sync supported devices with fork on GitHub
drivers/input/joystick/xpad.c
x86/apic: Add extra serialization for non-serializing MSRs
* x86/build: Disable CET instrumentation in the kernel
Makefile
mm: thp: fix MADV_REMOVE deadlock on shmem THP
mm: hugetlb: remove VM_BUG_ON_PAGE from page_huge_active
mm: hugetlb: fix a race between isolating and freeing page
* mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page
include/linux/hugetlb.h
ARM: footbridge: fix dc21285 PCI configuration accessors
* mmc: core: Limit retries when analyse of SDIO tuples fails
drivers/mmc/core/sdio_cis.c
cifs: report error instead of invalid when revalidating a dentry fails
* xhci: fix bounce buffer usage for non-sg list case
drivers/usb/host/xhci-ring.c
kretprobe: Avoid re-registration of the same kretprobe earlier
mac80211: fix station rate table updates on assoc
usb: dwc2: Fix endpoint direction check in ep_from_windex
USB: usblp: don't call usb_set_interface if there's a single alt
USB: gadget: legacy: fix an error code in eth_bind()
* elfcore: fix building with clang
include/linux/elfcore.h
kernel/Makefile
net: lapb: Copy the skb before sending a packet
Input: i8042 - unbreak Pegatron C15B
USB: serial: option: Adding support for Cinterion MV31
USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000
USB: serial: cp210x: add pid/vid for WSDA-200-USB
* stable: clamp SUBLEVEL in 4.4 and 4.9
Makefile
objtool: Don't fail on missing symbol table
scsi: ibmvfc: Set default timeout to avoid crash during migration
mac80211: fix fast-rx encryption check
scsi: libfc: Avoid invoking response handler twice if ep is already completed
* futex: Handle faults correctly for PI futexes
kernel/futex.c
* futex: Simplify fixup_pi_state_owner()
kernel/futex.c
* futex: Use pi_state_update_owner() in put_pi_state()
kernel/futex.c
* rtmutex: Remove unused argument from rt_mutex_proxy_unlock()
kernel/futex.c
kernel/locking/rtmutex.c
kernel/locking/rtmutex_common.h
* futex: Provide and use pi_state_update_owner()
kernel/futex.c
* futex: Replace pointless printk in fixup_owner()
kernel/futex.c
* futex: Avoid violating the 10th rule of futex
kernel/futex.c
kernel/locking/rtmutex.c
kernel/locking/rtmutex_common.h
* futex: Rework inconsistent rt_mutex/futex_q state
kernel/futex.c
* futex: Remove rt_mutex_deadlock_account_*()
kernel/locking/rtmutex.c
kernel/locking/rtmutex.h
* futex,rt_mutex: Provide futex specific rt_mutex API
kernel/futex.c
kernel/locking/rtmutex.c
kernel/locking/rtmutex_common.h
* net_sched: reject silly cell_log in qdisc_get_rtab()
net/sched/sch_api.c
ibmvnic: Ensure that CRQ entry read are correctly ordered
net: dsa: bcm_sf2: put device node before return
Merge 4.9.256 into android-4.9-q
Linux 4.9.256
Merge 4.9.255 into android-4.9-q
Linux 4.9.255
NFC: fix possible resource leak
NFC: fix resource leak when target index is invalid
iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built
iommu/vt-d: Gracefully handle DMAR units with no supported address widths
can: dev: prevent potential information leak in can_fill_info()
mac80211: pause TX while changing interface type
iwlwifi: pcie: reschedule in long-running memory reads
iwlwifi: pcie: use jiffies for memory read spin time limit
RDMA/cxgb4: Fix the reported max_recv_sge value
* xfrm: Fix oops in xfrm_replay_advance_bmp
net/xfrm/xfrm_input.c
netfilter: nft_dynset: add timeout extension to template
ARM: imx: build suspend-imx6.S with arm instruction set
mt7601u: fix rx buffer refcounting
mt7601u: fix kernel crash unplugging the device
* leds: trigger: fix potential deadlock with libata
drivers/leds/led-triggers.c
KVM: x86: get smi pending status correctly
KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in intel_arch_events[]
* futex: Prevent exit livelock
kernel/futex.c
* futex: Provide distinct return value when owner is exiting
kernel/futex.c
* futex: Add mutex around futex exit
include/linux/futex.h
include/linux/sched.h
kernel/futex.c
* futex: Provide state handling for exec() as well
kernel/futex.c
* futex: Sanitize exit state handling
kernel/futex.c
* futex: Mark the begin of futex exit explicitly
include/linux/futex.h
kernel/exit.c
kernel/futex.c
* futex: Set task::futex_state to DEAD right after handling futex exit
kernel/exit.c
kernel/futex.c
* futex: Split futex_mm_release() for exit/exec
include/linux/futex.h
kernel/fork.c
kernel/futex.c
* exit/exec: Seperate mm_release()
fs/exec.c
include/linux/sched.h
kernel/exit.c
kernel/fork.c
* futex: Replace PF_EXITPIDONE with a state
include/linux/futex.h
include/linux/sched.h
kernel/exit.c
kernel/futex.c
* futex: Move futex exit handling into futex code
include/linux/compat.h
include/linux/futex.h
kernel/fork.c
kernel/futex.c
* y2038: futex: Move compat implementation into futex.c
include/linux/futex.h
kernel/Makefile
kernel/futex.c
net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family
* wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
net/wireless/wext-core.c
ACPI: sysfs: Prefer "compatible" modalias
Bug: 181732917
Change-Id: Ice169f5980390199db8f86d42e944cdf5f37c562
Signed-off-by: Lucas Wei <lucaswei@google.com>
|
||
|
Thomas Gleixner
|
285b624ec7 |
rtmutex: Remove unused argument from rt_mutex_proxy_unlock()
[ Upstream commit 2156ac1934166d6deb6cd0f6ffc4c1076ec63697 ] Nothing uses the argument. Remove it as preparation to use pi_state_update_owner(). Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org> Cc: stable@vger.kernel.org Signed-off-by: Lee Jones <lee.jones@linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Peter Zijlstra
|
781691c797 |
futex: Avoid violating the 10th rule of futex
commit c1e2f0eaf015fb7076d51a339011f2383e6dd389 upstream.
Julia reported futex state corruption in the following scenario:
waiter waker stealer (prio > waiter)
futex(WAIT_REQUEUE_PI, uaddr, uaddr2,
timeout=[N ms])
futex_wait_requeue_pi()
futex_wait_queue_me()
freezable_schedule()
<scheduled out>
futex(LOCK_PI, uaddr2)
futex(CMP_REQUEUE_PI, uaddr,
uaddr2, 1, 0)
/* requeues waiter to uaddr2 */
futex(UNLOCK_PI, uaddr2)
wake_futex_pi()
cmp_futex_value_locked(uaddr2, waiter)
wake_up_q()
<woken by waker>
<hrtimer_wakeup() fires,
clears sleeper->task>
futex(LOCK_PI, uaddr2)
__rt_mutex_start_proxy_lock()
try_to_take_rt_mutex() /* steals lock */
rt_mutex_set_owner(lock, stealer)
<preempted>
<scheduled in>
rt_mutex_wait_proxy_lock()
__rt_mutex_slowlock()
try_to_take_rt_mutex() /* fails, lock held by stealer */
if (timeout && !timeout->task)
return -ETIMEDOUT;
fixup_owner()
/* lock wasn't acquired, so,
fixup_pi_state_owner skipped */
return -ETIMEDOUT;
/* At this point, we've returned -ETIMEDOUT to userspace, but the
* futex word shows waiter to be the owner, and the pi_mutex has
* stealer as the owner */
futex_lock(LOCK_PI, uaddr2)
-> bails with EDEADLK, futex word says we're owner.
And suggested that what commit:
73d786bd043e ("futex: Rework inconsistent rt_mutex/futex_q state")
removes from fixup_owner() looks to be just what is needed. And indeed
it is -- I completely missed that requeue_pi could also result in this
case. So we need to restore that, except that subsequent patches, like
commit:
16ffa12d7425 ("futex: Pull rt_mutex_futex_unlock() out from under hb->lock")
changed all the locking rules. Even without that, the sequence:
- if (rt_mutex_futex_trylock(&q->pi_state->pi_mutex)) {
- locked = 1;
- goto out;
- }
- raw_spin_lock_irq(&q->pi_state->pi_mutex.wait_lock);
- owner = rt_mutex_owner(&q->pi_state->pi_mutex);
- if (!owner)
- owner = rt_mutex_next_owner(&q->pi_state->pi_mutex);
- raw_spin_unlock_irq(&q->pi_state->pi_mutex.wait_lock);
- ret = fixup_pi_state_owner(uaddr, q, owner);
already suggests there were races; otherwise we'd never have to look
at next_owner.
So instead of doing 3 consecutive wait_lock sections with who knows
what races, we do it all in a single section. Additionally, the usage
of pi_state->owner in fixup_owner() was only safe because only the
rt_mutex owner would modify it, which this additional case wrecks.
Luckily the values can only change away and not to the value we're
testing, this means we can do a speculative test and double check once
we have the wait_lock.
Fixes: 73d786bd043e ("futex: Rework inconsistent rt_mutex/futex_q state")
Reported-by: Julia Cartwright <julia@ni.com>
Reported-by: Gratian Crisan <gratian.crisan@ni.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Tested-by: Julia Cartwright <julia@ni.com>
Tested-by: Gratian Crisan <gratian.crisan@ni.com>
Cc: Darren Hart <dvhart@infradead.org>
Link: https://lkml.kernel.org/r/20171208124939.7livp7no2ov65rrc@hirez.programming.kicks-ass.net
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[Lee: Back-ported to solve a dependency]
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Peter Zijlstra
|
d4dd758855 |
futex: Remove rt_mutex_deadlock_account_*()
These are unused and clutter up the code. Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Cc: juri.lelli@arm.com Cc: bigeasy@linutronix.de Cc: xlpang@redhat.com Cc: rostedt@goodmis.org Cc: mathieu.desnoyers@efficios.com Cc: jdesfossez@efficios.com Cc: dvhart@infradead.org Cc: bristot@redhat.com Link: http://lkml.kernel.org/r/20170322104151.652692478@infradead.org Signed-off-by: Thomas Gleixner <tglx@linutronix.de> [Lee: Back-ported to solve a dependency] Signed-off-by: Lee Jones <lee.jones@linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Peter Zijlstra
|
2c60d4aa88 |
futex,rt_mutex: Provide futex specific rt_mutex API
[ Upstream commit 5293c2efda37775346885c7e924d4ef7018ea60b ] Part of what makes futex_unlock_pi() intricate is that rt_mutex_futex_unlock() -> rt_mutex_slowunlock() can drop rt_mutex::wait_lock. This means it cannot rely on the atomicy of wait_lock, which would be preferred in order to not rely on hb->lock so much. The reason rt_mutex_slowunlock() needs to drop wait_lock is because it can race with the rt_mutex fastpath, however futexes have their own fast path. Since futexes already have a bunch of separate rt_mutex accessors, complete that set and implement a rt_mutex variant without fastpath for them. Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Cc: juri.lelli@arm.com Cc: bigeasy@linutronix.de Cc: xlpang@redhat.com Cc: rostedt@goodmis.org Cc: mathieu.desnoyers@efficios.com Cc: jdesfossez@efficios.com Cc: dvhart@infradead.org Cc: bristot@redhat.com Link: http://lkml.kernel.org/r/20170322104151.702962446@infradead.org Signed-off-by: Thomas Gleixner <tglx@linutronix.de> [Lee: Back-ported to solve a dependency] Signed-off-by: Lee Jones <lee.jones@linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
lucaswei
|
bac74c1ae4 |
Merge android-4.9-q (4.9.237) into android-msm-pixel-4.9-lts
Merge 4.9.237 into android-4.9-q
Linux 4.9.237
x86/defconfig: Enable CONFIG_USB_XHCI_HCD=y
powerpc/dma: Fix dma_map_ops::get_required_mask
ehci-hcd: Move include to keep CRC stable
serial: 8250_pci: Add Realtek 816a and 816b
Input: i8042 - add Entroware Proteus EL07R4 to nomux and reset lists
usblp: fix race between disconnect() and read()
USB: UAS: fix disconnect by unplugging a hub
* USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin notebook
drivers/usb/core/quirks.c
drm/mediatek: Add exception handing in mtk_drm_probe() if component init fail
MIPS: SNI: Fix spurious interrupts
fbcon: Fix user font detection test at fbcon_resize().
perf test: Free formats for perf pmu parse test
MIPS: SNI: Fix MIPS_L1_CACHE_SHIFT
Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload
clk: rockchip: Fix initialization of mux_pll_src_4plls_p
i2c: algo: pca: Reapply i2c bus settings after reset
rapidio: Replace 'select' DMAENGINES 'with depends on'
SUNRPC: stop printk reading past end of string
spi: spi-loopback-test: Fix out-of-bounds read
scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt discovery
scsi: pm8001: Fix memleak in pm8001_exec_internal_task_abort
NFSv4.1 handle ERR_DELAY error reclaiming locking state on delegation recall
* net: handle the return value of pskb_carve_frag_list() correctly
net/core/skbuff.c
* gcov: add support for GCC 10.1
kernel/gcov/Kconfig
RDMA/rxe: Fix the parent sysfs read when the interface has 15 chars
IB/rxe: Remove a pointless indirection layer
* usb: Fix out of sync data toggle if a configured device is reconfigured
drivers/usb/core/message.c
USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules
USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter
* usb: core: fix slab-out-of-bounds Read in read_descriptors
drivers/usb/core/sysfs.c
staging: greybus: audio: fix uninitialized value issue
video: fbdev: fix OOB read in vga_8planes_imageblit()
KVM: VMX: Don't freeze guest when event delivery causes an APIC-access exit
* vgacon: remove software scrollback support
drivers/video/console/Kconfig
fbcon: remove now unusued 'softback_lines' cursor() argument
fbcon: remove soft scrollback code
rbd: require global CAP_SYS_ADMIN for mapping and unmapping
scsi: target: iscsi: Fix hang in iscsit_access_np() when getting tpg->np_login_sem
scsi: target: iscsi: Fix data digest calculation
* regulator: push allocation in set_consumer_device_supply() out of lock
drivers/regulator/core.c
btrfs: fix wrong address when faulting in pages in the search ioctl
staging: wlan-ng: fix out of bounds read in prism2sta_probe_usb()
* USB: core: add helpers to retrieve endpoints
drivers/usb/core/usb.c
include/linux/usb.h
iio:accel:mma8452: Fix timestamp alignment and prevent data leak.
iio:accel:mma7455: Fix timestamp alignment and prevent data leak.
iio: accel: kxsd9: Fix alignment of local buffer.
iio:light:max44000 Fix timestamp alignment and prevent data leak.
iio:magnetometer:ak8975 Fix alignment and data leak issues.
drivers: iio: magnetometer: Fix sparse endianness warnings cast to restricted __be16
iio:adc:ti-adc081c Fix alignment and data leak issues
iio:adc:ina2xx Fix timestamp alignment issue.
iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak.
iio:light:ltr501 Fix timestamp alignment issue.
iio: adc: ti-ads1015: fix conversion when CONFIG_PM is not set
iio: adc: mcp3422: fix locking on error path
iio: adc: mcp3422: fix locking scope
* gcov: Disable gcov build with GCC 10
kernel/gcov/Kconfig
ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled
drivers/net/wan/hdlc_cisco: Add hard_header_len
irqchip/eznps: Fix build error for !ARC700 builds
xfs: initialize the shortform attr header padding entry
drivers/net/wan/lapbether: Set network_header before transmitting
ALSA: hda: Fix 2 channel swapping for Tegra
firestream: Fix memleak in fs_open
NFC: st95hf: Fix memleak in st95hf_in_send_cmd
drivers/net/wan/lapbether: Added needed_tailroom
scsi: libsas: Set data_dir as DMA_NONE if libata marks qc as NODATA
RDMA/rxe: Drop pointless checks in rxe_init_ports
RDMA/rxe: Fix memleak in rxe_mem_init_user
ARM: dts: socfpga: fix register entry for timer3 on Arria10
Merge 4.9.236 into android-4.9-q
Linux 4.9.236
* net: disable netpoll on fresh napis
net/core/dev.c
sctp: not disable bh in the whole sctp_get_port_local()
net: usb: dm9601: Add USB ID of Keenetic Plus DSL
* netlabel: fix problems with mapping removal
net/netlabel/netlabel_domainhash.c
bnxt: don't enable NAPI until rings are ready
net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init()
affs: fix basic permission bits to actually work
fs/affs: use octal for permissions
ALSA; firewire-tascam: exclude Tascam FE-8 from detection
* net: usb: Fix uninit-was-stored issue in asix_read_phy_addr()
drivers/net/usb/asix_common.c
* cfg80211: regulatory: reject invalid hints
net/wireless/reg.c
mm/hugetlb: fix a race between hugetlb sysctl handlers
checkpatch: fix the usage of capture group ( ... )
vfio/pci: Fix SR-IOV VF handling with MMIO blocking
* net: initialize fastreuse on inet_inherit_port
net/ipv4/inet_hashtables.c
* net: refactor bind_bucket fastreuse into helper
include/net/inet_connection_sock.h
net/ipv4/inet_connection_sock.c
* KVM: arm64: Set HCR_EL2.PTW to prevent AT taking synchronous exception
arch/arm64/include/asm/kvm_arm.h
* KVM: arm64: Survive synchronous exceptions caused by AT instructions
arch/arm64/include/asm/kvm_asm.h
KVM: arm64: Defer guest entry when an asynchronous exception is pending
* KVM: arm64: Add kvm_extable for vaxorcism code
arch/arm64/include/asm/kvm_asm.h
arch/arm64/kernel/vmlinux.lds.S
vfio-pci: Invalidate mmaps and block MMIO access on disabled memory
vfio-pci: Fault mmaps to enable vma tracking
vfio/type1: Support faulting PFNMAP vmas
* mm: slub: fix conversion of freelist_corrupted()
mm/slub.c
dm thin metadata: Avoid returning cmd->bm wild pointer on error
dm cache metadata: Avoid returning cmd->bm wild pointer on error
libata: implement ATA_HORKAGE_MAX_TRIM_128M and apply to Sandisks
* block: Move SECTOR_SIZE and SECTOR_SHIFT definitions into <linux/blkdev.h>
drivers/block/brd.c
drivers/block/zram/zram_drv.h
include/linux/blkdev.h
include/linux/device-mapper.h
include/uapi/linux/msdos_fs.h
* block: allow for_each_bvec to support zero len bvec
include/linux/bvec.h
ALSA: firewire-digi00x: exclude Avid Adrenaline from detection
ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check
ALSA: ca0106: fix error code handling
usb: qmi_wwan: add D-Link DWM-222 A2 device ID
qmi_wwan: new Telewell and Sierra device IDs
drivers: net: usb: qmi_wwan: add QMI_QUIRK_SET_DTR for Telit PID 0x1201
net: usb: qmi_wwan: add Telit 0x1050 composition
btrfs: fix potential deadlock in the search ioctl
* uaccess: Add non-pagefault user-space write function
include/linux/uaccess.h
mm/maccess.c
* uaccess: Add non-pagefault user-space read functions
include/linux/uaccess.h
mm/maccess.c
btrfs: set the lockdep class for log tree extent buffers
btrfs: Remove extraneous extent_buffer_get from tree_mod_log_rewind
btrfs: Remove redundant extent_buffer_get in get_old_root
btrfs: drop path before adding new uuid tree entry
* include/linux/log2.h: add missing () around n in roundup_pow_of_two()
include/linux/log2.h
thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430
iommu/vt-d: Serialize IOMMU GCMD register modifications
tg3: Fix soft lockup when tg3_reset_task() fails.
* fix regression in "epoll: Keep a reference on files added to the check list"
fs/eventpoll.c
bnxt_en: Fix PCI AER error recovery flow
bnxt_en: Check for zero dir entries in NVRAM.
dmaengine: pl330: Fix burst length if burst size is smaller than bus width
net: arc_emac: Fix memleak in arc_mdio_probe
ravb: Fixed to be able to unload modules
net: hns: Fix memleak in hns_nic_dev_probe
netfilter: nf_tables: fix destination register zeroing
netfilter: nf_tables: incorrect enum nft_list_attributes definition
netfilter: nf_tables: add NFTA_SET_USERDATA if not null
MIPS: BMIPS: Also call bmips_cpu_setup() for secondary cores
MIPS: mm: BMIPS5000 has inclusive physical caches
dmaengine: at_hdmac: check return value of of_find_device_by_node() in at_dma_xlate()
batman-adv: bla: use netif_rx_ni when not in interrupt context
batman-adv: Avoid uninitialized chaddr when handling DHCP
* dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling
drivers/dma/of-dma.c
xen/xenbus: Fix granting of vmalloc'd memory
s390: don't trace preemption in percpu macros
ceph: don't allow setlease on cephfs
nvmet: Disable keep-alive timer when kato is cleared to 0h
hwmon: (applesmc) check status earlier.
perf record/stat: Explicitly call out event modifiers in the documentation
* HID: core: Sanitize event code and type when mapping input
drivers/hid/hid-input.c
drivers/hid/hid-multitouch.c
include/linux/hid.h
* HID: core: Correctly handle ReportSize being zero
drivers/hid/hid-core.c
* ANDROID: overflow.h: fix merge issue with 4.9.235
include/linux/overflow.h
Merge 4.9.235 into android-4.9-q
Linux 4.9.235
* ALSA: usb-audio: Update documentation comment for MS2109 quirk
sound/usb/quirks-table.h
* HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage()
drivers/hid/usbhid/hiddev.c
btrfs: check the right error variable in btrfs_del_dir_entries_in_log
usb: storage: Add unusual_uas entry for Sony PSZ drives
* USB: gadget: u_f: Unbreak offset calculation in VLAs
drivers/usb/gadget/u_f.h
USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb()
* USB: gadget: u_f: add overflow checks to VLA macros
drivers/usb/gadget/u_f.h
* overflow.h: Add allocation size calculation helpers
drivers/md/dm-table.c
include/linux/overflow.h
usb: host: ohci-exynos: Fix error handling in exynos_ohci_probe()
* USB: Ignore UAS for JMicron JMS567 ATA/ATAPI Bridge
drivers/usb/storage/unusual_devs.h
* USB: quirks: Add no-lpm quirk for another Raydium touchscreen
drivers/usb/core/quirks.c
usb: uas: Add quirk for PNY Pro Elite
USB: yurex: Fix bad gfp argument
* device property: Fix the secondary firmware node handling in set_primary_fwnode()
drivers/base/core.c
* PM: sleep: core: Fix the handling of pending runtime resume requests
drivers/base/power/main.c
* xhci: Do warm-reset when both CAS and XDEV_RESUME are set
drivers/usb/host/xhci-hub.c
XEN uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information.
* writeback: Fix sync livelock due to b_dirty_time processing
fs/fs-writeback.c
include/trace/events/writeback.h
* writeback: Avoid skipping inode writeback
fs/fs-writeback.c
include/linux/fs.h
* writeback: Protect inode->i_io_list with inode->i_lock
fs/fs-writeback.c
serial: 8250: change lock order in serial8250_do_startup()
serial: pl011: Don't leak amba_ports entry on driver register error
serial: pl011: Fix oops on -EPROBE_DEFER
serial: samsung: Removes the IRQ not found warning
* vt_ioctl: change VT_RESIZEX ioctl to check for error return from vc_resize()
drivers/tty/vt/vt_ioctl.c
* vt: defer kfree() of vc_screenbuf in vc_do_resize()
drivers/tty/vt/vt.c
* USB: lvtest: return proper error code in probe
drivers/usb/misc/lvstest.c
fbcon: prevent user font height or width change from causing potential out-of-bounds access
btrfs: fix space cache memory leak after transaction abort
HID: i2c-hid: Always sleep 60ms after I2C_HID_PWR_ON commands
powerpc/perf: Fix soft lockups due to missed interrupt accounting
net: gianfar: Add of_node_put() before goto statement
* scsi: ufs: Improve interrupt handling for shared interrupts
drivers/scsi/ufs/ufshcd.c
* scsi: ufs: Fix possible infinite loop in ufshcd_hold
drivers/scsi/ufs/ufshcd.c
s390/cio: add cond_resched() in the slow_eval_known_fn() loop
* fs: prevent BUG_ON in submit_bh_wbc()
fs/buffer.c
fs/ext4/super.c
* jbd2: abort journal if free a async write error metadata buffer
fs/jbd2/transaction.c
* jbd2: make sure jh have b_transaction set in refile/unfile_buffer
fs/jbd2/transaction.c
usb: gadget: f_tcm: Fix some resource leaks in some error paths
i2c: rcar: in slave mode, clear NACK earlier
Revert "ath10k: fix DMA related firmware crashes on multiple devices"
* efi: provide empty efi_enter_virtual_mode implementation
include/linux/efi.h
USB: sisusbvga: Fix a potential UB casued by left shifting a negative value
powerpc/spufs: add CONFIG_COREDUMP dependency
KVM: arm64: Fix symbol dependency in __hyp_call_panic_nvhe
media: davinci: vpif_capture: fix potential double free
EDAC/ie31200: Fallback if host bridge device is already initialized
scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del()
ceph: fix potential mdsc use-after-free crash
scsi: iscsi: Do not put host in iscsi_set_flashnode_param()
locking/lockdep: Fix overflow in presentation of average lock-time
drm/nouveau: Fix reference count leak in nouveau_connector_detect
drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open
cec-api: prevent leaking memory through hole in structure
mips/vdso: Fix resource leaks in genvdso.c
rtlwifi: rtl8192cu: Prevent leaking urb
* PCI: Fix pci_create_slot() reference count leak
drivers/pci/slot.c
omapfb: fix multiple reference count leaks due to pm_runtime_get_sync
selftests/powerpc: Purge extra count_pmc() calls of ebb selftests
scsi: lpfc: Fix shost refcount mismatch when deleting vport
drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails
drm/amdgpu: fix ref count leak in amdgpu_display_crtc_set_config
drm/amd/display: fix ref count leak in amdgpu_drm_ioctl
drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms
drm/radeon: fix multiple reference count leak
drm/amdkfd: Fix reference count leaks.
* iommu/iova: Don't BUG on invalid PFNs
drivers/iommu/iova.c
scsi: target: tcmu: Fix crash on ARM during cmd completion
media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA value in debiirq()
arm64: dts: qcom: msm8916: Pull down PDM GPIOs during sleep
ASoC: tegra: Fix reference count leaks.
ALSA: pci: delete repeated words in comments
* gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY
net/ipv6/ip6_tunnel.c
ipvlan: fix device features
tipc: fix uninit skb->data in tipc_nl_compat_dumpit()
* net: Fix potential wrong skb->protocol in skb_vlan_untag()
net/core/skbuff.c
* bonding: show saner speed for broadcast mode
drivers/net/bonding/bond_main.c
* bonding: fix a potential double-unregister
drivers/net/bonding/bond_main.c
Change-Id: Ic5e975d213782585fedbf8a5869b9b0aaad0bf66
Signed-off-by: lucaswei <lucaswei@google.com>
|
||
|
Chris Wilson
|
50675a1f15 |
locking/lockdep: Fix overflow in presentation of average lock-time
[ Upstream commit a7ef9b28aa8d72a1656fa6f0a01bbd1493886317 ]
Though the number of lock-acquisitions is tracked as unsigned long, this
is passed as the divisor to div_s64() which interprets it as a s32,
giving nonsense values with more than 2 billion acquisitons. E.g.
acquisitions holdtime-min holdtime-max holdtime-total holdtime-avg
-------------------------------------------------------------------------
2350439395 0.07 353.38 649647067.36 0.-32
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Link: https://lore.kernel.org/r/20200725185110.11588-1-chris@chris-wilson.co.uk
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
lucaswei
|
69d20ae93b |
Merge android-4.9-q (4.9.223) into android-msm-pixel-4.9-lts
Merge 4.9.223 into android-4.9-q
Linux 4.9.223
* mac80211: add ieee80211_is_any_nullfunc()
include/linux/ieee80211.h
ALSA: hda: Match both PCI ID and SSID for driver blacklist
sctp: Fix SHUTDOWN CTSN Ack in the peer restart case
MIPS: perf: Remove incorrect odd/even counter handling for I6400
xprtrdma: Fix backchannel allocation of extra rpcrdma_reps
net: systemport: suppress warnings on failed Rx SKB allocations
net: bcmgenet: suppress warnings on failed Rx SKB allocations
* lib/mpi: Fix building for powerpc with clang
lib/mpi/longlong.h
net: dsa: b53: Rework ARL bin logic
scripts/config: allow colons in option strings for sed
cifs: protect updating server->dstaddr with a spinlock
net: stmmac: Fix sub-second increment
wimax/i2400m: Fix potential urb refcnt leak
ASoC: sgtl5000: Fix VAG power-on handling
selftests/ipc: Fix test failure seen after initial test run
iio:ad7797: Use correct attribute_group
powerpc/pci/of: Parse unassigned resources
vhost: vsock: kick send_pkt worker once device is started
Merge 4.9.222 into android-4.9-q
Linux 4.9.222
drm/qxl: qxl_release use after free
* selinux: properly handle multiple messages in selinux_netlink_send()
security/selinux/hooks.c
dmaengine: dmatest: Fix iteration non-stop logic
nfs: Fix potential posix_acl refcnt leak in nfs3_set_acl
ALSA: opti9xx: shut up gcc-10 range warning
iommu/amd: Fix legacy interrupt remapping for x2APIC-enabled system
vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn()
RDMA/mlx4: Initialize ib_spec on the stack
* dm verity fec: fix hash block number in verity_fec_decode
drivers/md/dm-verity-fec.c
PM: hibernate: Freeze kernel threads in software_resume()
PM: ACPI: Output correct message on target power state
ALSA: pcm: oss: Place the plugin buffer overflow checks correctly
ALSA: hda/hdmi: fix without unlocked before return
btrfs: fix block group leak when removing fails
drm/qxl: qxl_release leak in qxl_hw_surface_alloc()
drm/qxl: qxl_release leak in qxl_draw_dirty_fb()
* drm/edid: Fix off-by-one in DispID DTD pixel clock
drivers/gpu/drm/drm_edid.c
* ext4: fix special inode number checks in __ext4_iget()
fs/ext4/inode.c
Merge 4.9.221 into android-4.9-q
ANDROID: cuttlefish_defconfig: Fix dm-verity related options
Linux 4.9.221
* propagate_one(): mnt_set_mountpoint() needs mount_lock
fs/pnode.c
* ext4: check for non-zero journal inum in ext4_calculate_overhead
fs/ext4/super.c
* ext4: unsigned int compared against zero
fs/ext4/block_validity.c
* ext4: fix block validity checks for journal inodes using indirect blocks
fs/ext4/block_validity.c
* ext4: don't perform block validity checks on the journal inode
fs/ext4/extents.c
* ext4: protect journal inode's blocks using block_validity
fs/ext4/block_validity.c
fs/ext4/inode.c
* ext4: avoid declaring fs inconsistent due to invalid file handles
fs/ext4/ext4.h
fs/ext4/ialloc.c
fs/ext4/inode.c
fs/ext4/ioctl.c
fs/ext4/namei.c
fs/ext4/resize.c
fs/ext4/super.c
hwmon: (jc42) Fix name to have no illegal characters
* ext4: convert BUG_ON's to WARN_ON's in mballoc.c
fs/ext4/mballoc.c
xen/xenbus: ensure xenbus_map_ring_valloc() returns proper grant status
objtool: Support Clang non-section symbols in ORC dump
objtool: Fix CONFIG_UBSAN_TRAP unreachable warnings
scsi: target: fix PR IN / READ FULL STATUS for FC
xfs: fix partially uninitialized structure in xfs_reflink_remap_extent
bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B
* perf/core: fix parent pid/tid in task exit events
kernel/events/core.c
net/cxgb4: Check the return from t4_query_params properly
nfsd: memory corruption in nfsd4_lock()
usb: gadget: udc: bdc: Remove unnecessary NULL checks in bdc_req_complete
mtd: cfi: fix deadloop in cfi_cmdset_0002.c do_write_buffer
* fuse: fix possibly missed wake-up after abort
fs/fuse/dev.c
remoteproc: Fix wrong rvring index computation
* usb: f_fs: Clear OS Extended descriptor counts to zero in ffs_data_reset()
drivers/usb/gadget/function/f_fs.c
UAS: fix deadlock in error handling and PM flushing work
UAS: no use logging any details in case of ENODEV
staging: vt6656: Power save stop wake_up_count wrap around.
staging: vt6656: Fix drivers TBTT timing counter.
staging: comedi: Fix comedi_device refcnt leak in comedi_open
staging: comedi: dt2815: fix writing hi byte of analog output
ARM: imx: provide v7_cpu_resume() only on ARM_CPU_SUSPEND=y
* ASoC: dapm: fixup dapm kcontrol widget
sound/soc/soc-dapm.c
* audit: check the length of userspace generated audit records
kernel/audit.c
* usb-storage: Add unusual_devs entry for JMicron JMS566
drivers/usb/storage/unusual_devs.h
tty: rocket, avoid OOB access
tty: hvc: fix buffer overflow during hvc_alloc().
KVM: VMX: Enable machine check support for 32bit targets
* KVM: Check validity of resolved slot when searching memslots
include/linux/kvm_host.h
tpm/tpm_tis: Free IRQ if probing fails
* ALSA: usb-audio: Filter out unsupported sample rates on Focusrite devices
sound/usb/format.c
* ALSA: usb-audio: Fix usb audio refcnt leak when getting spdif
sound/usb/mixer_quirks.c
ALSA: usx2y: Fix potential NULL dereference
* vmalloc: fix remap_vmalloc_range() bounds checks
include/linux/vmalloc.h
mm/vmalloc.c
* overflow.h: Add arithmetic shift helper
include/linux/overflow.h
* USB: hub: Fix handling of connect changes during sleep
drivers/usb/core/hub.c
* USB: core: Fix free-while-in-use bug in the USB S-Glibrary
drivers/usb/core/message.c
* USB: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair K70 RGB RAPIDFIRE
drivers/usb/core/quirks.c
USB: sisusbvga: Change port variable from signed to unsigned
* fs/namespace.c: fix mountpoint reference counter race
fs/namespace.c
iio: xilinx-xadc: Fix sequencer configuration for aux channels in simultaneous mode
iio: xilinx-xadc: Fix clearing interrupt when enabling trigger
iio: xilinx-xadc: Fix ADC-B powerdown
ALSA: hda: Remove ASUS ROG Zenith from the blacklist
* xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish
net/ipv4/xfrm4_output.c
net/ipv6/xfrm6_output.c
net: dsa: b53: Fix ARL register definitions
team: fix hang in team_mode_get()
* tcp: cache line align MAX_TCP_HEADER
include/net/tcp.h
net/x25: Fix x25_neigh refcnt leak when receiving frame
net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node
macvlan: fix null dereference in macvlan_device_event()
macsec: avoid to set wrong mtu
* ipv6: fix restrict IPV6_ADDRFORM operation
net/ipv6/ipv6_sockglue.c
PCI/ASPM: Allow re-enabling Clock PM
pwm: bcm2835: Dynamically allocate base
pwm: renesas-tpu: Fix late Runtime PM enablement
s390/cio: avoid duplicated 'ADD' uevents
ipc/util.c: sysvipc_find_ipc() should increase position index
kernel/gcov/fs.c: gcov_seq_next() should increase position index
ASoC: Intel: atom: Take the drv->lock mutex before calling sst_send_slot_map()
scsi: iscsi: Report unbind session event when the target has been removed
pwm: rcar: Fix late Runtime PM enablement
ceph: don't skip updating wanted caps when cap is stale
ceph: return ceph_mdsc_do_request() errors from __get_parent()
scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login
* watchdog: reset last_hw_keepalive time at start
drivers/watchdog/watchdog_dev.c
* vti4: removed duplicate log message.
net/ipv4/ip_vti.c
crypto: mxs-dcp - make symbols 'sha1_null_hash' and 'sha256_null_hash' static
* drm/msm: Use the correct dma_sync calls harder
drivers/gpu/drm/msm/msm_gem.c
* net: ipv4: avoid unused variable warning for sysctl
net/ipv4/route.c
* net: ipv4: emulate READ_ONCE() on ->hdrincl bit-field in raw_sendmsg()
net/ipv4/raw.c
* ext4: fix extent_status fragmentation for plain files
fs/ext4/extents.c
* UPSTREAM: loop: Only freeze block queue when needed.
drivers/block/loop.c
* UPSTREAM: loop: Only change blocksize when needed.
drivers/block/loop.c
* BACKPORT: loop: change queue block size to match when using DIO
drivers/block/loop.c
Merge 4.9.220 into android-4.9-q
Linux 4.9.220
x86/vdso: Fix lsl operand order
x86/microcode/intel: replace sync_core() with native_cpuid_reg(eax)
x86/CPU: Add native CPUID variants returning a single datum
mtd: phram: fix a double free issue in error path
mtd: lpddr: Fix a double free in probe()
locktorture: Print ratio of acquisitions, not failures
tty: evh_bytechan: Fix out of bounds accesses
* fbdev: potential information leak in do_fb_ioctl()
drivers/video/fbdev/core/fbmem.c
iommu/amd: Fix the configuration of GCR3 table root pointer
libnvdimm: Out of bounds read in __nd_ioctl()
ext2: fix debug reference to ext2_xattr_cache
ext2: fix empty body warnings when -Wextra is used
NFS: Fix memory leaks in nfs_pageio_stop_mirroring()
KVM: s390: vsie: Fix possible race when shadowing region 3 tables
* compiler.h: fix error in BUILD_BUG_ON() reporting
include/linux/compiler.h
* percpu_counter: fix a data race at vm_committed_as
include/linux/percpu_counter.h
* ext4: do not commit super on read-only bdev
fs/ext4/super.c
powerpc/maple: Fix declaration made after definition
s390/cpuinfo: fix wrong output when CPU0 is offline
NFS: direct.c: Fix memory leak of dreq when nfs_get_lock_context fails
clk: tegra: Fix Tegra PMC clock out parents
power: supply: bq27xxx_battery: Silence deferred-probe error
clk: at91: usb: continue if clk_hw_round_rate() return zero
of: unittest: kmemleak in of_unittest_platform_populate()
* arm64: cpu_errata: include required headers
arch/arm64/kernel/cpu_errata.c
* of: fix missing kobject init for !SYSFS && OF_DYNAMIC config
drivers/of/base.c
soc: qcom: smem: Use le32_to_cpu for comparison
wil6210: fix length check in __wmi_send
rtc: pm8xxx: Fix issue in RTC write path
wil6210: rate limit wil_rx_refill error
* scsi: ufs: ufs-qcom: remove broken hci version quirk
drivers/scsi/ufs/ufs-qcom.c
* scsi: ufs: make sure all interrupts are processed
drivers/scsi/ufs/ufshcd.c
wil6210: fix temperature debugfs
wil6210: increase firmware ready timeout
* Revert "gpio: set up initial state from .get_direction()"
drivers/gpio/gpiolib.c
* drm: NULL pointer dereference [null-pointer-deref] (CWE 476) problem
drivers/gpu/drm/drm_dp_mst_topology.c
video: fbdev: sis: Remove unnecessary parentheses and commented code
ALSA: hda: Don't release card at firmware loading error
* scsi: sg: add sg_remove_request in sg_common_write
drivers/scsi/sg.c
objtool: Fix switch table detection in .text.unlikely
* tracing: Fix the race between registering 'snapshot' event trigger and triggering 'snapshot' operation
kernel/trace/trace_events_trigger.c
scsi: target: fix hang when multiple threads try to destroy the same iscsi session
scsi: target: remove boilerplate code
kvm: x86: Host feature SSBD doesn't imply guest feature SPEC_CTRL_SSBD
dm flakey: check for null arg_name in parse_features()
* ext4: do not zeroout extents beyond i_disksize
fs/ext4/extents.c
mac80211_hwsim: Use kstrndup() in place of kasprintf()
btrfs: check commit root generation in should_ignore_root
* ALSA: usb-audio: Don't override ignore_ctl_error value from the map
sound/usb/mixer.c
ASoC: Intel: mrfld: return error codes when an error occurs
ASoC: Intel: mrfld: fix incorrect check on p->sink
* ext4: fix incorrect inodes per group in error message
fs/ext4/super.c
* ext4: fix incorrect group count in ext4_fill_super error message
fs/ext4/super.c
* jbd2: improve comments about freeing data buffers whose page mapping is NULL
fs/jbd2/commit.c
* scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic
drivers/scsi/ufs/ufshcd.c
* net: ipv6: do not consider routes via gateways for anycast address check
include/net/ip6_route.h
net: qrtr: send msgs from local of same id as broadcast
* net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin
net/ipv4/devinet.c
hsr: check protocol version in hsr_newlink()
mfd: dln2: Fix sanity checking for endpoints
misc: echo: Remove unnecessary parentheses and simplify check for zero
powerpc/fsl_booke: Avoid creating duplicate tlb1 entry
ipmi: fix hung processes in __get_guid()
* drm: Remove PageReserved manipulation from drm_pci_alloc
drivers/gpu/drm/drm_pci.c
* drm/dp_mst: Fix clearing payload state on topology disable
drivers/gpu/drm/drm_dp_mst_topology.c
Btrfs: fix crash during unmount due to race with delayed inode workers
powerpc/64/tm: Don't let userspace set regs->trap via sigreturn
libata: Return correct status in sata_pmp_eh_recover_pm() when ATA_DFLAG_DETACH is set
hfsplus: fix crash and filesystem corruption when deleting files
cpufreq: powernv: Fix use-after-free
* kmod: make request_module() return an error when autoloading is disabled
kernel/kmod.c
Input: i8042 - add Acer Aspire 5738z to nomux list
s390/diag: fix display of diagnose call statistics
ocfs2: no need try to truncate file beyond i_size
* ext4: fix a data race at inode->i_blocks
fs/ext4/inode.c
rtc: omap: Use define directive for PIN_CONFIG_ACTIVE_HIGH
* arm64: armv8_deprecated: Fix undef_hook mask for thumb setend
arch/arm64/kernel/armv8_deprecated.c
scsi: zfcp: fix missing erp_lock in port recovery trigger for point-to-point
* dm verity fec: fix memory leak in verity_fec_dtr
drivers/md/dm-verity-fec.c
* mm: Use fixed constant in page_frag_alloc instead of size + 1
mm/page_alloc.c
tools: gpio: Fix out-of-tree build regression
* x86/speculation: Remove redundant arch_smt_update() invocation
kernel/cpu.c
ALSA: hda: Initialize power_state field properly
crypto: mxs-dcp - fix scatterlist linearization for hash
btrfs: drop block from cache on error in relocation
KVM: VMX: fix crash cleanup when KVM wasn't used
KVM: VMX: Always VMCLEAR in-use VMCSes during crash with kexec support
KVM: x86: Allocate new rmap and large page tracking when moving memslot
KVM: s390: vsie: Fix delivery of addressing exceptions
KVM: s390: vsie: Fix region 1 ASCE sanity shadow address checks
x86/entry/32: Add missing ASM_CLAC to general_protection entry
* signal: Extend exec_id to 64bits
fs/exec.c
include/linux/sched.h
kernel/signal.c
ath9k: Handle txpower changes even when TPC is disabled
MIPS: OCTEON: irq: Fix potential NULL pointer dereference
irqchip/versatile-fpga: Apply clear-mask earlier
* KEYS: reaching the keys quotas correctly
security/keys/key.c
security/keys/keyctl.c
* thermal: devfreq_cooling: inline all stubs for CONFIG_DEVFREQ_THERMAL=n
include/linux/devfreq_cooling.h
acpi/x86: ignore unspecified bit positions in the ACPI global lock field
media: ti-vpe: cal: fix disable_irqs to only the intended target
ALSA: pcm: oss: Fix regression by buffer overflow fix
ALSA: ice1724: Fix invalid access for enumerated ctl items
ALSA: hda: Fix potential access overflow in beep helper
ALSA: hda: Add driver blacklist
* ALSA: usb-audio: Add mixer workaround for TRX40 and co
sound/usb/mixer_maps.c
* usb: gadget: composite: Inform controller driver of self-powered
drivers/usb/gadget/composite.c
* usb: gadget: f_fs: Fix use after free issue as part of queue failure
drivers/usb/gadget/function/f_fs.c
ASoC: topology: use name_prefix for new kcontrol
* ASoC: dpcm: allow start or stop during pause for backend
sound/soc/soc-pcm.c
* ASoC: dapm: connect virtual mux with default value
sound/soc/soc-dapm.c
* ASoC: fix regwmask
sound/soc/soc-ops.c
misc: rtsx: set correct pcr_ops for rts522A
btrfs: track reloc roots based on their commit root bytenr
btrfs: remove a BUG_ON() from merge_reloc_roots()
locking/lockdep: Avoid recursion in lockdep_count_{for,back}ward_deps()
x86/boot: Use unsigned comparison for addresses
gfs2: Don't demote a glock until its revokes are written
libata: Remove extra scsi_host_put() in ata_scsi_add_hosts()
selftests/x86/ptrace_syscall_32: Fix no-vDSO segfault
* sched: Avoid scale real weight down to zero
kernel/sched/sched.h
irqchip/versatile-fpga: Handle chained IRQs properly
i2c: st: fix missing struct parameter description
qlcnic: Fix bad kzalloc null test
net: vxge: fix wrong __VA_ARGS__ usage
bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads
Change-Id: I8e3db9ae637c39f066fe40e5fd6c38be92390f19
Signed-off-by: lucaswei <lucaswei@google.com>
|
||
|
Paul E. McKenney
|
eb6f402b87 |
locktorture: Print ratio of acquisitions, not failures
commit 80c503e0e68fbe271680ab48f0fe29bc034b01b7 upstream.
The __torture_print_stats() function in locktorture.c carefully
initializes local variable "min" to statp[0].n_lock_acquired, but
then compares it to statp[i].n_lock_fail. Given that the .n_lock_fail
field should normally be zero, and given the initialization, it seems
reasonable to display the maximum and minimum number acquisitions
instead of miscomputing the maximum and minimum number of failures.
This commit therefore switches from failures to acquisitions.
And this turns out to be not only a day-zero bug, but entirely my
own fault. I hate it when that happens!
Fixes:
|
||
|
Boqun Feng
|
7cdad70ba4 |
locking/lockdep: Avoid recursion in lockdep_count_{for,back}ward_deps()
[ Upstream commit 25016bd7f4caf5fc983bbab7403d08e64cba3004 ] Qian Cai reported a bug when PROVE_RCU_LIST=y, and read on /proc/lockdep triggered a warning: [ ] DEBUG_LOCKS_WARN_ON(current->hardirqs_enabled) ... [ ] Call Trace: [ ] lock_is_held_type+0x5d/0x150 [ ] ? rcu_lockdep_current_cpu_online+0x64/0x80 [ ] rcu_read_lock_any_held+0xac/0x100 [ ] ? rcu_read_lock_held+0xc0/0xc0 [ ] ? __slab_free+0x421/0x540 [ ] ? kasan_kmalloc+0x9/0x10 [ ] ? __kmalloc_node+0x1d7/0x320 [ ] ? kvmalloc_node+0x6f/0x80 [ ] __bfs+0x28a/0x3c0 [ ] ? class_equal+0x30/0x30 [ ] lockdep_count_forward_deps+0x11a/0x1a0 The warning got triggered because lockdep_count_forward_deps() call __bfs() without current->lockdep_recursion being set, as a result a lockdep internal function (__bfs()) is checked by lockdep, which is unexpected, and the inconsistency between the irq-off state and the state traced by lockdep caused the warning. Apart from this warning, lockdep internal functions like __bfs() should always be protected by current->lockdep_recursion to avoid potential deadlocks and data inconsistency, therefore add the current->lockdep_recursion on-and-off section to protect __bfs() in both lockdep_count_forward_deps() and lockdep_count_backward_deps() Reported-by: Qian Cai <cai@lca.pw> Signed-off-by: Boqun Feng <boqun.feng@gmail.com> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Link: https://lkml.kernel.org/r/20200312151258.128036-1-boqun.feng@gmail.com Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
lucaswei
|
ea8ebe3ab8 |
Merge android-4.9-q (4.9.210) into android-msm-pixel-4.9-lts
Merge 4.9.210 into android-4.9-q
Linux 4.9.210
drm/i915/gen9: Clear residual context state on context switch
netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present
* netfilter: arp_tables: init netns pointer in xt_tgchk_param struct
net/ipv4/netfilter/arp_tables.c
* USB: Fix: Don't skip endpoint descriptors with maxpacket=0
drivers/usb/core/config.c
rtl8xxxu: prevent leaking urb
scsi: bfa: release allocated memory in case of error
mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf
mwifiex: fix possible heap overflow in mwifiex_process_country_ie()
* tty: always relink the port
drivers/tty/tty_port.c
* tty: link tty and port before configuring it as console
drivers/tty/serial/serial_core.c
drivers/tty/tty_port.c
staging: rtl8188eu: Add device code for TP-Link TL-WN727N v5.21
staging: comedi: adv_pci1710: fix AI channels 16-31 for PCI-1713
usb: musb: dma: Correct parameter passed to IRQ handler
usb: musb: Disable pullup at init
usb: musb: fix idling for suspend after disconnect interrupt
USB: serial: option: add ZLP support for 0x1bc7/0x9010
staging: vt6656: set usb_set_intfdata on driver fail.
can: can_dropped_invalid_skb(): ensure an initialized headroom in outgoing CAN sk_buffs
can: mscan: mscan_rx_poll(): fix rx path lockup when returning from polling to irq mode
can: gs_usb: gs_usb_probe(): use descriptors of current altsetting
* drm/dp_mst: correct the shifting in DP_REMOTE_I2C_READ
drivers/gpu/drm/drm_dp_mst_topology.c
* Input: add safety guards to input_set_keycode()
drivers/input/input.c
* HID: hid-input: clear unmapped usages
drivers/hid/hid-input.c
* HID: uhid: Fix returning EPOLLOUT from uhid_char_poll
drivers/hid/uhid.c
* HID: Fix slab-out-of-bounds read in hid_field_extract
drivers/hid/hid-core.c
tracing: Have stack tracer compile when MCOUNT_INSN_SIZE is not defined
kernel/trace: Fix do not unregister tracepoints when register sched_migrate_task fail
* tcp: minimize false-positives on TCP/GRO check
net/ipv4/tcp_input.c
* ALSA: usb-audio: Apply the sample rate quirk for Bose Companion 5
sound/usb/quirks.c
usb: chipidea: host: Disable port power only if previously enabled
* chardev: Avoid potential use-after-free in 'chrdev_open()'
fs/char_dev.c
* kobject: Export kobject_get_unless_zero()
include/linux/kobject.h
lib/kobject.c
Merge 4.9.209 into android-4.9-q
Linux 4.9.209
USB: serial: option: add Telit ME910G1 0x110a composition
* USB: core: fix check for duplicate endpoints
drivers/usb/core/config.c
vlan: fix memory leak in vlan_dev_set_egress_priority
* net: sch_prio: When ungrafting, replace with FIFO
net/sched/sch_prio.c
vlan: vlan_changelink() should propagate errors
vxlan: fix tos value before xmit
* tcp: fix "old stuff" D-SACK causing SACK to be treated as D-SACK
net/ipv4/tcp_input.c
sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY
pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM
net: usb: lan78xx: fix possible skb leak
net: stmmac: dwmac-sunxi: Allow all RGMII modes
* macvlan: do not assume mac_header is set in macvlan_broadcast()
include/linux/if_ether.h
llc2: Fix return statement of llc_stat_ev_rx_null_dsap_xid_c (and _test_c)
parisc: Fix compiler warnings in debug_core.c
* block: fix memleak when __blk_rq_map_user_iov() is failed
block/blk-map.c
net: stmmac: RX buffer size must be 16 byte aligned
perf/x86/intel: Fix PT PMI handling
* kconfig: don't crash on NULL expressions in expr_eq()
scripts/kconfig/expr.c
regulator: rn5t618: fix module aliases
ASoC: wm8962: fix lambda value
* rfkill: Fix incorrect check to avoid NULL pointer dereference
net/rfkill/core.c
net: usb: lan78xx: Fix error message format specifier
bnx2x: Fix logic to get total no. of PFs per engine
bnx2x: Do not handle requests from VFs after parity
powerpc: Ensure that swiotlb buffer is allocated from low memory
samples: bpf: Replace symbol compare of trace_event
ARM: dts: am437x-gp/epos-evm: fix panel compatible
spi: spi-cavium-thunderx: Add missing pci_release_regions()
netfilter: uapi: Avoid undefined left-shift in xt_sctp.h
ARM: vexpress: Set-up shared OPP table instead of individual for each CPU
efi/gop: Fix memory leak in __gop_query32/64()
efi/gop: Return EFI_SUCCESS if a usable GOP was found
efi/gop: Return EFI_NOT_FOUND if there are no usable GOPs
* netfilter: ctnetlink: netns exit must wait for callbacks
net/netfilter/nf_conntrack_netlink.c
locking/spinlock/debug: Fix various data races
* pstore/ram: Write new dumps to start of recycled zones
fs/pstore/ram.c
locking/x86: Remove the unused atomic_inc_short() methd
xen/blkback: Avoid unmapping unmapped grant pages
s390/smp: fix physical to logical CPU map for SMT
* net: add annotations on hh->hh_len lockless accesses
include/net/neighbour.h
net/core/neighbour.c
net/ethernet/eth.c
ath9k_htc: Discard undersized packets
ath9k_htc: Modify byte order for an error message
rxrpc: Fix possible NULL pointer access in ICMP handling
powerpc/pseries/hvconsole: Fix stack overread via udbg
* drm/mst: Fix MST sideband up-reply failure handling
drivers/gpu/drm/drm_dp_mst_topology.c
* fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP
fs/compat_ioctl.c
tty: serial: msm_serial: Fix lockup for sysrq and oops
media: usb: fix memory leak in af9005_identify_state
regulator: ab8500: Remove AB8505 USB regulator
media: flexcop-usb: ensure -EIO is returned on error condition
* Bluetooth: Fix memory leak in hci_connect_le_scan
net/bluetooth/hci_conn.c
* Bluetooth: delete a stray unlock
net/bluetooth/l2cap_core.c
Bluetooth: btusb: fix PM leak in error case of setup
xfs: don't check for AG deadlock for realtime files in bunmapi
nfsd4: fix up replay_matches_cache()
* PM / devfreq: Check NULL governor in available_governors_show
drivers/devfreq/devfreq.c
* arm64: Revert support for execute-only user mappings
arch/arm64/include/asm/pgtable-prot.h
arch/arm64/include/asm/pgtable.h
arch/arm64/mm/fault.c
mm/mmap.c
ftrace: Avoid potential division by zero in function profiler
ALSA: cs4236: fix error return comparison of an unsigned integer
tracing: Have the histogram compare functions convert to u64 first
* gpiolib: fix up emulated open drain outputs
drivers/gpio/gpiolib.c
ata: ahci_brcm: Fix AHCI resources management
ata: ahci_brcm: Allow optional reset controller to be used
ata: libahci_platform: Export again ahci_platform_<en/dis>able_phys()
* compat_ioctl: block: handle Persistent Reservations
block/compat_ioctl.c
* dmaengine: Fix access to uninitialized dma_slave_caps
include/linux/dmaengine.h
* locks: print unsigned ino in /proc/locks
fs/locks.c
* memcg: account security cred as well to kmemcg
kernel/cred.c
* mm/zsmalloc.c: fix the migrated zspage statistics.
mm/zsmalloc.c
MIPS: Avoid VDSO ABI breakage due to global register variable
ALSA: ice1724: Fix sleep-in-atomic in Infrasonic Quartet support code
Revert "perf report: Add warning when libunwind not compiled in"
* drm: limit to INT_MAX in create_blob ioctl
drivers/gpu/drm/drm_property.c
* taskstats: fix data-race
kernel/taskstats.c
xfs: fix mount failure crash on invalid iclog memory access
PM / hibernate: memory_bm_find_bit(): Tighten node optimisation
xen/balloon: fix ballooned page accounting without hotplug enabled
xen-blkback: prevent premature module unload
IB/mlx4: Follow mirror sequence of device add during device removal
s390/cpum_sf: Avoid SBD overflow condition in irq handler
s390/cpum_sf: Adjust sampling interval to avoid hitting sample limits
md: raid1: check rdev before reference in raid1_sync_request func
usb: gadget: fix wrong endpoint desc
scsi: libsas: stop discovering if oob mode is disconnected
scsi: iscsi: qla4xxx: fix double free in probe
scsi: qla2xxx: Don't call qlt_async_event twice
scsi: lpfc: Fix memory leak on lpfc_bsg_write_ebuf_set func
RDMA/cma: add missed unregister_pernet_subsys in init failure
* PM / devfreq: Don't fail devfreq_dev_release if not in list
drivers/devfreq/devfreq.c
* arm64: alternatives: use tpidr_el2 on VHE hosts
arch/arm64/mm/proc.S
Merge 4.9.208 into android-4.9-q
Linux 4.9.208
gtp: avoid zero size hashtable
gtp: fix wrong condition in gtp_genl_dump_pdp()
* tcp: do not send empty skb from tcp_write_xmit()
net/ipv4/tcp_output.c
* tcp/dccp: fix possible race __inet_lookup_established()
include/linux/rculist_nulls.h
include/net/inet_hashtables.h
include/net/sock.h
net/ipv4/inet_diag.c
net/ipv4/inet_hashtables.c
net/ipv4/tcp_ipv4.c
net/ipv6/inet6_hashtables.c
vhost/vsock: accept only packets with the right dst_cid
net: ena: fix napi handler misbehavior when the napi budget is zero
* mmc: sdhci: Update the tuning failed messages to pr_debug level
drivers/mmc/host/sdhci.c
pinctrl: baytrail: Really serialize all register accesses
tty/serial: atmel: fix out of range clock divider handling
* hrtimer: Annotate lockless access to timer->state
include/linux/hrtimer.h
kernel/time/hrtimer.c
* net: icmp: fix data-race in cmp_global_allow()
net/ipv4/icmp.c
netfilter: bridge: make sure to pull arp header in br_nf_forward_arp()
6pack,mkiss: fix possible deadlock
* netfilter: ebtables: compat: reject all padding in matches/watchers
net/bridge/netfilter/ebtables.c
* filldir[64]: remove WARN_ON_ONCE() for bad directory entries
fs/readdir.c
* Make filldir[64]() verify the directory entry filename is valid
fs/readdir.c
perf strbuf: Remove redundant va_end() in strbuf_addv()
ALSA: hda - Downgrade error message for single-cmd fallback
* net, sysctl: Fix compiler warning when only cBPF is present
net/core/sysctl_net_core.c
x86/mce: Fix possibly incorrect severity calculation on AMD
* kernel: sysctl: make drop_caches write-only
kernel/sysctl.c
ocfs2: fix passing zero to 'PTR_ERR' warning
s390/cpum_sf: Check for SDBT and SDB consistency
* libfdt: define INT32_MAX and UINT32_MAX in libfdt_env.h
include/linux/libfdt_env.h
perf regs: Make perf_reg_name() return "unknown" instead of NULL
cdrom: respect device capabilities during opening action
* scripts/kallsyms: fix definitely-lost memory leak
scripts/kallsyms.c
gpio: mpc8xxx: Don't overwrite default irq_set_type callback
scsi: target: iscsi: Wait for all commands to finish before freeing a session
scsi: scsi_debug: num_tgts must be >= 0
scsi: pm80xx: Fix for SATA device discovery
* ext4: work around deleting a file with i_nlink == 0 safely
fs/ext4/namei.c
* HID: Improve Windows Precision Touchpad detection.
drivers/hid/hid-core.c
bcache: at least try to shrink 1 node in bch_mca_scan()
clk: pxa: fix one of the pxa RTC clocks
scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE
powerpc/security: Fix wrong message when RFI Flush is disable
powerpc/pseries/cmm: Implement release() function for sysfs device
* scsi: ufs: fix potential bug which ends in system hang
drivers/scsi/ufs/ufshcd.c
scsi: lpfc: fix: Coverity: lpfc_cmpl_els_rsp(): Null pointer dereferences
* fs/quota: handle overflows of sysctl fs.quota.* and report as unsigned long
fs/quota/dquot.c
include/linux/quota.h
irqchip: ingenic: Error out if IRQ domain creation failed
irqchip/irq-bcm7038-l1: Enable parent IRQ if necessary
* clk: qcom: Allow constant ratio freq tables for rcg
drivers/clk/qcom/clk-rcg2.c
drivers/clk/qcom/common.c
scsi: lpfc: Fix duplicate unreg_rpi error in port offline flow
* scsi: tracing: Fix handling of TRANSFER LENGTH == 0 for READ(6) and WRITE(6)
drivers/scsi/scsi_trace.c
* jbd2: Fix statistics for the number of logged blocks
fs/jbd2/commit.c
powerpc/book3s64/hash: Add cond_resched to avoid soft lockup warning
powerpc/security/book3s64: Report L1TF status in sysfs
clocksource/drivers/asm9260: Add a check for of_clk_get
dma-debug: add a schedule point in debug_dma_dump_mappings()
powerpc/pseries: Don't fail hash page table insert for bolted mapping
powerpc/pseries: Mark accumulate_stolen_time() as notrace
scsi: csiostor: Don't enable IRQs too early
scsi: lpfc: Fix SLI3 hba in loop mode not discovering devices
scsi: target: compare full CHAP_A Algorithm strings
iommu/tegra-smmu: Fix page tables in > 4 GiB memory
Input: atmel_mxt_ts - disable IRQ across suspend
scsi: lpfc: Fix locking on mailbox command completion
scsi: mpt3sas: Fix clear pending bit in ioctl status
perf probe: Fix to show function entry line as probe-able
mmc: sdhci-of-esdhc: fix P2020 errata handling
powerpc/irq: fix stack overflow verification
* ext4: check for directory entries too close to block end
fs/ext4/dir.c
* ext4: fix ext4_empty_dir() for directories with holes
fs/ext4/namei.c
staging: comedi: gsc_hpdi: check dma_alloc_coherent() return value
platform/x86: hp-wmi: Make buffer for HPWMI_FEATURE2_QUERY 128 bytes
USB: EHCI: Do not return -EPIPE when hub is disconnected
usbip: Fix error path of vhci_recv_ret_submit()
* net: dst: Force 4-byte alignment of dst_metrics
include/net/dst.h
sctp: fully initialize v4 addr in some functions
net: usb: lan78xx: Fix suspend/resume PHY register access error
net: qlogic: Fix error paths in ql_alloc_large_buffers()
net: nfc: nci: fix a possible sleep-in-atomic-context bug in nci_uart_tty_receive()
net: hisilicon: Fix a BUG trigered by wrong bytes_compl
* mod_devicetable: fix PHY module format
include/linux/mod_devicetable.h
fjes: fix missed check in fjes_acpi_add
* af_packet: set defaule value for tmo
net/packet/af_packet.c
Btrfs: fix removal logic of the tree mod log that leads to use-after-free issues
btrfs: abort transaction after failed inode updates in create_subvol
btrfs: return error pointer from alloc_test_extent_buffer
btrfs: do not call synchronize_srcu() in inode_tree_del
btrfs: don't double lock the subvol_sem for rename exchange
* usb: xhci: Fix build warning seen with CONFIG_PM=n
drivers/usb/host/xhci-pci.c
* Revert "mmc: sdhci: Fix incorrect switch to HS mode"
drivers/mmc/host/sdhci.c
btrfs: don't prematurely free work in reada_start_machine_worker()
* net: phy: initialise phydev speed and duplex sanely
drivers/net/phy/phy_device.c
libtraceevent: Fix memory leakage in copy_filter_type
* crypto: vmx - Avoid weird build failures
drivers/crypto/vmx/Makefile
crypto: sun4i-ss - Fix 64-bit size_t warnings on sun4i-ss-hash.c
fbtft: Make sure string is NULL terminated
iwlwifi: check kasprintf() return value
x86/insn: Add some Intel instructions to the opcode map
spi: st-ssc4: add missed pm_runtime_disable
btrfs: don't prematurely free work in run_ordered_work()
btrfs: don't prematurely free work in end_workqueue_fn()
mmc: tmio: Add MMC_CAP_ERASE to allow erase/discard/trim requests
spi: tegra20-slink: add missed clk_unprepare
iwlwifi: mvm: fix unaligned read of rx_pkt_status
x86/crash: Add a forward declaration of struct kimage
* cpufreq: Register drivers only after CPU devices have been registered
drivers/cpufreq/cpufreq.c
parport: load lowlevel driver if ports not found
s390/disassembler: don't hide instruction addresses
ASoC: rt5677: Mark reg RT5677_PWR_ANLG2 as volatile
spi: pxa2xx: Add missed security checks
EDAC/ghes: Fix grain calculation
media: si470x-i2c: add missed operations in remove
media: pvrusb2: Fix oops on tear-down when radio support is not present
ath10k: fix get invalid tx rate for Mesh metric
perf probe: Filter out instances except for inlined subroutine and subprogram
perf probe: Skip end-of-sequence and non statement lines
perf probe: Fix to show calling lines of inlined functions
perf probe: Return a better scope DIE if there is no best scope
perf probe: Skip overlapped location on searching variables
perf probe: Fix to probe a function which has no entry pc
perf probe: Fix to show inlined function callsite without entry_pc
perf probe: Fix to show ranges of variables in functions without entry_pc
perf probe: Fix to probe an inline function which has no entry pc
perf probe: Walk function lines in lexical blocks
perf probe: Fix to list probe event with correct line number
perf probe: Fix to find range-only function instance
rtlwifi: fix memory leak in rtl92c_set_fw_rsvdpagepkt()
* ALSA: timer: Limit max amount of slave instances
sound/core/timer.c
spi: img-spfi: fix potential double release
bnx2x: Fix PF-VF communication over multi-cos queues.
* Bluetooth: Fix advertising duplicated flags
net/bluetooth/hci_request.c
pinctrl: sh-pfc: sh7734: Fix duplicate TCLK1_B
libata: Ensure ata_port probe has completed before detach
* arm64: psci: Reduce the waiting time for cpu_psci_cpu_kill()
arch/arm64/kernel/psci.c
x86/ioapic: Prevent inconsistent state when moving an interrupt
rtl8xxxu: fix RTL8723BU connection failure issue after warm reboot
drm/gma500: fix memory disclosures due to uninitialized bytes
x86/mce: Lower throttling MCE messages' priority to warning
* Bluetooth: hci_core: fix init for HCI_USER_CHANNEL
net/bluetooth/hci_core.c
iio: adc: max1027: Reset the device at probe time
* usb: usbfs: Suppress problematic bind and unbind uevents.
drivers/usb/core/devio.c
perf report: Add warning when libunwind not compiled in
perf test: Report failure for mmap events
x86/mm: Use the correct function type for native_set_fixmap()
extcon: sm5502: Reset registers during initialization
media: ti-vpe: vpe: Make sure YUYV is set as default format
media: ti-vpe: vpe: fix a v4l2-compliance failure about frame sequence number
media: ti-vpe: vpe: fix a v4l2-compliance warning about invalid pixel format
mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring
samples: pktgen: fix proc_cmd command result check logic
media: cec-funcs.h: add status_req checks
media: flexcop-usb: fix NULL-ptr deref in flexcop_usb_transfer_init()
regulator: max8907: Fix the usage of uninitialized variable in max8907_regulator_probe()
hwrng: omap3-rom - Call clk_disable_unprepare() on exit only if not idled
usb: renesas_usbhs: add suspend event support in gadget mode
tools/power/cpupower: Fix initializer override in hsw_ext_cstates
media: ov6650: Fix stored frame format not in sync with hardware
media: i2c: ov2659: Fix missing 720p register config
media: i2c: ov2659: fix s_stream return value
media: am437x-vpfe: Setting STD to current value is not an error
IB/iser: bound protection_sg size by data_sg size
libertas: fix a potential NULL pointer dereference
rtlwifi: prevent memory leak in rtl_usb_probe
staging: rtl8188eu: fix possible null dereference
staging: rtl8192u: fix multiple memory leaks on error path
* spi: Add call to spi_slave_abort() function when spidev driver is released
drivers/spi/spidev.c
iio: light: bh1750: Resolve compiler warning and make code more readable
drm/bridge: analogix-anx78xx: silence -EPROBE_DEFER warnings
* drm: mst: Fix query_payload ack reply struct
include/drm/drm_dp_mst_helper.h
ALSA: hda/ca0132 - Avoid endless loop
ALSA: hda/ca0132 - Keep power on during processing DSP response
* ALSA: pcm: Avoid possible info leaks from PCM stream buffers
sound/core/pcm_native.c
btrfs: handle ENOENT in btrfs_uuid_tree_iterate
btrfs: do not leak reloc root if we fail to read the fs root
btrfs: skip log replay on orphaned roots
* UPSTREAM: HID: input: map digitizer battery usage
drivers/hid/hid-input.c
include/linux/hid.h
ANDROID: cuttlefish_defconfig: Disable TRANSPARENT_HUGEPAGE
Merge 4.9.207 into android-4.9-q
Linux 4.9.207
net: stmmac: don't stop NAPI processing when dropping a packet
net: stmmac: use correct DMA buffer size in the RX descriptor
* xhci: fix USB3 device initiated resume race with roothub autosuspend
drivers/usb/host/xhci-hub.c
drivers/usb/host/xhci-ring.c
drivers/usb/host/xhci.h
drm/radeon: fix r1xx/r2xx register checker for POT textures
scsi: iscsi: Fix a potential deadlock in the timeout handler
dm btree: increase rebalance threshold in __rebalance2()
* dma-buf: Fix memory leak in sync_file_merge()
drivers/dma-buf/sync_file.c
vfio/pci: call irq_bypass_unregister_producer() before freeing irq
ARM: tegra: Fix FLOW_CTLR_HALT register clobbering by tegra_resume()
ARM: dts: s3c64xx: Fix init order of clock providers
CIFS: Respect O_SYNC and O_DIRECT flags during reconnect
xtensa: fix TLB sanity checker
* PCI/MSI: Fix incorrect MSI-X masking on resume
drivers/pci/msi.c
* PCI: Fix Intel ACS quirk UPDCR register address
drivers/pci/quirks.c
* Revert "regulator: Defer init completion for a while after late_initcall"
drivers/regulator/core.c
* tcp: Protect accesses to .ts_recent_stamp with {READ,WRITE}_ONCE()
include/net/tcp.h
* tcp: tighten acceptance of ACKs not matching a child socket
include/net/tcp.h
* tcp: fix rejected syncookies due to stale timestamps
include/linux/time.h
include/net/tcp.h
* inet: protect against too small mtu values.
include/linux/netdevice.h
include/net/ip.h
net/core/dev.c
net/ipv4/devinet.c
net/ipv4/ip_output.c
tipc: fix ordering of tipc module init and exit routine
* tcp: md5: fix potential overestimation of TCP option space
net/ipv4/tcp_output.c
openvswitch: support asymmetric conntrack
net: ethernet: ti: cpsw: fix extra rx interrupt
* net: bridge: deny dev_set_mac_address() when unregistering
net/bridge/br_device.c
nvme: host: core: fix precedence of ternary operator
* kernel/module.c: wakeup processes in module_wq on module unload
kernel/module.c
net/mlx5e: Fix SFF 8472 eeprom length
sunrpc: fix crash when cache_head become valid before update
* workqueue: Fix missing kfree(rescuer) in destroy_workqueue()
kernel/workqueue.c
* blk-mq: make sure that line break can be printed
block/blk-mq-sysfs.c
* ext4: fix a bug in ext4_wait_for_tail_page_commit
fs/ext4/inode.c
* mm/shmem.c: cast the type of unmap_start to u64
mm/shmem.c
* firmware: qcom: scm: Ensure 'a0' status code is treated as signed
drivers/firmware/qcom_scm-64.c
reiserfs: fix extended attributes on the root directory
powerpc: Fix vDSO clock_getres()
scsi: qla2xxx: Always check the qla2x00_wait_for_hba_online() return value
scsi: qla2xxx: Fix qla24xx_process_bidir_cmd()
scsi: qla2xxx: Fix session lookup in qlt_abort_work()
scsi: qla2xxx: Fix DMA unmap leak
pinctrl: samsung: Fix device node refcount leaks in S3C64xx wakeup controller init
ARM: dts: omap3-tao3530: Fix incorrect MMC card detection GPIO polarity
ath10k: fix fw crash by moving chip reset after napi disabled
x86/MCE/AMD: Carve out the MC4_MISC thresholding quirk
x86/MCE/AMD: Turn off MC4_MISC thresholding on all family 0x15 models
e100: Fix passing zero to 'PTR_ERR' warning in e100_load_ucode_wait
scsi: lpfc: Cap NPIV vports to 256
omap: pdata-quirks: remove openpandora quirks for mmc3 and wl1251
Btrfs: fix negative subv_writers counter and data space leak after buffered write
iio: adis16480: Add debugfs_reg_access entry
* xhci: make sure interrupts are restored to correct state
drivers/usb/host/xhci-hub.c
* xhci: Fix memory leak in xhci_add_in_port()
drivers/usb/host/xhci-mem.c
* usb: xhci: only set D3hot for pci device
drivers/usb/host/xhci-pci.c
drivers/usb/host/xhci.c
drivers/usb/host/xhci.h
scsi: zfcp: trace channel log even for FCP command responses
* quota: fix livelock in dquot_writeback_dquots
fs/quota/dquot.c
ext2: check err when partial != NULL
* quota: Check that quota is not dirty before release
fs/quota/dquot.c
include/linux/quotaops.h
* video/hdmi: Fix AVI bar unpack
drivers/video/hdmi.c
powerpc: Allow 64bit VDSO __kernel_sync_dicache to work across ranges >4GB
ppdev: fix PPGETTIME/PPSETTIME ioctls
mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of pandora_wl1251_init_card
pinctrl: samsung: Fix device node refcount leaks in init code
pinctrl: samsung: Fix device node refcount leaks in S3C24xx wakeup controller init
ACPI: PM: Avoid attaching ACPI PM domain to certain devices
ACPI: bus: Fix NULL pointer check in acpi_bus_get_private_data()
ACPI: OSL: only free map once in osl.c
* PM / devfreq: Lock devfreq in trans_stat_show
drivers/devfreq/devfreq.c
* cpuidle: Do not unset the driver if it is there already
drivers/cpuidle/driver.c
media: radio: wl1273: fix interrupt masking on release
media: bdisp: fix memleak on release
ar5523: check NULL before memcpy() in ar5523_cmd()
cgroup: pids: use atomic64_t for pids->limit
* blk-mq: avoid sysfs buffer overflow with too many CPU cores
block/blk-mq-sysfs.c
* ASoC: Jack: Fix NULL pointer dereference in snd_soc_jack_report
sound/soc/soc-jack.c
* workqueue: Fix pwq ref leak in rescuer_thread()
kernel/workqueue.c
* workqueue: Fix spurious sanity check failures in destroy_workqueue()
kernel/workqueue.c
ALSA: hda - Fix pending unsol events at shutdown
lib: raid6: fix awk build warnings
rtlwifi: rtl8192de: Fix missing enable interrupt flag
rtlwifi: rtl8192de: Fix missing callback that tests for hw release of buffer
rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address
btrfs: record all roots for rename exchange on a subvol
Btrfs: send, skip backreference walking for extents with many references
btrfs: Remove btrfs_bio::flags member
btrfs: check page->mapping when loading free space cache
virtio-balloon: fix managed page counts when migrating pages between zones
mtd: spear_smi: Fix Write Burst mode
usb: mon: Fix a deadlock in usbmon between mmap and read
* usb: core: urb: fix URB structure initialization function
drivers/usb/core/urb.c
USB: adutux: fix interface sanity check
USB: serial: io_edgeport: fix epic endpoint lookup
USB: idmouse: fix interface sanity checks
USB: atm: ueagle-atm: add missing endpoint check
iio: humidity: hdc100x: fix IIO_HUMIDITYRELATIVE channel reporting
ARM: dts: pandora-common: define wl1251 as child node of mmc3
* xhci: Increase STS_HALT timeout in xhci_suspend()
drivers/usb/host/xhci.c
staging: gigaset: add endpoint-type sanity check
staging: gigaset: fix illegal free on probe errors
staging: gigaset: fix general protection fault on probe
staging: rtl8712: fix interface sanity check
staging: rtl8188eu: fix interface sanity check
* usb: Allow USB device to be warm reset in suspended state
drivers/usb/core/hub.c
USB: uas: heed CAPACITY_HEURISTICS
USB: uas: honor flag to avoid CAPACITY16
* usb: gadget: configfs: Fix missing spin_lock_init()
drivers/usb/gadget/configfs.c
appletalk: Set error code if register_snap_client failed
* appletalk: Fix potential NULL pointer dereference in unregister_snap_client
include/linux/atalk.h
KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)
* thermal: Fix deadlock in thermal thermal_zone_device_check
drivers/thermal/thermal_core.c
RDMA/qib: Validate ->show()/store() callbacks before calling them
spi: atmel: Fix CS high support
crypto: user - fix memory leak in crypto_report
crypto: ecdh - fix big endian bug in ECC library
crypto: ccp - fix uninitialized list head
crypto: crypto4xx - fix double-free in crypto4xx_destroy_sdr
KVM: x86: fix presentation of TSX feature in ARCH_CAPABILITIES
KVM: x86: do not modify masked bits of shared MSRs
drm/i810: Prevent underflow in ioctl
* jbd2: Fix possible overflow in jbd2_log_space_left()
include/linux/jbd2.h
can: slcan: Fix use-after-free Read in slcan_open
* tty: vt: keyboard: reject invalid keycodes
drivers/tty/vt/keyboard.c
CIFS: Fix SMB2 oplock break processing
CIFS: Fix NULL-pointer dereference in smb2_push_mandatory_locks
x86/PCI: Avoid AMD FCH XHCI USB PME# from D0 defect
coresight: etm4x: Fix input validation for sysfs.
Input: goodix - add upside-down quirk for Teclast X89 tablet
ALSA: pcm: oss: Avoid potential buffer overflows
* fuse: verify attributes
fs/fuse/dir.c
fs/fuse/fuse_i.h
* fuse: verify nlink
fs/fuse/dir.c
* sched/fair: Scale bandwidth quota and period without losing quota/period ratio precision
kernel/sched/fair.c
ARM: dts: sunxi: Fix PMU compatible strings
mlx4: Use snprintf instead of complicated strcpy
media: stkwebcam: Bugfix for wrong return values
* tty: Don't block on IO when ldisc change is pending
drivers/tty/n_tty.c
drivers/tty/tty_ldisc.c
include/linux/tty.h
nfsd: Return EPERM, not EACCES, in some SETATTR cases
MIPS: OCTEON: cvmx_pko_mem_debug8: use oldest forward compatible definition
powerpc/math-emu: Update macros from GCC
net/mlx4_core: Fix return codes of unsupported operations
dlm: fix invalid cluster name warning
ARM: dts: realview: Fix some more duplicate regulator nodes
clk: sunxi-ng: h3/h5: Fix CSI_MCLK parent
ARM: dts: pxa: clean up USB controller nodes
mtd: fix mtd_oobavail() incoherent returned value
* kbuild: fix single target build for external module
Makefile
* modpost: skip ELF local symbols during section mismatch check
scripts/mod/modpost.c
* tcp: fix SNMP TCP timeout under-estimation
net/ipv4/tcp_timer.c
* tcp: fix off-by-one bug on aborting window-probing socket
net/ipv4/tcp_timer.c
ARM: dts: realview-pbx: Fix duplicate regulator nodes
ARM: dts: mmp2: fix the gpio interrupt cell number
net/x25: fix null_x25_address handling
net/x25: fix called/calling length calculation in x25_parse_address_block
ARM: OMAP1/2: fix SoC name printing
nfsd: fix a warning in __cld_pipe_upcall()
ARM: debug: enable UART1 for socfpga Cyclone5
dlm: NULL check before kmem_cache_destroy is not needed
i2c: imx: don't print error message on probe defer
serial: imx: fix error handling in console_setup
altera-stapl: check for a null key before strcasecmp'ing it
* dma-mapping: fix return type of dma_set_max_seg_size()
include/linux/dma-mapping.h
* ACPI: fix acpi_find_child_device() invocation in acpi_preset_companion()
include/linux/acpi.h
* usb: dwc3: don't log probe deferrals; but do log other error codes
drivers/usb/dwc3/core.c
dmaengine: coh901318: Remove unused variable
dmaengine: coh901318: Fix a double-lock bug
media: pulse8-cec: return 0 when invalidating the logical address
ARM: dts: exynos: Use Samsung SoC specific compatible for DWC2 module
rtc: dt-binding: abx80x: fix resistance scale
rtc: max8997: Fix the returned value in case of error in 'max8997_rtc_read_alarm()'
math-emu/soft-fp.h: (_FP_ROUND_ZERO) cast 0 to void to fix warning
MIPS: OCTEON: octeon-platform: fix typing
* regulator: Fix return value of _set_load() stub
include/linux/regulator/consumer.h
Staging: iio: adt7316: Fix i2c data reading, set the data field
pinctrl: qcom: ssbi-gpio: fix gpio-hog related boot issues
scsi: zfcp: drop default switch case which might paper over missing case
MIPS: SiByte: Enable ZONE_DMA32 for LittleSur
dlm: fix missing idr_destroy for recover_idr
ARM: dts: rockchip: Fix rk3288-rock2 vcc_flash name
clk: rockchip: fix rk3188 sclk_mac_lbtest parameter ordering
clk: rockchip: fix rk3188 sclk_smc gate data
extcon: max8997: Fix lack of path setting in USB device mode
net/mlx5: Release resource on error flow
ARM: 8813/1: Make aligned 2-byte getuser()/putuser() atomic on ARMv6+
iwlwifi: mvm: Send non offchannel traffic via AP sta
cxgb4vf: fix memleak in mac_hlist initialization
* serial: core: Allow processing sysrq at port unlock time
include/linux/serial_core.h
net: ep93xx_eth: fix mismatch of request_mem_region in remove
rsxx: add missed destroy_workqueue calls in remove
* ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed()
sound/core/pcm_lib.c
Input: cyttsp4_core - fix use after free bug
NFC: nxp-nci: Fix NULL pointer dereference after I2C communication error
audit_get_nd(): don't unlock parent too early
exportfs_decode_fh(): negative pinned may become positive without the parent locked
RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN
autofs: fix a leak in autofs_expire_indirect()
serial: ifx6x60: add missed pm_runtime_disable
* serial: serial_core: Perform NULL checks for break_ctl ops
drivers/tty/serial/serial_core.c
serial: pl011: Fix DMA ->flush_buffer()
tty: serial: msm_serial: Fix flow control
tty: serial: fsl_lpuart: use the sg count from dma_map_sg
usb: gadget: u_serial: add missing port entry locking
arm64: tegra: Fix 'active-low' warning for Jetson TX1 regulator
* UPSTREAM: binder: fix incorrect calculation for num_valid
drivers/android/binder.c
* ANDROID: sched/core: Fix arm32 allmodconfig build-break
include/trace/events/sched.h
* BACKPORT: bpf: permit multiple bpf attachments for a single perf event
include/linux/bpf.h
include/linux/trace_events.h
include/trace/perf.h
kernel/bpf/core.c
kernel/events/core.c
kernel/trace/bpf_trace.c
kernel/trace/trace_kprobe.c
* UPSTREAM: bpf: use the same condition in perf event set/free bpf handler
kernel/events/core.c
* BACKPORT: bpf: multi program support for cgroup+bpf
include/linux/bpf-cgroup.h
include/linux/bpf.h
include/linux/filter.h
include/uapi/linux/bpf.h
kernel/bpf/cgroup.c
kernel/bpf/core.c
kernel/bpf/syscall.c
kernel/cgroup.c
Merge 4.9.206 into android-4.9-q
Linux 4.9.206
net: fec: fix clock count mis-match
platform/x86: hp-wmi: Fix ACPI errors caused by too small buffer
hwrng: stm32 - fix unbalanced pm_runtime_enable
* HID: core: check whether Usage Page item is after Usage ID items
drivers/hid/hid-core.c
* net: sched: fix `tc -s class show` no bstats on class with nolock subqueues
net/sched/sch_mq.c
net/sched/sch_multiq.c
net/sched/sch_prio.c
* sctp: cache netns in sctp_ep_common
include/net/sctp/structs.h
tipc: fix link name length check
openvswitch: remove another BUG_ON()
openvswitch: drop unneeded BUG_ON() in ovs_flow_cmd_build_info()
slip: Fix use-after-free Read in slip_open
openvswitch: fix flow command message size
macvlan: schedule bc_work even if error
media: atmel: atmel-isc: fix asd memory allocation
* pwm: Clear chip_data in pwm_put()
drivers/pwm/core.c
net: macb: fix error format in dev_err()
* media: v4l2-ctrl: fix flags for DO_WHITE_BALANCE
drivers/media/v4l2-core/v4l2-ctrls.c
mei: bus: prefix device names on bus with the bus name
USB: serial: ftdi_sio: add device IDs for U-Blox C099-F9P
staging: rtl8192e: fix potential use after free
clk: at91: fix update bit maps on CFG_MOR write
mm, gup: add missing refcount overflow checks on x86 and s390
mtd: Remove a debug trace in mtdpart.c
powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property()
scsi: libsas: Check SMP PHY control function result
ACPI / APEI: Switch estatus pool to use vmalloc memory
scsi: libsas: Support SATA PHY connection rate unmatch fixing during discovery
iommu/amd: Fix NULL dereference bug in match_hid_uid
* net: dev: Use unsigned integer as an argument to left-shift
include/linux/netdevice.h
sctp: don't compare hb_timer expire date before starting it
* net: fix possible overflow in __sk_mem_raise_allocated()
include/net/sock.h
net/core/sock.c
sfc: initialise found bitmap in efx_ef10_mtd_probe
tipc: fix skb may be leaky in tipc_link_input
decnet: fix DN_IFREQ_SIZE
* ip_tunnel: Make none-tunnel-dst tunnel port work with lwtunnel
net/ipv4/ip_tunnel.c
sfc: suppress duplicate nvmem partition types in efx_ef10_mtd_probe
* net/core/neighbour: fix kmemleak minimal reference count for hash tables
net/core/neighbour.c
* net/core/neighbour: tell kmemleak about hash tables
net/core/neighbour.c
tipc: fix memory leak in tipc_nl_compat_publ_dump
mtd: Check add_mtd_device() ret code
* lib/genalloc.c: include vmalloc.h
lib/genalloc.c
* drivers/base/platform.c: kmemleak ignore a known leak
drivers/base/platform.c
* lib/genalloc.c: use vzalloc_node() to allocate the bitmap
lib/genalloc.c
* lib/genalloc.c: fix allocation of aligned buffer from non-aligned chunk
include/linux/genalloc.h
lib/genalloc.c
* vmscan: return NODE_RECLAIM_NOSCAN in node_reclaim() when CONFIG_NUMA is n
include/linux/swap.h
mm/internal.h
ocfs2: clear journal dirty flag after shutdown journal
net/wan/fsl_ucc_hdlc: Avoid double free in ucc_hdlc_probe()
tipc: fix a missing check of genlmsg_put
atl1e: checking the status of atl1e_write_phy_reg
net: dsa: bcm_sf2: Propagate error value from mdio_write
net: stmicro: fix a missing check of clk_prepare
um: Make GCOV depend on !KCOV
* net/net_namespace: Check the return value of register_pernet_subsys()
net/core/net_namespace.c
pwm: clps711x: Fix period calculation
crypto: mxc-scc - fix build warnings on ARM64
powerpc/pseries: Fix node leak in update_lmb_associativity_index()
powerpc/83xx: handle machine check caused by watchdog timer
regulator: tps65910: fix a missing check of return value
drbd: fix print_st_err()'s prototype to match the definition
drbd: do not block when adjusting "disk-options" while IO is frozen
drbd: reject attach of unsuitable uuids even if connected
drbd: ignore "all zero" peer volume sizes in handshake
powerpc/powernv/eeh/npu: Fix uninitialized variables in opal_pci_eeh_freeze_status
vfio/spapr_tce: Get rid of possible infinite loop
powerpc/44x/bamboo: Fix PCI range
powerpc/mm: Make NULL pointer deferences explicit on bad page faults.
powerpc/prom: fix early DEBUG messages
ath6kl: Fix off by one error in scan completion
ath6kl: Only use match sets when firmware supports it
scsi: csiostor: fix incorrect dma device in case of vport
scsi: qla2xxx: deadlock by configfs_depend_item
RDMA/srp: Propagate ib_post_send() failures to the SCSI mid-layer
openrisc: Fix broken paths to arch/or32
serial: max310x: Fix tx_empty() callback
drivers/regulator: fix a missing check of return value
powerpc/xmon: fix dump_segments()
powerpc/book3s/32: fix number of bats in p/v_block_mapped()
IB/qib: Fix an error code in qib_sdma_verbs_send()
xfs: Fix bulkstat compat ioctls on x32 userspace.
xfs: Align compat attrlist_by_handle with native implementation.
gfs2: take jdata unstuff into account in do_grow
dm flakey: Properly corrupt multi-page bios.
HID: doc: fix wrong data structure reference for UHID_OUTPUT
pinctrl: sh-pfc: sh7734: Fix shifted values in IPSR10
pinctrl: sh-pfc: sh7264: Fix PFCR3 and PFCR0 register configuration
KVM: s390: unregister debug feature on failing arch init
net/mlx5: Continue driver initialization despite debugfs failure
pinctrl: xway: fix gpio-hog related boot issues
xen/pciback: Check dev_data before using it
HID: intel-ish-hid: fixes incorrect error handling
btrfs: only track ref_heads in delayed_ref_updates
mtd: rawnand: sunxi: Write pageprog related opcodes to WCMD_SET
VSOCK: bind to random port for VMADDR_PORT_ANY
* gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB
include/linux/gpio/consumer.h
microblaze: move "... is ready" messages to arch/microblaze/Makefile
microblaze: adjust the help to the real behavior
ubi: Do not drop UBI device reference before using
ubi: Put MTD device after it is not used
xfs: require both realtime inodes to mount
rtl818x: fix potential use after free
mwifiex: debugfs: correct histogram spacing, formatting
mwifiex: fix potential NULL dereference and use after free
crypto: user - support incremental algorithm dumps
ACPI / LPSS: Ignore acpi_device_fix_up_power() return value
ARM: ks8695: fix section mismatch warning
PM / AVS: SmartReflex: NULL check before some freeing functions is not needed
* arm64: smp: Handle errors reported by the firmware
arch/arm64/kernel/smp.c
* arm64: mm: Prevent mismatched 52-bit VA support
arch/arm64/kernel/head.S
arch/arm64/kernel/smp.c
parisc: Fix HP SDC hpa address output
parisc: Fix serio address output
ARM: dts: imx53-voipac-dmm-668: Fix memory node duplication
ARM: debug-imx: only define DEBUG_IMX_UART_PORT if needed
scsi: lpfc: Fix dif and first burst use in write commands
pwm: bcm-iproc: Prevent unloading the driver module while in use
block: drbd: remove a stray unlock in __drbd_send_protocol()
mac80211: fix station inactive_time shortly after boot
scripts/gdb: fix debugging modules compiled with hot/cold partitioning
watchdog: meson: Fix the wrong value of left time
can: c_can: D_CAN: c_can_chip_config(): perform a sofware reset on open
can: peak_usb: report bus recovery as well
net: fec: add missed clk_disable_unprepare in remove
clk: at91: avoid sleeping early
* reset: fix reset_control_ops kerneldoc comment
include/linux/reset-controller.h
clk: samsung: exynos5420: Preserve PLL configuration during suspend/resume
ASoC: kirkwood: fix external clock probe defer
* ASoC: compress: fix unsigned integer overflow check
sound/core/compress_offload.c
Change-Id: Ida917e8b91aa0dd373b92c6bdc283734141543d4
Signed-off-by: lucaswei <lucaswei@google.com>
|
||
|
Marco Elver
|
c0911024ff |
locking/spinlock/debug: Fix various data races
[ Upstream commit 1a365e822372ba24c9da0822bc583894f6f3d821 ] This fixes various data races in spinlock_debug. By testing with KCSAN, it is observable that the console gets spammed with data races reports, suggesting these are extremely frequent. Example data race report: read to 0xffff8ab24f403c48 of 4 bytes by task 221 on cpu 2: debug_spin_lock_before kernel/locking/spinlock_debug.c:85 [inline] do_raw_spin_lock+0x9b/0x210 kernel/locking/spinlock_debug.c:112 __raw_spin_lock include/linux/spinlock_api_smp.h:143 [inline] _raw_spin_lock+0x39/0x40 kernel/locking/spinlock.c:151 spin_lock include/linux/spinlock.h:338 [inline] get_partial_node.isra.0.part.0+0x32/0x2f0 mm/slub.c:1873 get_partial_node mm/slub.c:1870 [inline] <snip> write to 0xffff8ab24f403c48 of 4 bytes by task 167 on cpu 3: debug_spin_unlock kernel/locking/spinlock_debug.c:103 [inline] do_raw_spin_unlock+0xc9/0x1a0 kernel/locking/spinlock_debug.c:138 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:159 [inline] _raw_spin_unlock_irqrestore+0x2d/0x50 kernel/locking/spinlock.c:191 spin_unlock_irqrestore include/linux/spinlock.h:393 [inline] free_debug_processing+0x1b3/0x210 mm/slub.c:1214 __slab_free+0x292/0x400 mm/slub.c:2864 <snip> As a side-effect, with KCSAN, this eventually locks up the console, most likely due to deadlock, e.g. .. -> printk lock -> spinlock_debug -> KCSAN detects data race -> kcsan_print_report() -> printk lock -> deadlock. This fix will 1) avoid the data races, and 2) allow using lock debugging together with KCSAN. Reported-by: Qian Cai <cai@lca.pw> Signed-off-by: Marco Elver <elver@google.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Paul E. McKenney <paulmck@kernel.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Will Deacon <will.deacon@arm.com> Link: https://lkml.kernel.org/r/20191120155715.28089-1-elver@google.com Signed-off-by: Ingo Molnar <mingo@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Robin Peng
|
a7d6f7d1a0 |
Merge android-4.9-q (4.9.196) into android-msm-pixel-4.9-lts
Merge 4.9.196 into android-4.9-q
Linux 4.9.196
NFC: fix attrs checks in netlink interface
* smack: use GFP_NOFS while holding inode_smack::smk_lock
security/smack/smack_access.c
security/smack/smack_lsm.c
* Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set
security/smack/smack_lsm.c
* ipv6: Handle missing host route in __ipv6_ifa_notify
net/ipv6/addrconf.c
sch_cbq: validate TCA_CBQ_WRROPT to avoid crash
xen-netfront: do not use ~0U as error return value for xennet_fill_frags()
net/rds: Fix error handling in rds_ib_add_one()
sch_dsmark: fix potential NULL deref in dsmark_init()
qmi_wwan: add support for Cinterion CLS8 devices
nfc: fix memory leak in llcp_sock_bind()
* net: Unpublish sk from sk_reuseport_cb before call_rcu
net/core/sock.c
net: qlogic: Fix memory leak in ql_alloc_large_buffers
* net: ipv4: avoid mixed n_redirects and rate_tokens usage
net/ipv4/route.c
* ipv6: drop incoming packets having a v4mapped source address
net/ipv6/ip6_input.c
hso: fix NULL-deref on tty open
cxgb4:Fix out-of-bounds MSI-X info array access
* ANDROID: binder: synchronize_rcu() when using POLLFREE.
drivers/android/binder.c
* ANDROID: binder: remove waitqueue when thread exits.
drivers/android/binder.c
* kmemleak: increase DEBUG_KMEMLEAK_EARLY_LOG_SIZE default to 16K
lib/Kconfig.debug
ocfs2: wait for recovering done after direct unlock request
hypfs: Fix error number left in struct pointer member
* fat: work around race with userspace's read via blockdev while mounting
fs/fat/dir.c
fs/fat/fatent.c
ARM: 8903/1: ensure that usable memory in bank 0 starts from a PMD-aligned address
* security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb()
security/smack/smack_lsm.c
* HID: apple: Fix stuck function keys when using FN
drivers/hid/hid-apple.c
ARM: 8898/1: mm: Don't treat faults reported from cache maintenance as writes
PCI: tegra: Fix OF node reference leak
mfd: intel-lpss: Remove D3cold delay
MIPS: tlbex: Explicitly cast _PAGE_NO_EXEC to a boolean
* scsi: core: Reduce memory required for SCSI logging
drivers/scsi/scsi_logging.c
include/scsi/scsi_dbg.h
clk: at91: select parent if main oscillator or bypass is enabled
* arm64: fix unreachable code issue with cmpxchg
arch/arm64/include/asm/cmpxchg.h
powerpc/pseries: correctly track irq state in default idle
powerpc/64s/exception: machine check use correct cfar for late handler
drm/amdgpu/si: fix ASIC tests
vfio_pci: Restore original state on release
pinctrl: tegra: Fix write barrier placement in pmx_writel
powerpc/pseries/mobility: use cond_resched when updating device tree
powerpc/futex: Fix warning: 'oldval' may be used uninitialized in this function
powerpc/rtas: use device model APIs and serialization during LPM
clk: sirf: Don't reference clk_init_data after registration
clk: qoriq: Fix -Wunused-const-variable
ipmi_si: Only schedule continuously in the thread in maintenance mode
gpu: drm: radeon: Fix a possible null-pointer dereference in radeon_connector_set_property()
drm/radeon: Fix EEH during kexec
video: ssd1307fb: Start page range at page_offset
drm/bridge: tc358767: Increase AUX transfer length limit
Merge 4.9.195 into android-4.9-q
Linux 4.9.195
Btrfs: fix race setting up and completing qgroup rescan workers
btrfs: qgroup: Drop quota_root and fs_info parameters from update_qgroup_status_item
CIFS: Fix oplock handling for SMB 2.1+ protocols
CIFS: fix max ea value size
i2c: riic: Clear NACK in tend isr
* hwrng: core - don't wait on add_early_randomness()
drivers/char/hw_random/core.c
* quota: fix wrong condition in is_quota_modification()
include/linux/quotaops.h
* ext4: fix punch hole for inline_data file systems
fs/ext4/inode.c
* ext4: fix warning inside ext4_convert_unwritten_extents_endio
fs/ext4/extents.c
* /dev/mem: Bail out upon SIGKILL.
drivers/char/mem.c
* cfg80211: Purge frame registrations on iftype change
net/wireless/util.c
md/raid6: Set R5_ReadError when there is read failure on parity disk
btrfs: Relinquish CPUs in btrfs_compare_trees
Btrfs: fix use-after-free when using the tree modification log
* ovl: filter of trusted xattr results in audit
fs/overlayfs/inode.c
* memcg, kmem: do not fail __GFP_NOFAIL charges
mm/memcontrol.c
* regulator: Defer init completion for a while after late_initcall
drivers/regulator/core.c
* alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP
kernel/time/alarmtimer.c
ARM: zynq: Use memcpy_toio instead of memcpy on smp bring-up
ASoC: Intel: Fix use of potentially uninitialized variable
ASoC: Intel: NHLT: Fix debug print format
media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table
KVM: x86: Manually calculate reserved bits when loading PDPTRS
KVM: x86: set ctxt->have_exception in x86_decode_insn()
KVM: x86: always stop emulation on page fault
parisc: Disable HP HSC-PCI Cards to prevent kernel crash
* fuse: fix missing unlock_page in fuse_writepage()
fs/fuse/file.c
* printk: Do not lose last line in kmsg buffer dump
kernel/printk/printk.c
* printk: remove games with previous record flags
kernel/printk/printk.c
IB/hfi1: Define variables as unsigned long to fix KASAN warning
ALSA: firewire-tascam: check intermediate state of clock status and retry
ALSA: firewire-tascam: handle error code when getting current source of clock
PM / devfreq: passive: fix compiler warning
media: omap3isp: Set device on omap3isp subdevs
btrfs: extent-tree: Make sure we only allocate extents from block groups with the same type
ALSA: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93
media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()
drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2)
e1000e: add workaround for possible stalled packet
libertas: Add missing sentinel at end of if_usb.c fw_table
* mmc: sdhci: Fix incorrect switch to HS mode
drivers/mmc/host/sdhci.c
ASoC: dmaengine: Make the pcm->name equal to pcm->id if the name is not set
s390/crypto: xts-aes-s390 fix extra run-time crypto self tests finding
* kprobes: Prohibit probing on BUG() and WARN() address
include/linux/bug.h
kernel/kprobes.c
dmaengine: ti: edma: Do not reset reserved paRAM slots
md/raid1: fail run raid1 array when active disk less than one
hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap'
ACPI / PCI: fix acpi_pci_irq_enable() memory leak
ACPI: custom_method: fix memory leaks
ARM: dts: exynos: Mark LDO10 as always-on on Peach Pit/Pi Chromebooks
libtraceevent: Change users plugin directory
iommu/amd: Silence warnings under memory pressure
nvmet: fix data units read and written counters in SMART log
* arm64: kpti: ensure patched kernel text is fetched from PoU
arch/arm64/mm/proc.S
ACPI / CPPC: do not require the _PSD method
media: ov9650: add a sanity check
media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate()
media: cpia2_usb: fix memory leaks
media: saa7146: add cleanup in hexium_attach()
PM / devfreq: exynos-bus: Correct clock enable sequence
PM / devfreq: passive: Use non-devm notifiers
* media: dvb-core: fix a memory leak bug
drivers/media/dvb-core/dvbdev.c
media: hdpvr: add terminating 0 at end of string
media: radio/si470x: kill urb on error
ARM: dts: imx7d: cl-som-imx7: make ethernet work again
net: lpc-enet: fix printk format strings
media: omap3isp: Don't set streaming state on random subdevs
dmaengine: iop-adma: use correct printk format strings
media: gspca: zero usb_buf on error
efi: cper: print AER info of PCIe fatal error
md: don't set In_sync if array is frozen
md: don't call spare_active in md_reap_sync_thread if all member devices can't work
EDAC/altera: Use the proper type for the IRQ status bits
ia64:unwind: fix double free for mod->arch.init_unw_table
* ALSA: usb-audio: Skip bSynchAddress endpoint check if it is invalid
sound/usb/pcm.c
* base: soc: Export soc_device_register/unregister APIs
drivers/base/soc.c
media: iguanair: add sanity checks
ALSA: i2c: ak4xxx-adda: Fix a possible null pointer dereference in build_adc_controls()
ALSA: hda - Show the fatal CORB/RIRB error more clearly
x86/apic: Soft disable APIC before initializing it
x86/reboot: Always use NMI fallback when shutdown via reboot vector IPI fails
* sched/core: Fix CPU controller for !RT_GROUP_SCHED
kernel/sched/core.c
* sched/fair: Fix imbalance due to CPU affinity
kernel/sched/fair.c
media: hdpvr: Add device num check and handling
media: exynos4-is: fix leaked of_node references
media: dib0700: fix link error for dibx000_i2c_set_speed
leds: leds-lp5562 allow firmware files up to the maximum length
dmaengine: bcm2835: Print error in case setting DMA mask fails
ASoC: sgtl5000: Fix charge pump source assignment
regulator: lm363x: Fix off-by-one n_voltages for lm3632 ldo_vpos/ldo_vneg
ALSA: hda: Flush interrupts on disabling
nfc: enforce CAP_NET_RAW for raw sockets
ieee802154: enforce CAP_NET_RAW for raw sockets
ax25: enforce CAP_NET_RAW for raw sockets
appletalk: enforce CAP_NET_RAW for raw sockets
mISDN: enforce CAP_NET_RAW for raw sockets
* usbnet: sanity checking of packet sizes and device mtu
drivers/net/usb/usbnet.c
* usbnet: ignore endpoints with invalid wMaxPacketSize
drivers/net/usb/usbnet.c
skge: fix checksum byte order
* sch_netem: fix a divide by zero in tabledist()
net/sched/sch_netem.c
* ppp: Fix memory leak in ppp_write
drivers/net/ppp/ppp_generic.c
openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC
net: qrtr: Stop rx_worker before freeing node
net/phy: fix DP83865 10 Mbps HDX loopback disable function
macsec: drop skb sk before calling gro_cells_receive
* cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize
drivers/net/usb/cdc_ncm.c
arcnet: provide a buffer big enough to actually receive packets
Bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices
xfs: don't crash on null attr fork xfs_bmapi_read
* drm: Flush output polling on shutdown
drivers/gpu/drm/drm_probe_helper.c
* f2fs: fix to do sanity check on segment bitmap of LFS curseg
fs/f2fs/segment.c
* Revert "f2fs: avoid out-of-range memory access"
fs/f2fs/segment.c
* f2fs: check all the data segments against all node ones
fs/f2fs/super.c
* irqchip/gic-v3-its: Fix LPI release for Multi-MSI devices
drivers/irqchip/irq-gic-v3-its.c
locking/lockdep: Add debug_locks check in __lock_downgrade()
* power: supply: sysfs: ratelimit property read error message
drivers/power/supply/power_supply_sysfs.c
mac80211: handle deauthentication/disassociation from TDLS peer
mac80211: Print text for disassociation reason
objtool: Clobber user CFLAGS variable
ALSA: hda - Add laptop imic fixup for ASUS M9V laptop
ASoC: fsl: Fix of-node refcount unbalance in fsl_ssi_probe_from_dt()
media: tvp5150: fix switch exit in set control handler
crypto: talitos - fix missing break in switch statement
mtd: cfi_cmdset_0002: Use chip_good() to retry in do_write_oneword()
HID: hidraw: Fix invalid read in hidraw_ioctl
HID: logitech: Fix general protection fault caused by Logitech driver
HID: prodikeys: Fix general protection fault during probe
IB/core: Add an unbound WQ type to the new CQ API
* Revert "Bluetooth: validate BLE connection interval updates"
net/bluetooth/hci_event.c
net/bluetooth/l2cap_core.c
* BACKPORT: block: annotate refault stalls from IO submission
block/bio.c
block/blk-core.c
include/linux/blk_types.h
* ANDROID: usb: gadget: Fix dependency for f_accessory
drivers/usb/gadget/Kconfig
Remove taskname from lowmemorykiller kill reports
Merge 4.9.194 into android-4.9-q
Linux 4.9.194
* net_sched: let qdisc_put() accept NULL pointer
net/sched/sch_generic.c
ARC: export "abort" for modules
media: technisat-usb2: break out of loop at end of buffer
floppy: fix usercopy direction
iommu/amd: Fix race in increase_address_space()
* keys: Fix missing null pointer check in request_key_auth_describe()
security/keys/request_key_auth.c
x86/uaccess: Don't leak the AC flags into __get_user() argument evaluation
dmaengine: ti: omap-dma: Add cleanup in omap_dma_probe()
dmaengine: ti: dma-crossbar: Fix a memory leak bug
net: seeq: Fix the function used to release some memory in an error handling path
tools/power turbostat: fix buffer overrun
perf/x86/amd/ibs: Fix sample bias for dispatched micro-ops
perf/x86/intel: Restrict period on Nehalem
sky2: Disable MSI on yet another ASUS boards (P6Xxxx)
ARM: 8901/1: add a criteria for pfn_valid of arm
cifs: Use kzfree() to zero out the password
cifs: set domainName when a domain-key is used in multiuser
NFSv2: Fix write regression
NFSv2: Fix eof handling
* netfilter: nf_conntrack_ftp: Fix debug output
net/netfilter/nf_conntrack_ftp.c
x86/apic: Fix arch_dynirq_lower_bound() bug for DT enabled machines
* r8152: Set memory to all 0xFFs on failed reg reads
drivers/net/usb/r8152.c
batman-adv: Only read OGM2 tvlv_len after buffer len check
ARM: 8874/1: mm: only adjust sections of valid mm structures
qed: Add cleanup in qed_slowpath_start()
* Kconfig: Fix the reference to the IDT77105 Phy driver in the description of ATM_NICSTAR_USE_IDT77105
drivers/atm/Kconfig
NFS: Fix initialisation of I/O result struct in nfs_pgio_rpcsetup
NFSv4: Fix return values for nfs4_file_open()
s390/bpf: use 32-bit index for tail calls
ARM: OMAP2+: Fix omap4 errata warning on other SoCs
s390/bpf: fix lcgr instruction encoding
ARM: OMAP2+: Fix missing SYSC_HAS_RESET_STATUS for dra7 epwmss
mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings
tty/serial: atmel: reschedule TX after RX was started
serial: sprd: correct the wrong sequence of arguments
KVM: coalesced_mmio: add bounds checking
xen-netfront: do not assume sk_buff_head list is empty in error handling
x86/boot: Add missing bootparam that breaks boot on some platforms
powerpc/mm/radix: Use the right page size for vmemmap mapping
media: tm6000: double free if usb disconnect while streaming
* USB: usbcore: Fix slab-out-of-bounds bug during device reset
drivers/usb/core/config.c
x86/build: Add -Wnoaddress-of-packed-member to REALMODE_CFLAGS, to silence GCC9 build warning
* nvmem: Use the same permissions for eeprom as for nvmem
drivers/nvmem/core.c
drm/mediatek: mtk_drm_drv.c: Add of_node_put() before goto
crypto: talitos - HMAC SNOOP NO AFEU mode requires SW icv checking.
crypto: talitos - Do not modify req->cryptlen on decryption.
crypto: talitos - fix ECB algs ivsize
crypto: talitos - check data blocksize in ablkcipher.
crypto: talitos - fix CTR alg blocksize
crypto: talitos - check AES key size
* driver core: Fix use-after-free and double free on glue directory
drivers/base/core.c
mtd: rawnand: mtk: Fix wrongly assigned OOB buffer pointer issue
clk: rockchip: Don't yell about bad mmc phases when getting
MIPS: VDSO: Use same -m%-float cflag as the kernel proper
MIPS: VDSO: Prevent use of smp_processor_id()
KVM: nVMX: handle page fault in vmread
KVM: x86: work around leak of uninitialized stack contents
KVM: s390: Do not leak kernel stack data in the KVM_S390_INTERRUPT ioctl
* genirq: Prevent NULL pointer dereference in resend_irqs()
kernel/irq/resend.c
Btrfs: fix assertion failure during fsync and use of stale transaction
* gpio: fix line flag validation in lineevent_create
drivers/gpio/gpiolib.c
* gpio: fix line flag validation in linehandle_create
drivers/gpio/gpiolib.c
Revert "MIPS: SiByte: Enable swiotlb for SWARM, LittleSur and BigSur"
* tun: fix use-after-free when register netdev failed
drivers/net/tun.c
tipc: add NULL pointer check before calling kfree_rcu
* tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR
net/ipv4/tcp_input.c
sctp: use transport pf_retrans in sctp_do_8_2_transport_strike
sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()'
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
* net: gso: Fix skb_segment splat when splitting gso_size mangled skb having linear-headed frag_list
net/core/skbuff.c
* net: Fix null de-reference of device refcount
net/core/dev.c
isdn/capi: check message length in capi_write()
* ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()'
net/ipv6/ping.c
* cdc_ether: fix rndis support for Mediatek based smartphones
drivers/net/usb/cdc_ether.c
* bridge/mdb: remove wrong use of NLM_F_MULTI
net/bridge/br_mdb.c
* ANDROID: regression introduced override_creds=off
fs/overlayfs/dir.c
* UPSTREAM: psi: get poll_work to run when calling poll syscall next time
kernel/sched/psi.c
* UPSTREAM: sched/psi: Do not require setsched permission from the trigger creator
kernel/sched/psi.c
* UPSTREAM: sched/psi: Reduce psimon FIFO priority
kernel/sched/psi.c
Merge 4.9.193 into android-4.9-q
Linux 4.9.193
vhost: make sure log_num < in_num
clk: s2mps11: Add used attribute to s2mps11_dt_match
scripts/decode_stacktrace: match basepath using shell prefix operator, not regex
batman-adv: Only read OGM tvlv_len after buffer len check
batman-adv: fix uninit-value in batadv_netlink_get_ifindex()
vhost/test: fix build for vhost test
* ip6: fix skb leak in ip6frag_expire_frag_queue()
include/net/ipv6_frag.h
* xfrm: clean up xfrm protocol checks
include/net/xfrm.h
net/key/af_key.c
net/xfrm/xfrm_state.c
net/xfrm/xfrm_user.c
powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction
drm/vmwgfx: Fix double free in vmw_recv_msg()
* sched/fair: Don't assign runtime for throttled cfs_rq
kernel/sched/fair.c
ALSA: hda/realtek - Fix overridden device-specific initialization
ALSA: hda - Fix potential endless loop at applying quirks
* ANDROID: Revert "ANDROID: sched: Disallow WALT with CFS bandwidth control"
init/Kconfig
* ANDROID: sched: WALT: Add support for CFS_BANDWIDTH
kernel/sched/fair.c
* ANDROID: sched: WALT: Refactor cumulative runnable average fixup
kernel/sched/deadline.c
kernel/sched/fair.c
kernel/sched/rt.c
kernel/sched/sched.h
kernel/sched/stop_task.c
kernel/sched/walt.c
kernel/sched/walt.h
Change-Id: Ifc17376212d89db44dc48d0963b25d93ff1cb978
Signed-off-by: Robin Peng <robinpeng@google.com>
|
||
|
Waiman Long
|
59da7942ca |
locking/lockdep: Add debug_locks check in __lock_downgrade()
[ Upstream commit 513e1073d52e55b8024b4f238a48de7587c64ccf ] Tetsuo Handa had reported he saw an incorrect "downgrading a read lock" warning right after a previous lockdep warning. It is likely that the previous warning turned off lock debugging causing the lockdep to have inconsistency states leading to the lock downgrade warning. Fix that by add a check for debug_locks at the beginning of __lock_downgrade(). Reported-by: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp> Reported-by: syzbot+53383ae265fb161ef488@syzkaller.appspotmail.com Signed-off-by: Waiman Long <longman@redhat.com> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Will Deacon <will.deacon@arm.com> Link: https://lkml.kernel.org/r/1547093005-26085-1-git-send-email-longman@redhat.com Signed-off-by: Ingo Molnar <mingo@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Robin Peng
|
d5bdee4cf1 |
Merge android-4.9-q (4.9.192) into android-msm-pixel-4.9-lts
Merge 4.9.192 into android-4.9-q
Linux 4.9.192
* mld: fix memory leak in mld_del_delrec()
net/ipv6/mcast.c
* tcp: inherit timestamp on mtu probe
net/ipv4/tcp_output.c
net: stmmac: dwmac-rk: Don't fail if phy regulator is absent
net: fix skb use after free in netpoll
Revert "x86/apic: Include the LDR when clearing out APIC registers"
spi: bcm2835aux: fix corruptions for longer spi transfers
spi: bcm2835aux: remove dangerous uncontrolled read of fifo
spi: bcm2835aux: unifying code between polling and interrupt driven code
spi: bcm2835aux: ensure interrupts are enabled for shared handler
libceph: allow ceph_buffer_put() to receive a NULL ceph_buffer
KVM: arm/arm64: Only skip MMIO insn once
ceph: fix buffer free while holding i_ceph_lock in fill_inode()
ceph: fix buffer free while holding i_ceph_lock in __ceph_setxattr()
IB/mlx4: Fix memory leaks
Tools: hv: kvp: eliminate 'may be used uninitialized' warning
ravb: Fix use-after-free ravb_tstamp_skb
wimax/i2400m: fix a memory leak bug
net: kalmia: fix memory leaks
cx82310_eth: fix a memory leak bug
net: myri10ge: fix memory leaks
cxgb4: fix a memory leak bug
* gpio: Fix build error of function redefinition
include/linux/gpio.h
ibmveth: Convert multicast list size for little-endian system
Bluetooth: btqca: Add a short delay before downloading the NVM
net: tc35815: Explicitly check NET_IP_ALIGN is not zero in tc35815_rx
net: tundra: tsi108: use spin_lock_irqsave instead of spin_lock_irq in IRQ context
Merge 4.9.191 into android-4.9-q
Linux 4.9.191
* mm/zsmalloc.c: fix build when CONFIG_COMPACTION=n
mm/zsmalloc.c
x86/ptrace: fix up botched merge of spectrev1 fix
i2c: piix4: Fix port selection for AMD Family 16h Model 30h
KVM: arm/arm64: vgic-v2: Handle SGI bits in GICD_I{S,C}PENDR0 as WI
KVM: arm/arm64: vgic: Fix potential deadlock when ap_list is long
mac80211: fix possible sta leak
* Revert "cfg80211: fix processing world regdomain when non modular"
net/wireless/reg.c
VMCI: Release resource if the work is already queued
stm class: Fix a double free of stm_source_device
* mmc: core: Fix init of SD cards reporting an invalid VDD range
drivers/mmc/core/sd.c
mmc: sdhci-of-at91: add quirk for broken HS200
uprobes/x86: Fix detection of 32-bit user mode
ptrace,x86: Make user_64bit_mode() available to 32-bit builds
USB: storage: ums-realtek: Whitelist auto-delink support
USB: storage: ums-realtek: Update module parameter description for auto_delink_en
usb: host: xhci: rcar: Fix typo in compatible string matching
usb: host: ohci: fix a race condition between shutdown and irq
usb: chipidea: udc: don't do hardware access if gadget has stopped
USB: cdc-wdm: fix race between write and disconnect due to flag abuse
* usb-storage: Add new JMS567 revision to unusual_devs
drivers/usb/storage/unusual_devs.h
* mm/zsmalloc.c: fix race condition in zs_destroy_pool
mm/zsmalloc.c
x86/apic: Include the LDR when clearing out APIC registers
x86/apic: Do not initialize LDR and DFR for bigsmp
KVM: x86: Don't update RIP or do single-step on faulting emulation
ALSA: seq: Fix potential concurrent access to the deleted pool
ALSA: line6: Fix memory leak at line6_init_pcm() error path
* tcp: make sure EPOLLOUT wont be missed
net/core/stream.c
* ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit
sound/usb/mixer.c
* ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term
sound/usb/mixer.c
* tcp: fix tcp_rtx_queue_tail in case of empty retransmit queue
include/net/tcp.h
* scsi: ufs: Fix RX_TERMINATION_FORCE_ENABLE define value
drivers/scsi/ufs/unipro.h
watchdog: bcm2835_wdt: Fix module autoload
tools: hv: fix KVP and VSS daemons exit code
usb: host: fotg2: restart hcd after port reset
i2c: emev2: avoid race when unregistering slave client
xen/blkback: fix memory leaks
* usb: gadget: composite: Clear "suspended" on reset/disconnect
drivers/usb/gadget/composite.c
* iommu/dma: Handle SG length overflow better
drivers/iommu/dma-iommu.c
dmaengine: ste_dma40: fix unneeded variable warning
x86/CPU/AMD: Clear RDRAND CPUID bit on AMD family 15h/16h
Revert "perf test 6: Fix missing kvm module load for s390"
xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT
* mm/zsmalloc.c: migration can leave pages in ZS_EMPTY indefinitely
mm/zsmalloc.c
mm, page_owner: handle THP splits correctly
* genirq: Properly pair kobject_del() with kobject_add()
kernel/irq/irqdesc.c
* dm table: fix invalid memory accesses with too high sector number
drivers/md/dm-table.c
dm space map metadata: fix missing store of apply_bops() return value
dm btree: fix order of block initialization in btree_split_beneath
x86/boot: Fix boot regression caused by bootparam sanitizing
x86/boot: Save fields explicitly, zero out everything else
x86/apic: Handle missing global clockevent gracefully
x86/retpoline: Don't clobber RFLAGS during CALL_NOSPEC on i386
userfaultfd_release: always remove uffd flags and clear vm_userfaultfd_ctx
* gpiolib: never report open-drain/source lines as 'input' to user-space
drivers/gpio/gpiolib.c
* Revert "dm bufio: fix deadlock with loop device"
drivers/md/dm-bufio.c
HID: wacom: Correct distance scale for 2nd-gen Intuos devices
HID: wacom: correct misreported EKR ring values
selftests: kvm: Adding config fragments
perf pmu-events: Fix missing "cpu_clk_unhalted.core" event
drm/vmwgfx: fix memory leak when too many retries have occurred
x86/lib/cpu: Address missing prototypes warning
libata: add SG safety checks in SFF pio transfers
net: hisilicon: Fix dma_map_single failed on arm64
net: hisilicon: fix hip04-xmit never return TX_BUSY
net: hisilicon: make hip04_tx_reclaim non-reentrant
net: cxgb3_main: Fix a resource leak in a error path in 'init_one()'
HID: input: fix a4tech horizontal wheel custom usage
NFSv4: Fix a potential sleep while atomic in nfs4_do_reclaim()
can: peak_usb: force the string buffer NULL-terminated
can: sja1000: force the string buffer NULL-terminated
perf bench numa: Fix cpu0 binding
isdn: hfcsusb: Fix mISDN driver crash caused by transfer buffer on the stack
isdn: mISDN: hfcsusb: Fix possible null-pointer dereferences in start_isoc_chain()
net: usb: qmi_wwan: Add the BroadMobi BM818 card
ASoC: ti: davinci-mcasp: Correct slot_width posed constraint
st_nci_hci_connectivity_event_received: null check the allocation
st21nfca_connectivity_event_received: null check the allocation
can: dev: call netif_carrier_off() in register_candev()
* bonding: Force slave speed check after link state recovery for 802.3ad
drivers/net/bonding/bond_main.c
* ASoC: dapm: Fix handling of custom_stop_condition on DAPM graph walks
sound/soc/soc-dapm.c
* netfilter: ebtables: fix a memory leak bug in compat
net/bridge/netfilter/ebtables.c
MIPS: kernel: only use i8253 clocksource with periodic clockevent
HID: Add 044f:b320 ThrustMaster, Inc. 2 in 1 DT
* BACKPORT: arch: add pidfd and io_uring syscalls everywhere
arch/arm64/include/asm/unistd32.h
* UPSTREAM: pidfd: fix a poll race when setting exit_state
kernel/exit.c
* BACKPORT: arch: wire-up pidfd_open()
arch/arm64/include/asm/unistd.h
arch/arm64/include/asm/unistd32.h
arch/x86/entry/syscalls/syscall_32.tbl
include/uapi/asm-generic/unistd.h
* BACKPORT: pid: add pidfd_open()
include/linux/syscalls.h
kernel/pid.c
* UPSTREAM: pidfd: add polling support
include/linux/pid.h
kernel/fork.c
kernel/pid.c
kernel/signal.c
* UPSTREAM: signal: improve comments
kernel/signal.c
* BACKPORT: fork: do not release lock that wasn't taken
kernel/fork.c
* BACKPORT: signal: support CLONE_PIDFD with pidfd_send_signal
kernel/signal.c
kernel/sys_ni.c
* BACKPORT: clone: add CLONE_PIDFD
include/linux/pid.h
include/uapi/linux/sched.h
kernel/fork.c
* UPSTREAM: Make anon_inodes unconditional
arch/arm64/kvm/Kconfig
drivers/base/Kconfig
drivers/char/tpm/Kconfig
drivers/dma-buf/Kconfig
drivers/gpio/Kconfig
drivers/iio/Kconfig
drivers/infiniband/Kconfig
drivers/vfio/Kconfig
fs/Makefile
fs/notify/fanotify/Kconfig
fs/notify/inotify/Kconfig
init/Kconfig
* UPSTREAM: signal: use fdget() since we don't allow O_PATH
kernel/signal.c
* UPSTREAM: signal: don't silently convert SI_USER signals to non-current pidfd
kernel/signal.c
* BACKPORT: signal: add pidfd_send_signal() syscall
arch/x86/entry/syscalls/syscall_32.tbl
fs/proc/base.c
include/linux/proc_fs.h
include/linux/syscalls.h
include/uapi/asm-generic/unistd.h
kernel/signal.c
kernel/sys_ni.c
* ANDROID: sched: Disallow WALT with CFS bandwidth control
init/Kconfig
* ANDROID: fiq_debugger: remove
drivers/staging/android/Kconfig
drivers/staging/android/Makefile
Merge 4.9.190 into android-4.9-q
Linux 4.9.190
* bonding: Add vlan tx offload to hw_enc_features
drivers/net/bonding/bond_main.c
team: Add vlan tx offload to hw_enc_features
net/mlx5e: Use flow keys dissector to parse packets for ARFS
net/mlx5e: Only support tx/rx pause setting for port owner
xen/netback: Reset nr_frags before freeing skb
sctp: fix the transport error_count check
* net/packet: fix race in tpacket_snd()
net/packet/af_packet.c
bnx2x: Fix VF's VLAN reconfiguration in reload.
iommu/amd: Move iommu_init_pci() to .init section
Input: psmouse - fix build error of multiple definition
* netfilter: conntrack: Use consistent ct id hash calculation
net/netfilter/nf_conntrack_core.c
* arm64: compat: Allow single-byte watchpoints on all addresses
arch/arm64/kernel/hw_breakpoint.c
* bpf: fix bpf_jit_limit knob for PAGE_SIZE >= 64K
include/linux/filter.h
kernel/bpf/core.c
net/core/sysctl_net_core.c
* asm-generic: fix -Wtype-limits compiler warnings
include/asm-generic/getorder.h
USB: serial: option: Add Motorola modem UARTs
USB: serial: option: add the BroadMobi BM818 card
USB: serial: option: Add support for ZTE MF871A
USB: serial: option: add D-Link DWM-222 device ID
* USB: CDC: fix sanity checks in CDC union parser
drivers/usb/core/message.c
usb: cdc-acm: make sure a refcount is taken early enough
* USB: core: Fix races in character device registration and deregistraion
drivers/usb/core/file.c
staging: comedi: dt3000: Fix rounding up of timer divisor
staging: comedi: dt3000: Fix signed integer overflow 'divider * base'
ocfs2: remove set but not used variable 'last_hash'
IB/mad: Fix use-after-free in ib mad completion handling
IB/core: Add mitigation for Spectre V1
* arm64/mm: fix variable 'pud' set but not used
arch/arm64/include/asm/pgtable.h
* arm64/efi: fix variable 'si' set but not used
arch/arm64/include/asm/efi.h
* kbuild: modpost: handle KBUILD_EXTRA_SYMBOLS only for external modules
scripts/Makefile.modpost
ata: libahci: do not complain in case of deferred probe
scsi: hpsa: correct scsi command status issue after reset
libata: zpodd: Fix small read overflow in zpodd_get_mech_type()
perf header: Fix use of unitialized value warning
perf header: Fix divide by zero error if f_header.attr_size==0
irqchip/irq-imx-gpcv2: Forward irq type to parent
xen/pciback: remove set but not used variable 'old_state'
net: usb: pegasus: fix improper read if get_registers() fail
Input: iforce - add sanity checks
Input: kbtab - sanity check for endpoint type
* HID: hiddev: do cleanup in failure of opening a device
drivers/hid/usbhid/hiddev.c
* HID: hiddev: avoid opening a disconnected device
drivers/hid/usbhid/hiddev.c
HID: holtek: test for sanity of intfdata
ALSA: hda - Let all conexant codec enter D3 when rebooting
ALSA: hda - Add a generic reboot_notify
ALSA: hda - Fix a memory leak bug
xtensa: add missing isync to the cpu_reset TLB code
* netfilter: ctnetlink: don't use conntrack/expect object addresses as id
include/net/netfilter/nf_conntrack.h
net/netfilter/nf_conntrack_core.c
net/netfilter/nf_conntrack_netlink.c
* inet: switch IP ID generator to siphash
include/linux/siphash.h
include/net/netns/ipv4.h
net/ipv4/route.c
net/ipv6/output_core.c
* siphash: implement HalfSipHash1-3 for hash tables
include/linux/siphash.h
lib/siphash.c
* siphash: add cryptographically secure PRF
include/linux/siphash.h
lib/Kconfig.debug
lib/Makefile
lib/siphash.c
vhost: scsi: add weight support
vhost_net: fix possible infinite loop
vhost: introduce vhost_exceeds_weight()
vhost_net: introduce vhost_exceeds_weight()
vhost_net: use packet weight for rx handler, too
vhost-net: set packet weight of tx polling to 2 * vq size
* bpf: add bpf_jit_limit knob to restrict unpriv allocations
include/linux/filter.h
kernel/bpf/core.c
net/core/sysctl_net_core.c
* bpf: restrict access to core bpf sysctls
net/core/sysctl_net_core.c
* bpf: get rid of pure_initcall dependency to enable jits
kernel/bpf/core.c
net/core/sysctl_net_core.c
net/socket.c
* mm/memcontrol.c: fix use after free in mem_cgroup_iter()
mm/memcontrol.c
* mm/usercopy: use memory range to be accessed for wraparound check
mm/usercopy.c
sh: kernel: hw_breakpoint: Fix missing break in switch statement
scsi: mpt3sas: Use 63-bit DMA addressing on SAS35 HBA
iwlwifi: don't unmap as page memory that was mapped as single
mwifiex: fix 802.11n/WPA detection
smb3: send CAP_DFS capability during session setup
SMB3: Fix deadlock in validate negotiate hits reconnect
mac80211: don't WARN on short WMM parameters from AP
ALSA: hda - Don't override global PCM hw info flag
ALSA: firewire: fix a memory leak bug
hwmon: (nct7802) Fix wrong detection of in4 presence
can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices
can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices
* perf/core: Fix creating kernel counters for PMUs that override event->cpu
kernel/events/core.c
* tty/ldsem, locking/rwsem: Add missing ACQUIRE to read_failed sleep loop
drivers/tty/tty_ldsem.c
scsi: scsi_dh_alua: always use a 2 second delay before retrying RTPG
scsi: ibmvfc: fix WARN_ON during event pool release
scsi: megaraid_sas: fix panic on loading firmware crashdump
ARM: davinci: fix sleep.S build error on ARMv4
ACPI/IORT: Fix off-by-one check in iort_dev_find_its_id()
drbd: dynamically allocate shash descriptor
perf probe: Avoid calling freeing routine multiple times for same pointer
* ALSA: compress: Be more restrictive about when a drain is allowed
sound/core/compress_offload.c
* ALSA: compress: Don't allow paritial drain operations on capture streams
sound/core/compress_offload.c
* ALSA: compress: Prevent bypasses of set_params
sound/core/compress_offload.c
* ALSA: compress: Fix regression on compressed capture streams
include/sound/compress_driver.h
sound/core/compress_offload.c
s390/qdio: add sanity checks to the fast-requeue path
cpufreq/pasemi: fix use-after-free in pas_cpufreq_cpu_init()
hwmon: (nct6775) Fix register address and added missed tolerance for nct6106
mac80211: don't warn about CW params when not using them
* iscsi_ibft: make ISCSI_IBFT dependson ACPI instead of ISCSI_IBFT_FIND
drivers/firmware/Kconfig
* netfilter: nfnetlink: avoid deadlock due to synchronous request_module
net/netfilter/nfnetlink.c
can: peak_usb: fix potential double kfree_skb()
usb: yurex: Fix use-after-free in yurex_delete
perf record: Fix module size on s390
perf db-export: Fix thread__exec_comm()
perf record: Fix wrong size in perf_record_mmap for last kernel module
* mm/vmalloc: Sync unmappings in __purge_vmap_area_lazy()
mm/vmalloc.c
x86/mm: Sync also unmappings in vmalloc_sync_all()
x86/mm: Check for pfn instead of page in vmalloc_sync_one()
* sound: fix a memory leak bug
sound/sound_core.c
usb: iowarrior: fix deadlock on disconnect
* usb: usbfs: fix double-free of usb memory upon submiturb error
drivers/usb/core/devio.c
ANDROID: fix kernelci build-break in lowmemorykiller
ANDROID: Fixes to locking around handle_lmk_event
* UPSTREAM: net/ipv6: allow sysctl to change link-local address generation mode
include/linux/ipv6.h
include/net/if_inet6.h
net/ipv6/addrconf.c
* ANDROID: fix binder change in merge of 4.9.188
drivers/android/binder_alloc.c
Merge 4.9.189 into android-4.9-q
Linux 4.9.189
x86/speculation/swapgs: Exclude ATOMs from speculation through SWAPGS
x86/entry/64: Use JMP instead of JMPQ
x86/speculation: Enable Spectre v1 swapgs mitigations
x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations
x86: cpufeatures: Sort feature word 7
spi: bcm2835: Fix 3-wire mode if DMA is enabled
* block: blk_init_allocated_queue() set q->fq as NULL in the fail case
block/blk-core.c
bnx2x: Disable multi-cos feature.
ife: error out when nla attributes are empty
* ip6_tunnel: fix possible use-after-free on xmit
net/ipv6/ip6_tunnel.c
* compat_ioctl: pppoe: fix PPPOEIOCSFWD handling
drivers/net/ppp/pppoe.c
drivers/net/ppp/pppox.c
fs/compat_ioctl.c
include/linux/if_pppox.h
net/l2tp/l2tp_ppp.c
tipc: compat: allow tipc commands without arguments
net: sched: Fix a possible null-pointer dereference in dequeue_func()
net/mlx5: Use reversed order when unregister devices
* net: fix ifindex collision during namespace removal
net/core/dev.c
* net: bridge: mcast: don't delete permanent entries when fast leave is enabled
net/bridge/br_multicast.c
net: bridge: delete local fdb on device init failure
atm: iphase: Fix Spectre v1 vulnerability
libceph: use kbasename() and kill ceph_file_part()
objtool: Add rewind_stack_do_exit() to the noreturn list
objtool: Add machine_real_restart() to the noreturn list
IB: directly cast the sockaddr union to aockaddr
RDMA: Directly cast the sockaddr union to sockaddr
* HID: Add quirk for HP X1200 PIXART OEM mouse
drivers/hid/hid-ids.h
drivers/hid/usbhid/hid-quirks.c
HID: wacom: fix bit shift for Cintiq Companion 2
* tcp: be more careful in tcp_fragment()
include/net/tcp.h
net/ipv4/tcp_output.c
* arm64: cpufeature: Fix feature comparison for CTR_EL0.{CWG,ERG}
arch/arm64/include/asm/cpufeature.h
arch/arm64/kernel/cpufeature.c
* arm64: cpufeature: Fix CTR_EL0 field definitions
arch/arm64/kernel/cpufeature.c
ARM: dts: logicpd-som-lv: Fix Audio Mute
ARM: dts: Add pinmuxing for i2c2 and i2c3 for LogicPD torpedo
ARM: dts: Add pinmuxing for i2c2 and i2c3 for LogicPD SOM-LV
scsi: fcoe: Embed fc_rport_priv in fcoe_rport structure
* fs/crypto: Fix 4.9.186 missmerge
fs/crypto/policy.c
Merge 4.9.188 into android-4.9-q
Linux 4.9.188
x86, mm, gup: prevent get_page() race with munmap in paravirt guest
objtool: Support GCC 9 cold subfunction naming scheme
* include/linux/module.h: copy __init/__exit attrs to init/cleanup_module
include/linux/module.h
* Backport minimal compiler_attributes.h to support GCC 9
include/linux/compiler.h
eeprom: at24: make spd world-readable again
* coredump: fix race condition between collapse_huge_page() and core dumping
include/linux/mm.h
infiniband: fix race condition between infiniband mlx4, mlx5 driver and core dumping
* coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping
drivers/android/binder.c
fs/proc/task_mmu.c
include/linux/mm.h
mm/mmap.c
IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification
xen/swiotlb: fix condition for calling xen_destroy_contiguous_region()
* drivers/perf: arm_pmu: Fix failure path in PM notifier
drivers/perf/arm_pmu.c
s390/dasd: fix endless loop after read unit address configuration
* selinux: fix memory leak in policydb_init()
security/selinux/ss/policydb.c
* gpiolib: fix incorrect IRQ requesting of an active-low lineevent
drivers/gpio/gpiolib.c
mmc: dw_mmc: Fix occasional hang after tuning on eMMC
Btrfs: fix incremental send failure after deduplication
* kbuild: initialize CLANG_FLAGS correctly in the top Makefile
Makefile
x86, boot: Remove multiple copy of static function sanitize_boot_params()
x86/kvm: Don't call kvm_spurious_fault() from .fixup
ipc/mqueue.c: only perform resource calculation if user valid
drivers/rapidio/devices/rio_mport_cdev.c: NUL terminate some strings
uapi linux/coda_psdev.h: move upc_req definition from uapi to kernel side headers
coda: fix build using bare-metal toolchain
coda: add error handling for fget
* mm/cma.c: fail if fixed declaration can't be honored
mm/cma.c
x86: math-emu: Hide clang warnings for 16-bit overflow
x86/apic: Silence -Wtype-limits compiler warnings
be2net: Signal that the device cannot transmit during reconfiguration
* ACPI: fix false-positive -Wuninitialized warning
include/linux/acpi.h
scsi: zfcp: fix GCC compiler warning emitted with -Wmaybe-uninitialized
ceph: return -ERANGE if virtual xattr value didn't fit in buffer
ceph: fix improper use of smp_mb__before_atomic()
btrfs: fix minimum number of chunk errors for DUP
fs/adfs: super: fix use-after-free bug
dmaengine: rcar-dmac: Reject zero-length slave DMA requests
MIPS: lantiq: Fix bitfield masking
* kernel/module.c: Only return -EEXIST for modules that have finished loading
kernel/module.c
ftrace: Enable trampoline when rec count returns back to one
ARM: dts: rockchip: Mark that the rk3288 timer might stop in suspend
ARM: dts: rockchip: Make rk3288-veyron-mickey's emmc work again
ARM: dts: rockchip: Make rk3288-veyron-minnie run at hs200
ARM: riscpc: fix DMA
* UPSTREAM: net-ipv6-ndisc: add support for RFC7710 RA Captive Portal Identifier
include/net/ndisc.h
net/ipv6/ndisc.c
ANDROID: fix up 9p filesystem due to CFI non-upstream patches
Merge 4.9.187 into android-4.9-q
Linux 4.9.187
ceph: hold i_ceph_lock when removing caps for freeing inode
drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl
* sched/fair: Don't free p->numa_faults with concurrent readers
fs/exec.c
include/linux/sched.h
kernel/fork.c
kernel/sched/fair.c
Bluetooth: hci_uart: check for missing tty operations
media: radio-raremono: change devm_k*alloc to k*alloc
media: cpia2_usb: first wake up, then free in disconnect
media: au0828: fix null dereference in error path
ISDN: hfcsusb: checking idx of ep configuration
* arm64: compat: Provide definition for COMPAT_SIGMINSTKSZ
arch/arm64/include/asm/compat.h
i2c: qup: fixed releasing dma without flush operation completion
arm64: dts: marvell: Fix A37xx UART0 register size
* tcp: reset sk_send_head in tcp_write_queue_purge
include/net/tcp.h
ipv6: check sk sk_type and protocol early in ip_mroute_set/getsockopt
* access: avoid the RCU grace period for the temporary subjective credentials
fs/open.c
include/linux/cred.h
kernel/cred.c
powerpc/tm: Fix oops on sigreturn on systems without TM
ALSA: hda - Add a conexant codec entry to let mute led work
ALSA: line6: Fix wrong altsetting for LINE6_PODHD500_1
hpet: Fix division by zero in hpet_time_div()
x86/speculation/mds: Apply more accurate check on hypervisor platform
x86/sysfb_efi: Add quirks for some devices with swapped width and height
* usb: pci-quirks: Correct AMD PLL quirk detection
drivers/usb/host/pci-quirks.c
usb: wusbcore: fix unbalanced get/put cluster_id
locking/lockdep: Hide unused 'class' variable
locking/lockdep: Fix lock used or unused stats error
mm/mmu_notifier: use hlist_add_head_rcu()
9p: pass the correct prototype to read_cache_page
mm/kmemleak.c: fix check for softirq context
sh: prevent warnings when using iounmap
powerpc/eeh: Handle hugepages in ioremap space
* mailbox: handle failed named mailbox channel request
drivers/mailbox/mailbox.c
* f2fs: avoid out-of-range memory access
fs/f2fs/segment.c
powerpc/boot: add {get, put}_unaligned_be32 to xz_config.h
RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM
perf test mmap-thread-lookup: Initialize variable to suppress memory sanitizer warning
* kallsyms: exclude kasan local symbols on s390
scripts/kallsyms.c
serial: sh-sci: Fix TX DMA buffer flushing and workqueue races
serial: sh-sci: Terminate TX DMA during buffer flushing
RDMA/i40iw: Set queue pair state when being queried
powerpc/4xx/uic: clear pending interrupt after irq type/pol change
um: Silence lockdep complaint about mmap_sem
mfd: hi655x-pmic: Fix missing return value check for devm_regmap_init_mmio_clk
mfd: arizona: Fix undefined behavior
* mfd: core: Set fwnode for created devices
drivers/mfd/mfd-core.c
recordmcount: Fix spurious mcount entries on powerpc
iio: iio-utils: Fix possible incorrect mask calculation
PCI: xilinx-nwl: Fix Multi MSI data programming
* kbuild: Add -Werror=unknown-warning-option to CLANG_FLAGS
Makefile
* PCI: sysfs: Ignore lockdep for remove attribute
drivers/pci/pci-sysfs.c
powerpc/pci/of: Fix OF flags parsing for 64bit BARs
* usb: gadget: Zero ffs_io_data
drivers/usb/gadget/function/f_fs.c
* tty: serial_core: Set port active bit in uart_port_activate
drivers/tty/serial/serial_core.c
drm/rockchip: Properly adjust to a true clock in adjusted_mode
phy: renesas: rcar-gen2: Fix memory leak at error paths
drm/virtio: Add memory barriers for capset cache.
serial: 8250: Fix TX interrupt handling condition
tty: serial: msm_serial: avoid system lockup condition
tty/serial: digicolor: Fix digicolor-usart already registered warning
memstick: Fix error cleanup path of memstick_init
drm/bridge: sii902x: pixel clock unit is 10kHz instead of 1kHz
drm/bridge: tc358767: read display_props in get_modes()
tty: serial: cpm_uart - fix init when SMC is relocated
pinctrl: rockchip: fix leaked of_node references
tty: max310x: Fix invalid baudrate divisors calculator
* usb: core: hub: Disable hub-initiated U1/U2
drivers/usb/core/hub.c
drm/panel: simple: Fix panel_simple_dsi_probe
nfsd: Fix overflow causing non-working mounts on 1 TB machines
nfsd: fix performance-limiting session calculation
nfsd: give out fewer session slots as limit approaches
nfsd: increase DRC cache limit
NFSv4: Fix open create exclusive when the server reboots
perf/events/amd/uncore: Fix amd_uncore_llc ID to use pre-defined cpu_llc_id
perf/x86/amd/uncore: Get correct number of cores sharing last level cache
perf/x86/amd/uncore: Rename 'L2' to 'LLC'
* net: bridge: stp: don't cache eth dest pointer before skb pull
net/bridge/br_stp_bpdu.c
* net: bridge: mcast: fix stale ipv6 hdr pointer when handling v6 query
net/bridge/br_multicast.c
* net: bridge: mcast: fix stale nsrcs pointer in igmp3/mld2 report handling
net/bridge/br_multicast.c
* tcp: Reset bytes_acked and bytes_received when disconnecting
net/ipv4/tcp.c
* bonding: validate ip header before check IPPROTO_IGMP
drivers/net/bonding/bond_main.c
netrom: hold sock when setting skb->destructor
netrom: fix a memory leak in nr_rx_frame()
macsec: fix checksumming after decryption
macsec: fix use-after-free of skb during RX
vrf: make sure skb->data contains ip header to make routing
sky2: Disable MSI on ASUS P6T
rxrpc: Fix send on a connected, but unbound socket
nfc: fix potential illegal memory access
net: openvswitch: fix csum updates for MPLS actions
* net: neigh: fix multiple neigh timer scheduling
net/core/neighbour.c
net: dsa: mv88e6xxx: wait after reset deactivation
net: bcmgenet: use promisc for unsupported filters
* ipv4: don't set IPv6 only flags to IPv4 addresses
net/ipv4/devinet.c
* igmp: fix memory leak in igmpv3_del_delrec()
net/ipv4/igmp.c
caif-hsi: fix possible deadlock in cfhsi_exit_module()
bnx2x: Prevent ptp_task to be rescheduled indefinitely
bnx2x: Prevent load reordering in tx completion processing
* ext4: allow directory holes
fs/ext4/dir.c
fs/ext4/namei.c
* lib/strscpy: Shut up KASAN false-positives in strscpy()
lib/string.c
* compiler.h: Add read_word_at_a_time() function.
include/linux/compiler.h
* compiler.h, kasan: Avoid duplicating __read_once_size_nocheck()
include/linux/compiler.h
* dm bufio: fix deadlock with loop device
drivers/md/dm-bufio.c
* usb: Handle USB3 remote wakeup for LPM enabled devices correctly
drivers/usb/core/hub.c
* Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug
net/bluetooth/smp.c
intel_th: msu: Fix single mode with disabled IOMMU
* eCryptfs: fix a couple type promotion bugs
fs/ecryptfs/crypto.c
powerpc/watchpoint: Restore NV GPRs while returning from exception
powerpc/32s: fix suspend/resume when IBATs 4-7 are used
parisc: Fix kernel panic due invalid values in IAOQ0 or IAOQ1
parisc: Ensure userspace privilege for ptraced processes in regset functions
um: Fix FP register size for XSTATE/XSAVE
um: Allow building and running on older hosts
crypto: caam - limit output IV to CBC to work around CTR mode DMA issue
PCI: hv: Fix a use-after-free bug in hv_eject_device_work()
PCI: hv: Delete the device earlier from hbus->children for hot-remove
crypto: ccp - Validate the the error value used to index error messages
gpu: ipu-v3: ipu-ic: Fix saturation bit offset in TPMEM
coda: pass the host file in vma->vm_file on mmap
floppy: fix out-of-bounds read in copy_buffer
floppy: fix invalid pointer dereference in drive_name
floppy: fix out-of-bounds read in next_valid_format
floppy: fix div-by-zero in setup_format_params
* take floppy compat ioctls to sodding floppy.c
block/compat_ioctl.c
libnvdimm/pfn: fix fsdax-mode namespace info-block zero-fields
Btrfs: add missing inode version, ctime and mtime updates when punching hole
* PCI: Do not poll for PME if the device is in D3cold
drivers/pci/pci.c
9p/virtio: Add cleanup path in p9_virtio_init
padata: use smp_mb in padata_reorder to avoid orphaned padata jobs
drm/nouveau/i2c: Enable i2c pads & busses during preinit
* fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys inodes.
fs/proc/proc_sysctl.c
arm64: tegra: Fix AGIC register range
KVM: x86/vPMU: refine kvm_pmu err msg when event creation failed
media: coda: Remove unbalanced and unneeded mutex unlock
* media: v4l2: Test type instead of cfg->type in v4l2_ctrl_new_custom()
drivers/media/v4l2-core/v4l2-ctrls.c
ALSA: hda/realtek: apply ALC891 headset fixup to one Dell machine
ALSA: seq: Break too long mutex context in the write loop
* lib/scatterlist: Fix mapping iterator when sg->offset is greater than PAGE_SIZE
lib/scatterlist.c
NFSv4: Handle the special Linux file open access mode
* tracing/snapshot: Resize spare buffer if size changed
kernel/trace/trace.c
iwlwifi: pcie: don't service an interrupt that was masked
arm64: tegra: Update Jetson TX1 GPU regulator timings
regulator: s2mps11: Fix buck7 and buck8 wrong voltages
Input: gtco - bounds check collection indent level
crypto: crypto4xx - fix a potential double free in ppc4xx_trng_probe
crypto: chacha20poly1305 - fix atomic sleep when using async algorithm
* crypto: arm64/sha2-ce - correct digest for empty data in finup
arch/arm64/crypto/sha2-ce-glue.c
* crypto: arm64/sha1-ce - correct digest for empty data in finup
arch/arm64/crypto/sha1-ce-glue.c
* crypto: ghash - fix unaligned memory access in ghash_setkey()
crypto/ghash-generic.c
scsi: mac_scsi: Increase PIO/PDMA transfer length threshold
scsi: NCR5380: Always re-enable reselection interrupt
scsi: NCR5380: Reduce goto statements in NCR5380_select()
xen: let alloc_xenballooned_pages() fail if not enough memory free
gtp: fix use-after-free in gtp_newlink()
gtp: fix Illegal context switch in RCU read-side critical section.
* Bluetooth: validate BLE connection interval updates
net/bluetooth/hci_event.c
net/bluetooth/l2cap_core.c
* Bluetooth: Check state in l2cap_disconnect_rsp
net/bluetooth/l2cap_core.c
Bluetooth: 6lowpan: search for destination address in all peers
Bluetooth: hci_bcsp: Fix memory leak in rx_skb
* gpiolib: Fix references to gpiod_[gs]et_*value_cansleep() variants
drivers/gpio/gpiolib.c
* net: usb: asix: init MAC address buffers
drivers/net/usb/asix_devices.c
iwlwifi: mvm: Drop large non sta frames
bcache: check c->gc_thread by IS_ERR_OR_NULL in cache_set_flush()
* EDAC: Fix global-out-of-bounds write when setting edac_mc_poll_msec
drivers/edac/edac_mc_sysfs.c
drivers/edac/edac_module.h
* crypto: asymmetric_keys - select CRYPTO_HASH where needed
crypto/asymmetric_keys/Kconfig
ixgbe: Check DDM existence in transceiver before access
* rslib: Fix handling of of caller provided syndrome
lib/reed_solomon/decode_rs.c
* rslib: Fix decoding of shortened codes
lib/reed_solomon/decode_rs.c
* clocksource/drivers/exynos_mct: Increase priority over ARM arch timer
include/linux/cpuhotplug.h
libata: don't request sense data on !ZAC ATA devices
perf tools: Increase MAX_NR_CPUS and MAX_CACHES
ath10k: fix PCIE device wake up failed
mt7601u: fix possible memory leak when the device is disconnected
x86/build: Add 'set -e' to mkcapflags.sh to delete broken capflags.c
mt7601u: do not schedule rx_tasklet when the device has been disconnected
media: coda: increment sequence offset for the last returned frame
media: coda: fix mpeg2 sequence number handling
acpi/arm64: ignore 5.1 FADTs that are reported as 5.0
* timer_list: Guard procfs specific code
kernel/time/timer_list.c
* ntp: Limit TAI-UTC offset
kernel/time/ntp.c
* media: i2c: fix warning same module names
drivers/media/i2c/Makefile
* ipsec: select crypto ciphers for xfrm_algo
net/xfrm/Kconfig
* EDAC/sysfs: Fix memory leak when creating a csrow object
drivers/edac/edac_mc_sysfs.c
ipoib: correcly show a VF hardware address
vhost_net: disable zerocopy by default
perf evsel: Make perf_evsel__name() accept a NULL argument
* xfrm: fix sa selector validation
net/xfrm/xfrm_user.c
* blkcg, writeback: dead memcgs shouldn't contribute to writeback ownership arbitration
fs/fs-writeback.c
* rcu: Force inlining of rcu_read_lock()
include/linux/rcupdate.h
* bpf: silence warning messages in core
kernel/bpf/Makefile
* regmap: fix bulk writes on paged registers
drivers/base/regmap/regmap.c
gpio: omap: ensure irq is enabled before wakeup
gpio: omap: fix lack of irqstatus_raw0 for OMAP4
perf test 6: Fix missing kvm module load for s390
perf cs-etm: Properly set the value of 'old' and 'head' in snapshot mode
s390/qdio: handle PENDING state for QEBSM devices
net: axienet: Fix race condition causing TX hang
net: fec: Do not use netdev messages too early
cpupower : frequency-set -r option misses the last cpu in related cpu list
media: wl128x: Fix some error handling in fm_v4l2_init_video_device()
locking/lockdep: Fix merging of hlocks with non-zero references
tua6100: Avoid build warnings.
crypto: talitos - Align SEC1 accesses to 32 bits boundaries.
crypto: talitos - properly handle split ICV.
* net: phy: Check against net_device being NULL
drivers/net/phy/phy_device.c
media: staging: media: davinci_vpfe: - Fix for memory leak if decoder initialization fails.
* media: mc-device.c: don't memset __user pointer contents
drivers/media/media-device.c
* xfrm: Fix xfrm sel prefix length validation
net/xfrm/xfrm_user.c
* af_key: fix leaks in key_pol_get_resp and dump_sp.
net/key/af_key.c
signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig
net: stmmac: dwmac4/5: Clear unused address entries
net: stmmac: dwmac1000: Clear unused address entries
* media: media_device_enum_links32: clean a reserved field
drivers/media/media-device.c
media: vpss: fix a potential NULL pointer dereference
media: marvell-ccic: fix DMA s/g desc number calculation
crypto: talitos - fix skcipher failure due to wrong output IV
media: dvb: usb: fix use after free in dvb_usb_device_exit
batman-adv: fix for leaked TVLV handler.
ath: DFS JP domain W56 fixed pulse type 3 RADAR detection
ath6kl: add some bounds checking
ath9k: Check for errors when reading SREV register
ath10k: Do not send probe response template for mesh
dmaengine: imx-sdma: fix use-after-free on probe error path
* arm64/efi: Mark __efistub_stext_offset as an absolute symbol explicitly
arch/arm64/kernel/image.h
MIPS: fix build on non-linux hosts
MIPS: ath79: fix ar933x uart parity mode
ANDROID: enable CONFIG_RTC_DRV_TEST on cuttlefish
* ANDROID: xfrm: remove in_compat_syscall() checks
net/xfrm/xfrm_state.c
net/xfrm/xfrm_user.c
* UPSTREAM: binder: Set end of SG buffer area properly.
drivers/android/binder.c
Merge 4.9.186 into android-4.9-q
Linux 4.9.186
s390/qdio: don't touch the dsci in tiqdio_add_input_queues()
s390/qdio: (re-)initialize tiqdio list entries
s390: fix stfle zero padding
ARC: hide unused function unw_hdr_alloc
* dm verity: use message limit for data block corruption message
drivers/md/dm-verity-target.c
ARM: dts: imx6ul: fix PWM[1-4] interrupts
sis900: fix TX completion
* ppp: mppe: Add softdep to arc4
drivers/net/ppp/ppp_mppe.c
be2net: fix link failure after ethtool offline test
ARM: omap2: remove incorrect __init annotation
* perf/core: Fix perf_sample_regs_user() mm check
kernel/events/core.c
arm64: crypto: remove accidentally backported files
nilfs2: do not use unexported cpu_to_le32()/le32_to_cpu() in uapi header
e1000e: start network tx queue only when link is up
Revert "e1000e: fix cyclic resets at link up with active tx"
MIPS: Remove superfluous check for __linux__
VMCI: Fix integer overflow in VMCI handle arrays
carl9170: fix misuse of device driver API
staging: comedi: amplc_pci230: fix null pointer deref on interrupt
staging: comedi: dt282x: fix a null pointer deref on interrupt
usb: renesas_usbhs: add a workaround for a race condition of workqueue
* usb: gadget: ether: Fix race between gether_disconnect and rx_submit
drivers/usb/gadget/function/u_ether.c
p54usb: Fix race between disconnect and firmware loading
Revert "serial: 8250: Don't service RX FIFO if interrupts are disabled"
USB: serial: option: add support for GosunCn ME3630 RNDIS mode
USB: serial: ftdi_sio: add ID for isodebug v1
mwifiex: Don't abort on small, spec-compliant vendor IEs
* fscrypt: don't set policy for a dead directory
fs/crypto/policy.c
mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()
mwifiex: Abort at too short BSS descriptor element
x86/tls: Fix possible spectre-v1 in do_get_thread_area()
x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()
udf: Fix incorrect final NOT_ALLOCATED (hole) extent length
net :sunrpc :clnt :Fix xps refcount imbalance on the error path
* ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL
include/net/ip6_tunnel.h
bnx2x: Check if transceiver implements DDM before access
md: fix for divide error in status_resync
mac80211: only warn once on chanctx_conf being NULL
ARM: davinci: da8xx: specify dma_coherent_mask for lcdc
ARM: davinci: da850-evm: call regulator_has_full_constraints()
mlxsw: spectrum: Disallow prio-tagged packets when PVID is removed
KVM: arm/arm64: vgic: Fix kvm_device leak in vgic_its_destroy
Input: imx_keypad - make sure keyboard can always wake up system
* can: mcp251x: add support for mcp25625
drivers/net/can/spi/Kconfig
dt-bindings: can: mcp251x: add mcp25625 support
* netfilter: ipv6: nf_defrag: accept duplicate fragments again
net/ipv6/netfilter/nf_conntrack_reasm.c
* netfilter: ipv6: nf_defrag: fix leakage of unqueued fragments
net/ipv6/netfilter/nf_conntrack_reasm.c
mwifiex: Fix possible buffer overflows at parsing bss descriptor
mac80211: free peer keys before vif down in mesh
mac80211: mesh: fix RCU warning
staging:iio:ad7150: fix threshold mode config bit
samples, bpf: fix to change the buffer size for read()
Input: elantech - enable middle button support on 2 ThinkPads
crypto: talitos - rename alternative AEAD algos.
Change-Id: Ic17f4ff767e98db1ddee5f127d7de4a4c314e026
Signed-off-by: Robin Peng <robinpeng@google.com>
|
||
|
Arnd Bergmann
|
a0e02638b4 |
locking/lockdep: Hide unused 'class' variable
[ Upstream commit 68037aa78208f34bda4e5cd76c357f718b838cbb ] The usage is now hidden in an #ifdef, so we need to move the variable itself in there as well to avoid this warning: kernel/locking/lockdep_proc.c:203:21: error: unused variable 'class' [-Werror,-Wunused-variable] Signed-off-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Bart Van Assche <bvanassche@acm.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Qian Cai <cai@lca.pw> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Waiman Long <longman@redhat.com> Cc: Will Deacon <will.deacon@arm.com> Cc: Will Deacon <will@kernel.org> Cc: Yuyang Du <duyuyang@gmail.com> Cc: frederic@kernel.org Fixes: 68d41d8c94a3 ("locking/lockdep: Fix lock used or unused stats error") Link: https://lkml.kernel.org/r/20190715092809.736834-1-arnd@arndb.de Signed-off-by: Ingo Molnar <mingo@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Yuyang Du
|
ccaa280d15 |
locking/lockdep: Fix lock used or unused stats error
[ Upstream commit 68d41d8c94a31dfb8233ab90b9baf41a2ed2da68 ]
The stats variable nr_unused_locks is incremented every time a new lock
class is register and decremented when the lock is first used in
__lock_acquire(). And after all, it is shown and checked in lockdep_stats.
However, under configurations that either CONFIG_TRACE_IRQFLAGS or
CONFIG_PROVE_LOCKING is not defined:
The commit:
091806515124b20 ("locking/lockdep: Consolidate lock usage bit initialization")
missed marking the LOCK_USED flag at IRQ usage initialization because
as mark_usage() is not called. And the commit:
886532aee3cd42d ("locking/lockdep: Move mark_lock() inside CONFIG_TRACE_IRQFLAGS && CONFIG_PROVE_LOCKING")
further made mark_lock() not defined such that the LOCK_USED cannot be
marked at all when the lock is first acquired.
As a result, we fix this by not showing and checking the stats under such
configurations for lockdep_stats.
Reported-by: Qian Cai <cai@lca.pw>
Signed-off-by: Yuyang Du <duyuyang@gmail.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Will Deacon <will.deacon@arm.com>
Cc: arnd@arndb.de
Cc: frederic@kernel.org
Link: https://lkml.kernel.org/r/20190709101522.9117-1-duyuyang@gmail.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Imre Deak
|
1aa8b2554a |
locking/lockdep: Fix merging of hlocks with non-zero references
[ Upstream commit d9349850e188b8b59e5322fda17ff389a1c0cd7d ] The sequence static DEFINE_WW_CLASS(test_ww_class); struct ww_acquire_ctx ww_ctx; struct ww_mutex ww_lock_a; struct ww_mutex ww_lock_b; struct ww_mutex ww_lock_c; struct mutex lock_c; ww_acquire_init(&ww_ctx, &test_ww_class); ww_mutex_init(&ww_lock_a, &test_ww_class); ww_mutex_init(&ww_lock_b, &test_ww_class); ww_mutex_init(&ww_lock_c, &test_ww_class); mutex_init(&lock_c); ww_mutex_lock(&ww_lock_a, &ww_ctx); mutex_lock(&lock_c); ww_mutex_lock(&ww_lock_b, &ww_ctx); ww_mutex_lock(&ww_lock_c, &ww_ctx); mutex_unlock(&lock_c); (*) ww_mutex_unlock(&ww_lock_c); ww_mutex_unlock(&ww_lock_b); ww_mutex_unlock(&ww_lock_a); ww_acquire_fini(&ww_ctx); (**) will trigger the following error in __lock_release() when calling mutex_release() at **: DEBUG_LOCKS_WARN_ON(depth <= 0) The problem is that the hlock merging happening at * updates the references for test_ww_class incorrectly to 3 whereas it should've updated it to 4 (representing all the instances for ww_ctx and ww_lock_[abc]). Fix this by updating the references during merging correctly taking into account that we can have non-zero references (both for the hlock that we merge into another hlock or for the hlock we are merging into). Signed-off-by: Imre Deak <imre.deak@intel.com> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Cc: =?UTF-8?q?Ville=20Syrj=C3=A4l=C3=A4?= <ville.syrjala@linux.intel.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Will Deacon <will.deacon@arm.com> Link: https://lkml.kernel.org/r/20190524201509.9199-2-imre.deak@intel.com Signed-off-by: Ingo Molnar <mingo@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Robin Peng
|
ad18574239 |
Merge android-4.9 (4.9.178) into android-msm-pixel-4.9-lts
Merge 4.9.178 into android-4.9
Linux 4.9.178
KVM: x86: Skip EFER vs. guest CPUID checks for host-initiated writes
ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug
* ext4: fix data corruption caused by overlapping unaligned and aligned IO
fs/ext4/file.c
* ext4: zero out the unused memory region in the extent tree block
fs/ext4/extents.c
* fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount
fs/fs-writeback.c
* writeback: synchronize sync(2) against cgroup writeback membership switches
fs/fs-writeback.c
include/linux/backing-dev-defs.h
mm/backing-dev.c
* fib_rules: fix error in backport of e9919a24d302 ("fib_rules: return 0...")
net/core/fib_rules.c
crypto: arm/aes-neonbs - don't access already-freed walk.iv
crypto: salsa20 - don't access already-freed walk.iv
* crypto: gcm - fix incompatibility between "gcm" and "gcm_base"
crypto/gcm.c
* crypto: gcm - Fix error return code in crypto_gcm_create_common()
crypto/gcm.c
ipmi:ssif: compare block number correctly for multi-part return messages
bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim()
bcache: fix a race between cache register and cacheset unregister
Btrfs: do not start a transaction at iterate_extent_inodes()
* ext4: fix ext4_show_options for file systems w/o journal
fs/ext4/super.c
* ext4: actually request zeroing of inode table after grow
fs/ext4/ioctl.c
* jbd2: check superblock mapped prior to committing
fs/jbd2/journal.c
tty/vt: fix write/write race in ioctl(KDSKBSENT) handler
mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values
mfd: da9063: Fix OTP control register names to match datasheets for DA9063/63L
ocfs2: fix ocfs2 read inode data panic in ocfs2_iget
* mm/mincore.c: make mincore() more conservative
mm/mincore.c
ASoC: RT5677-SPI: Disable 16Bit SPI Transfers
ASoC: max98090: Fix restore of DAPM Muxes
ALSA: hda/realtek - EAPD turn on later
ALSA: hda/hdmi - Consider eld_valid when reporting jack event
ALSA: hda/hdmi - Read the pin sense from register when repolling
* ALSA: usb-audio: Fix a memory leak bug
sound/usb/mixer.c
crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest()
crypto: crct10dif-generic - fix use via crypto_shash_digest()
crypto: vmx - fix copy-paste error in CTR mode
crypto: chacha20poly1305 - set cra_name correctly
sched/x86: Save [ER]FLAGS on context switch
* arm64: Clear OSDLR_EL1 on CPU boot
arch/arm64/kernel/debug-monitors.c
* arm64: compat: Reduce address limit
arch/arm64/include/asm/processor.h
power: supply: axp288_charger: Fix unchecked return value
ARM: exynos: Fix a leaked reference by adding missing of_node_put
objtool: Fix function fallthrough detection
x86/speculation/mds: Improve CPU buffer clear documentation
x86/speculation/mds: Revert CPU buffer clear on double fault exit
PCI: hv: Fix a memory leak in hv_eject_device_work()
* locking/rwsem: Prevent decrement of reader count before increment
kernel/locking/rwsem-xadd.c
* net: core: another layer of lists, around PF_MEMALLOC skb handling
include/linux/list.h
* UPSTREAM: fib_rules: fix error in backport of e9919a24d302 ("fib_rules: return 0...")
net/core/fib_rules.c
* UPSTREAM: bpf: relax inode permission check for retrieving bpf program
kernel/bpf/inode.c
Merge 4.9.177 into android-4.9
Linux 4.9.177
powerpc/booke64: set RI in default MSR
powerpc/lib: fix book3s/32 boot failure due to code patching
drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl
drivers/virt/fsl_hypervisor.c: dereferencing error pointers in ioctl
* bonding: fix arp_validate toggling in active-backup mode
drivers/net/bonding/bond_options.c
* ipv4: Fix raw socket lookup for local traffic
net/ipv4/raw.c
* vrf: sit mtu should not be updated when vrf netdev is the link
net/ipv6/sit.c
vlan: disable SIOCSHWTSTAMP in container
* packet: Fix error path in packet_init
net/packet/af_packet.c
net: ucc_geth - fix Oops when changing number of buffers in the ring
* fib_rules: return 0 directly if an exactly same rule exists when NLM_F_EXCL not supplied
net/core/fib_rules.c
* bridge: Fix error path for kobject_init_and_add()
net/bridge/br_if.c
powerpc/64s: Include cpu header
x86/vdso: Pass --eh-frame-hdr to the linker
x86/vdso: Drop implicit common-page-size linker flag
x86: vdso: Use $LD instead of $CC to link
Revert "x86: vdso: Use $LD instead of $CC to link"
Revert "x86/vdso: Drop implicit common-page-size linker flag"
Don't jump to compute_result state from check_result state
rtlwifi: rtl8723ae: Fix missing break in switch statement
* ALSA: pcm: remove SNDRV_PCM_IOCTL1_INFO internal command
include/sound/pcm.h
sound/core/pcm_lib.c
sound/core/pcm_native.c
cw1200: fix missing unlock on error in cw1200_hw_scan()
Input: synaptics-rmi4 - fix possible double free
spi: ST ST95HF NFC: declare missing of table
spi: Micrel eth switch: declare missing of table
gpu: ipu-v3: dp: fix CSC handling
selftests/net: correct the return value for run_netsocktests
drm/sun4i: Set device driver data at bind time for use in unbind
s390: ctcm: fix ctcm_new_device error return code
MIPS: perf: ath79: Fix perfcount IRQ assignment
ipvs: do not schedule icmp errors from tunnels
selftests: netfilter: check icmp pkttoobig errors are set as related
* init: initialize jump labels before command line option parsing
init/main.c
tools lib traceevent: Fix missing equality check for strcmp
KVM: x86: avoid misreporting level-triggered irqs as edge-triggered in tracing
* x86/reboot, efi: Use EFI reboot for Acer TravelMate X514-51T
include/linux/efi.h
mISDN: Check address length before reading address family
s390/3270: fix lockdep false positive on view->lock
mac80211: fix unaligned access in mesh table hash function
s390/dasd: Fix capacity calculation for large volumes
libnvdimm/btt: Fix a kmemdup failure check
* HID: input: add mapping for "Toggle Display" key
drivers/hid/hid-input.c
* HID: input: add mapping for keyboard Brightness Up/Down/Toggle keys
drivers/hid/hid-input.c
* HID: input: add mapping for Expose/Overview key
drivers/hid/hid-input.c
libnvdimm/namespace: Fix a potential NULL pointer dereference
iio: adc: xilinx: fix potential use-after-free on remove
USB: serial: fix unthrottle races
platform/x86: sony-laptop: Fix unintentional fall-through
* bpf: convert htab map to hlist_nulls
include/linux/list_nulls.h
include/linux/rculist_nulls.h
kernel/bpf/hashtab.c
* bpf: fix struct htab_elem layout
kernel/bpf/hashtab.c
* netfilter: compat: initialize all fields in xt_init
net/netfilter/x_tables.c
ANDROID: cuttlefish_defconfig: Disable DEVTMPFS
ANDROID: Move from clang r349610 to r353983c.
Merge upstream-f2fs-stable-linux-4.9.y into android-4.9
Merge 4.9.176 into android-4.9
Linux 4.9.176
x86/cpu/bugs: Use __initconst for 'const' init data
x86: stop exporting msr-index.h to userland
x86/speculation/mds: Fix documentation typo
Documentation: Correct the possible MDS sysfs values
x86/mds: Add MDSUM variant to the MDS documentation
x86/speculation/mds: Add 'mitigations=' support for MDS
x86/speculation: Support 'mitigations=' cmdline option
* cpu/speculation: Add 'mitigations=' cmdline option
include/linux/cpu.h
kernel/cpu.c
x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
x86/speculation/mds: Fix comment
x86/speculation/mds: Add SMT warning message
x86/speculation: Move arch_smt_update() call to after mitigation decisions
x86/speculation/mds: Add mds=full,nosmt cmdline option
Documentation: Add MDS vulnerability documentation
Documentation: Move L1TF to separate directory
x86/speculation/mds: Add mitigation mode VMWERV
* x86/speculation/mds: Add sysfs reporting for MDS
drivers/base/cpu.c
include/linux/cpu.h
x86/speculation/mds: Add mitigation control for MDS
x86/speculation/mds: Conditionally clear CPU buffers on idle entry
x86/kvm/vmx: Add MDS protection when L1D Flush is not active
x86/speculation/mds: Clear CPU buffers on exit to user
x86/speculation/mds: Add mds_clear_cpu_buffers()
x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
x86/speculation/mds: Add BUG_MSBDS_ONLY
x86/speculation/mds: Add basic bug infrastructure for MDS
x86/speculation: Consolidate CPU whitelists
x86/msr-index: Cleanup bit defines
kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
x86/speculation: Provide IBPB always command line options
x86/speculation: Add seccomp Spectre v2 user space protection mode
x86/speculation: Enable prctl mode for spectre_v2_user
* x86/speculation: Add prctl() control for indirect branch speculation
include/linux/sched.h
include/uapi/linux/prctl.h
x86/speculation: Prevent stale SPEC_CTRL msr content
x86/speculation: Prepare arch_smt_update() for PRCTL mode
x86/speculation: Split out TIF update
x86/speculation: Prepare for conditional IBPB in switch_mm()
x86/speculation: Avoid __switch_to_xtra() calls
x86/process: Consolidate and simplify switch_to_xtra() code
x86/speculation: Prepare for per task indirect branch speculation control
x86/speculation: Add command line control for indirect branch speculation
x86/speculation: Unify conditional spectre v2 print functions
x86/speculataion: Mark command line parser data __initdata
x86/speculation: Mark string arrays const correctly
x86/speculation: Reorder the spec_v2 code
x86/l1tf: Show actual SMT state
* x86/speculation: Rework SMT state change
include/linux/sched/smt.h
kernel/cpu.c
* sched: Add sched_smt_active()
include/linux/sched/smt.h
kernel/sched/core.c
kernel/sched/sched.h
x86/Kconfig: Select SCHED_SMT if SMP enabled
x86/speculation: Reorganize speculation control MSRs update
x86/speculation: Rename SSBD update functions
x86/speculation: Disable STIBP when enhanced IBRS is in use
x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common()
x86/speculation: Remove unnecessary ret variable in cpu_show_common()
x86/speculation: Clean up spectre_v2_parse_cmdline()
x86/speculation: Update the TIF_SSBD comment
x86/speculation/l1tf: Drop the swap storage limit restriction when l1tf=off
x86/speculation: Propagate information about RSB filling mitigation to sysfs
* x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation
kernel/cpu.c
* x86/speculation: Apply IBPB more strictly to avoid cross-process data leak
include/linux/ptrace.h
kernel/ptrace.c
Documentation/l1tf: Fix small spelling typo
x86/cpu: Sanitize FAM6_ATOM naming
x86/speculation: Remove SPECTRE_V2_IBRS in enum spectre_v2_mitigation
* locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a new <linux/bits.h> file
include/linux/bitops.h
include/linux/bits.h
x86/speculation: Simplify the CPU bug detection logic
* bitops: avoid integer overflow in GENMASK(_ULL)
include/linux/bitops.h
x86/mm: Use WRITE_ONCE() when setting PTEs
x86/microcode: Update the new microcode revision unconditionally
x86/microcode: Make sure boot_cpu_data.microcode is up-to-date
x86/microcode/intel: Check microcode revision before updating sibling threads
x86/microcode/intel: Add a helper which gives the microcode revision
x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR
x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features
x86/bugs: Add AMD's SPEC_CTRL MSR usage
x86/bugs: Add AMD's variant of SSB_NO
x86/cpufeatures: Hide AMD-specific speculation flags
x86/MCE: Save microcode revision in machine check records
Merge 4.9.175 into android-4.9
Linux 4.9.175
timer/debug: Change /proc/timer_stats from 0644 to 0600
ASoC: Intel: avoid Oops if DMA setup fails
UAS: fix alignment of scatter/gather segments
* Bluetooth: Align minimum encryption key size for LE and BR/EDR connections
include/net/bluetooth/hci_core.h
net/bluetooth/hci_conn.c
Bluetooth: hidp: fix buffer overflow
scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines
* usb-storage: Set virt_boundary_mask to avoid SG overflows
drivers/usb/storage/scsiglue.c
USB: serial: f81232: fix interrupt worker not stop
* usb: dwc3: Fix default lpm_nyet_threshold value
drivers/usb/dwc3/core.c
* genirq: Prevent use-after-free and work list corruption
kernel/irq/manage.c
ARM: 8680/1: boot/compressed: fix inappropriate Thumb2 mnemonic for __nop
* mm: add 'try_get_page()' helper function
include/linux/mm.h
iommu/amd: Set exclusion range correctly
virtio-blk: limit number of hw queues by nr_cpu_ids
drm/mediatek: fix possible object reference leak
scsi: csiostor: fix missing data copy in csio_scsi_err_handler()
* linux/kernel.h: Use parentheses around argument in u64_to_user_ptr()
include/linux/kernel.h
perf/x86/intel: Fix handling of wakeup_events for multi-entry PEBS
drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata()
ASoC: tlv320aic32x4: Fix Common Pins
IB/hfi1: Eliminate opcode tests on mr deref
ASoC: cs4270: Set auto-increment bit for register writes
ASoC: nau8810: fix the issue of widget with prefixed name
* ASoC:soc-pcm:fix a codec fixup issue in TDM case
sound/soc/soc-pcm.c
staging: greybus: power_supply: fix prop-descriptor request size
ubsan: Fix nasty -Wbuiltin-declaration-mismatch GCC-9 warnings
scsi: libsas: fix a race condition when smp task timeout
* f2fs: fix to avoid accessing xattr across the boundary
fs/f2fs/xattr.c
fs/f2fs/xattr.h
* f2fs: fix to avoid potential race on sbi->unusable_block_count access/update
fs/f2fs/checkpoint.c
fs/f2fs/segment.c
fs/f2fs/super.c
* f2fs: add tracepoint for f2fs_filemap_fault()
fs/f2fs/file.c
include/trace/events/f2fs.h
* f2fs: introduce DATA_GENERIC_ENHANCE
fs/f2fs/checkpoint.c
fs/f2fs/data.c
fs/f2fs/f2fs.h
fs/f2fs/file.c
fs/f2fs/gc.c
fs/f2fs/inode.c
fs/f2fs/node.c
fs/f2fs/recovery.c
fs/f2fs/segment.c
fs/f2fs/segment.h
* f2fs: fix to handle error in f2fs_disable_checkpoint()
fs/f2fs/super.c
* f2fs: remove redundant check in f2fs_file_write_iter()
fs/f2fs/file.c
* f2fs: fix to be aware of readonly device in write_checkpoint()
fs/f2fs/checkpoint.c
* f2fs: fix to skip recovery on readonly device
fs/f2fs/checkpoint.c
fs/f2fs/super.c
* f2fs: fix to consider multiple device for readonly check
fs/f2fs/f2fs.h
fs/f2fs/super.c
* f2fs: relocate chksum_offset for large_nat_bitmap feature
fs/f2fs/checkpoint.c
fs/f2fs/f2fs.h
* f2fs: allow unfixed f2fs_checkpoint.checksum_offset
fs/f2fs/checkpoint.c
include/linux/f2fs_fs.h
* f2fs: Replace spaces with tab
fs/f2fs/acl.c
* f2fs: insert space before the open parenthesis '('
fs/f2fs/acl.c
* f2fs: allow address pointer number of dnode aligning to specified size
fs/f2fs/f2fs.h
fs/f2fs/file.c
fs/f2fs/gc.c
fs/f2fs/node.c
fs/f2fs/super.c
include/linux/f2fs_fs.h
* f2fs: introduce f2fs_read_single_page() for cleanup
fs/f2fs/data.c
* f2fs: mark is_extension_exist() inline
fs/f2fs/namei.c
* f2fs: fix to set FI_UPDATE_WRITE correctly
fs/f2fs/data.c
* f2fs: fix to avoid panic in f2fs_inplace_write_data()
fs/f2fs/segment.c
* f2fs: fix to do sanity check on valid block count of segment
fs/f2fs/segment.h
* f2fs: fix to do sanity check on valid node/block count
fs/f2fs/super.c
* f2fs: fix to avoid panic in do_recover_data()
fs/f2fs/recovery.c
* f2fs: fix to do sanity check on free nid
fs/f2fs/node.c
* f2fs: fix to do checksum even if inode page is uptodate
fs/f2fs/inode.c
fs/f2fs/node.c
* f2fs: fix to avoid panic in f2fs_remove_inode_page()
fs/f2fs/node.c
* f2fs: fix to clear dirty inode in error path of f2fs_iget()
fs/f2fs/inode.c
* f2fs: remove new blank line of f2fs kernel message
fs/f2fs/file.c
fs/f2fs/super.c
* f2fs: fix wrong __is_meta_io() macro
fs/f2fs/checkpoint.c
fs/f2fs/data.c
fs/f2fs/f2fs.h
* f2fs: fix to avoid panic in dec_valid_node_count()
fs/f2fs/f2fs.h
* f2fs: fix to avoid panic in dec_valid_block_count()
fs/f2fs/f2fs.h
* f2fs: fix to use inline space only if inline_xattr is enable
fs/f2fs/f2fs.h
* f2fs: fix to retrieve inline xattr space
fs/f2fs/inline.c
* f2fs: fix error path of recovery
fs/f2fs/recovery.c
* f2fs: fix to avoid deadloop in foreground GC
fs/f2fs/gc.c
* f2fs: data: fix warning Using plain integer as NULL pointer
fs/f2fs/data.c
* f2fs: add tracepoint for f2fs_file_write_iter()
fs/f2fs/file.c
include/trace/events/f2fs.h
* f2fs: add comment for conditional compilation statement
fs/f2fs/f2fs.h
* f2fs: fix potential recursive call when enabling data_flush
fs/f2fs/checkpoint.c
fs/f2fs/data.c
* f2fs: improve discard handling with multi-device volumes
fs/f2fs/f2fs.h
fs/f2fs/segment.c
* f2fs: Reduce zoned block device memory usage
fs/f2fs/f2fs.h
fs/f2fs/segment.c
fs/f2fs/super.c
* f2fs: Fix use of number of devices
fs/f2fs/data.c
fs/f2fs/f2fs.h
fs/f2fs/file.c
fs/f2fs/gc.c
fs/f2fs/segment.c
* ANDROID: block/cfq-iosched: make group_idle per io cgroup tunable
block/cfq-iosched.c
Merge remote-tracking branch 'origin/upstream-f2fs-stable-linux-4.9.y' into android-4.9
ANDROID: cuttlefish_defconfig: Enable CONFIG_CPUSETS and CONFIG_CGROUP_SCHEDTUNE
ANDROID: Communicates LMK events to userland where they can be logged
Merge 4.9.174 into android-4.9
Linux 4.9.174
media: v4l2: i2c: ov7670: Fix PLL bypass register values
x86/mce: Improve error message when kernel cannot recover, p2
* selinux: never allow relabeling on context mounts
security/selinux/hooks.c
Input: snvs_pwrkey - initialize necessary driver data before enabling IRQ
scsi: RDMA/srpt: Fix a credit leak for aborted commands
staging: iio: adt7316: fix the dac write calculation
staging: iio: adt7316: fix the dac read calculation
staging: iio: adt7316: allow adt751x to use internal vref for all dacs
perf/x86/amd: Update generic hardware cache events for Family 17h
ARM: iop: don't use using 64-bit DMA masks
ARM: orion: don't use using 64-bit DMA masks
xsysace: Fix error handling in ace_setup
sh: fix multiple function definition build errors
hugetlbfs: fix memory leak for resv_map
net: hns: Fix WARNING when remove HNS driver with SMMU enabled
net: hns: Use NAPI_POLL_WEIGHT for hns driver
net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw()
scsi: storvsc: Fix calculation of sub-channel count
* scsi: core: add new RDAC LENOVO/DE_Series device
drivers/scsi/scsi_devinfo.c
vfio/pci: use correct format characters
rtc: da9063: set uie_unsupported when relevant
* debugfs: fix use-after-free on symlink traversal
fs/debugfs/inode.c
jffs2: fix use-after-free on symlink traversal
net: stmmac: don't log oversized frames
net: stmmac: fix dropping of multi-descriptor RX frames
net: stmmac: don't overwrite discard_frame status
* bonding: show full hw address in sysfs for slave entries
drivers/net/bonding/bond_sysfs_slave.c
net/mlx5: E-Switch, Fix esw manager vport indication for more vport commands
igb: Fix WARN_ONCE on runtime suspend
batman-adv: Reduce tt_global hash refcnt only for removed entry
batman-adv: Reduce tt_local hash refcnt only for removed entry
batman-adv: Reduce claim hash refcnt only for removed entry
rtc: sh: Fix invalid alarm warning for non-enabled alarm
* HID: debug: fix race condition with between rdesc_show() and device removal
drivers/hid/hid-debug.c
HID: logitech: check the return value of create_singlethread_workqueue
nvme-loop: init nvmet_ctrl fatal_err_work when allocate
* USB: core: Fix bug caused by duplicate interface PM usage counter
drivers/usb/core/driver.c
include/linux/usb.h
* USB: core: Fix unterminated string returned by usb_string()
drivers/usb/core/message.c
usb: usbip: fix isoc packet num validation in get_pipe
USB: w1 ds2490: Fix bug caused by improper use of altsetting array
USB: yurex: Fix protection fault after device removal
caif: reduce stack size with KASAN
* arm64: mm: don't print out page table entries on EL0 faults
arch/arm64/mm/fault.c
* arm64: mm: print out correct page table entries
arch/arm64/include/asm/system_misc.h
arch/arm64/mm/fault.c
* kasan: prevent compiler from optimizing away memset in tests
lib/Makefile
* arm64: proc: Set PTE_NG for table entries to avoid traversing them twice
arch/arm64/mm/proc.S
kasan: remove redundant initialization of variable 'real_size'
kasan: avoid -Wmaybe-uninitialized warning
* kasan: add a prototype of task_struct to avoid warning
include/linux/kasan.h
arm64: kasan: avoid bad virt_to_pfn()
x86/unwind: Disable KASAN checks for non-current tasks
mm/kasan: Switch to using __pa_symbol and lm_alias
x86/suspend: fix false positive KASAN warning on suspend/resume
net: phy: marvell: Fix buffer overrun with stats counters
bnxt_en: Improve multicast address setup logic.
* packet: validate msg_namelen in send directly
net/packet/af_packet.c
* ipv6: invert flowlabel sharing check in process and user mode
net/ipv6/ip6_flowlabel.c
* ipv6/flowlabel: wait rcu grace period before put_pid()
net/ipv6/ip6_flowlabel.c
* ipv4: ip_do_fragment: Preserve skb_iif during fragmentation
net/ipv4/ip_output.c
ALSA: line6: use dynamic buffers
* ext4: don't bother checking for encryption key in ->mmap()
fs/ext4/file.c
ANDROID: cuttlefish 4.9: enable CONFIG_CRYPTO_AES_NI_INTEL=y
Merge 4.9.173 into android-4.9
Linux 4.9.173
vfio/type1: Limit DMA mappings per container
leds: pca9532: fix a potential NULL pointer dereference
kconfig/[mn]conf: handle backspace (^H) key
* gpio: of: Fix of_gpiochip_add() error path
drivers/gpio/gpiolib-of.c
libata: fix using DMA buffers on stack
scsi: zfcp: reduce flood of fcrscn1 trace records on multi-element RSCN
ceph: fix use-after-free on symlink traversal
usb: u132-hcd: fix resource leak
scsi: qla4xxx: fix a potential NULL pointer dereference
net: ethernet: ti: fix possible object reference leak
net: ibm: fix possible object reference leak
net: xilinx: fix possible object reference leak
NFS: Fix a typo in nfs_init_timeout_values()
staging: rtl8712: uninitialized memory in read_bbreg_hdl()
net: ks8851: Set initial carrier state to down
net: ks8851: Delay requesting IRQ until opened
net: ks8851: Reassert reset pin if chip ID check fails
net: ks8851: Dequeue RX packets explicitly
ARM: dts: pfla02: increase phy reset duration
usb: gadget: net2272: Fix net2272_dequeue()
usb: gadget: net2280: Fix net2280_dequeue()
usb: gadget: net2280: Fix overrun of OUT messages
serial: ar933x_uart: Fix build failure with disabled console
sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init()
netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING
netfilter: nft_set_rbtree: check for inactive element after flag mismatch
qlcnic: Avoid potential NULL pointer dereference
s390: limit brk randomization to 32MB
ARM: dts: bcm283x: Fix hdmi hpd gpio pull
media: vivid: check if the cec_adapter is valid
usbnet: ipheth: fix potential null pointer dereference in ipheth_carrier_set
usbnet: ipheth: prevent TX queue timeouts when device not ready
Merge 4.9.172 into android-4.9
Linux 4.9.172
Documentation: Add nospectre_v1 parameter
powerpc/fsl: Add FSL_PPC_BOOK3E as supported arch for nospectre_v2 boot arg
* net: IP6 defrag: use rbtrees in nf_conntrack_reasm.c
net/ipv6/netfilter/nf_conntrack_reasm.c
* net: IP6 defrag: use rbtrees for IPv6 defrag
include/net/ipv6_frag.h
net/ipv6/reassembly.c
* ipv6: remove dependency of nf_defrag_ipv6 on ipv6 module
include/net/ipv6.h
include/net/ipv6_frag.h
net/ipv6/netfilter/nf_conntrack_reasm.c
net/ipv6/netfilter/nf_defrag_ipv6_hooks.c
net/ipv6/reassembly.c
* net: IP defrag: encapsulate rbtree defrag code into callable functions
include/net/inet_frag.h
net/ipv4/inet_fragment.c
net/ipv4/ip_fragment.c
* ipv6: frags: fix a lockdep false positive
net/ipv6/reassembly.c
* ipv4: set the tcp_min_rtt_wlen range from 0 to one day
net/ipv4/sysctl_net_ipv4.c
net: stmmac: move stmmac_check_ether_addr() to driver probe
team: fix possible recursive locking when add slaves
net: rds: exchange of 8K and 1M pool
net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query
mlxsw: spectrum: Fix autoneg status in ethtool
* ipv4: add sanity checks in ipv4_link_failure()
net/ipv4/route.c
* Revert "block/loop: Use global lock for ioctl() operation."
drivers/block/loop.c
drivers/block/loop.h
tipc: check link name with right length in tipc_nl_compat_link_set
tipc: check bearer name with right length in tipc_nl_compat_bearer_enable
fm10k: Fix a potential NULL pointer dereference
* netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON
net/bridge/netfilter/ebtables.c
NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family.
* fs/proc/proc_sysctl.c: Fix a NULL pointer dereference
fs/proc/proc_sysctl.c
intel_th: gth: Fix an off-by-one in output unassigning
* slip: make slhc_free() silently accept an error pointer
drivers/net/slip/slhc.c
tipc: handle the err returned from cmd header function
vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock
* USB: Consolidate LPM checks to avoid enabling LPM twice
drivers/usb/core/driver.c
drivers/usb/core/hub.c
drivers/usb/core/message.c
* USB: Add new USB LPM helpers
drivers/usb/core/driver.c
drivers/usb/core/hub.c
drivers/usb/core/message.c
drivers/usb/core/sysfs.c
drivers/usb/core/usb.h
drm/vc4: Fix compilation error reported by kbuild test bot
drm/vc4: Fix memory leak during gpu reset.
ARM: 8857/1: efi: enable CP15 DMB instructions before cleaning the cache
dmaengine: sh: rcar-dmac: With cyclic DMA residue 0 is valid
Input: synaptics-rmi4 - write config register values to the right offset
sunrpc: don't mark uninitialised items as VALID.
nfsd: Don't release the callback slot unless it was actually held
ceph: fix ci->i_head_snapc leak
ceph: ensure d_name stability in ceph_dentry_hash()
* sched/numa: Fix a possible divide-by-zero
kernel/sched/fair.c
IB/rdmavt: Fix frwr memory registration
* trace: Fix preempt_enable_no_resched() abuse
kernel/trace/ring_buffer.c
MIPS: scall64-o32: Fix indirect syscall number load
* tracing: Fix a memory leak by early error exit in trace_pid_write()
kernel/trace/trace.c
cifs: do not attempt cifs operation on smb2+ rename error
* kbuild: simplify ld-option implementation
scripts/Kbuild.include
Merge 4.9.171 into android-4.9
Linux 4.9.171
* kernel/sysctl.c: fix out-of-bounds access when setting file-max
kernel/sysctl.c
Revert "locking/lockdep: Add debug_locks check in __lock_downgrade()"
i2c-hid: properly terminate i2c_hid_dmi_desc_override_table[] array
* percpu: stop printing kernel addresses
mm/percpu.c
* ALSA: info: Fix racy addition/deletion of nodes
sound/core/info.c
* mm/vmstat.c: fix /proc/vmstat format for CONFIG_DEBUG_TLBFLUSH=y CONFIG_SMP=n
mm/vmstat.c
device_cgroup: fix RCU imbalance in error case
* sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup
kernel/sched/fair.c
* Revert "kbuild: use -Oz instead of -Os when using clang"
Makefile
perf/x86/amd: Add event map for AMD Family 17h
mac80211: do not call driver wake_tx_queue op during reconfig
rt2x00: do not increment sequence number while re-transmitting
* kprobes: Fix error check when reusing optimized probes
kernel/kprobes.c
kprobes: Mark ftrace mcount handler functions nokprobe
* x86/kprobes: Verify stack frame on kretprobe
include/linux/kprobes.h
* arm64: futex: Restore oldval initialization to work around buggy compilers
arch/arm64/include/asm/futex.h
crypto: x86/poly1305 - fix overflow during partial reduction
Revert "svm: Fix AVIC incomplete IPI emulation"
Revert "scsi: fcoe: clear FC_RP_STARTED flags when receiving a LOGO"
* ALSA: core: Fix card races between register and disconnect
sound/core/init.c
staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf
staging: comedi: ni_usb6501: Fix use of uninitialized mutex
staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf
staging: comedi: vmk80xx: Fix use of uninitialized semaphore
io: accel: kxcjk1013: restore the range after resume.
iio: adc: at91: disable adc channel interrupt in timeout case
iio: ad_sigma_delta: select channel when reading register
iio/gyro/bmg160: Use millidegrees for temperature scale
staging: iio: ad7192: Fix ad7193 channel address
KVM: x86: Don't clear EFER during SMM transitions for 32-bit vCPU
CIFS: keep FileInfo handle live during oplock break
tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete
* modpost: file2alias: check prototype of handler
scripts/mod/file2alias.c
* modpost: file2alias: go back to simple devtable lookup
scripts/mod/file2alias.c
* mmc: sdhci: Fix data command CRC error handling
drivers/mmc/host/sdhci.c
crypto: crypto4xx - properly set IV after de- and encrypt
* ipv4: ensure rcu_read_lock() in ipv4_link_failure()
net/ipv4/route.c
* ipv4: recompile ip options in ipv4_link_failure
net/ipv4/route.c
vhost: reject zero size iova range
team: set slave to promisc if team is already in promisc mode
* tcp: tcp_grow_window() needs to respect tcp_space()
net/ipv4/tcp_input.c
net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv
* net: bridge: multicast: use rcu to access port list from br_multicast_start_querier
net/bridge/br_multicast.c
* net: bridge: fix per-port af_packet sockets
net/bridge/br_input.c
net: atm: Fix potential Spectre v1 vulnerabilities
* bonding: fix event handling for stacked bonds
drivers/net/bonding/bond_main.c
* UPSTREAM: usb: hcd: use correct device pointer for dma ops
drivers/usb/core/hcd.c
UPSTREAM: usb: host: ehci: use correct device pointer for dma ops
* UPSTREAM: usb: separate out sysdev pointer from usb_bus
drivers/usb/core/buffer.c
drivers/usb/core/hcd.c
drivers/usb/core/usb.c
include/linux/usb.h
include/linux/usb/hcd.h
ANDROID: cuttlefish_defconfig: Enable CONFIG_XFRM_STATISTICS
Merge 4.9.170 into android-4.9
Linux 4.9.170
* appletalk: Fix compile regression
include/linux/atalk.h
net: stmmac: Set dma ring length before enabling the DMA
tpm/tpm_crb: Avoid unaligned reads in crb_recv()
* include/linux/swap.h: use offsetof() instead of custom __swapoffset macro
include/linux/swap.h
* lib/div64.c: off by one in shift
lib/div64.c
* appletalk: Fix use-after-free in atalk_proc_exit
include/linux/atalk.h
ARM: 8839/1: kprobe: make patch_lock a raw_spinlock_t
lkdtm: Add tests for NULL pointer dereference
soc/tegra: pmc: Drop locking from tegra_powergate_is_powered()
iommu/dmar: Fix buffer overflow during PCI bus notification
crypto: sha512/arm - fix crash bug in Thumb2 build
crypto: sha256/arm - fix crash bug in Thumb2 build
* kernel: hung_task.c: disable on suspend
kernel/hung_task.c
cifs: fallback to older infolevels on findfirst queryinfo retry
ACPI / SBS: Fix GPE storm on recent MacBookPro's
ARM: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms
HID: i2c-hid: override HID descriptors for certain devices
serial: uartps: console_setup() can't be placed to init section
* f2fs: fix to do sanity check with current segment number
fs/f2fs/super.c
9p locks: add mount option for lock retry interval
9p: do not trust pdu content for stat item size
rsi: improve kernel thread handling to fix kernel panic
gpio: pxa: handle corner case of unprobed device
* ext4: prohibit fstrim in norecovery mode
fs/ext4/ioctl.c
fix incorrect error code mapping for OBJECTID_NOT_FOUND
x86/hw_breakpoints: Make default case in hw_breakpoint_arch_parse() return an error
iommu/vt-d: Check capability before disabling protected memory
x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode processors
x86/hpet: Prevent potential NULL pointer dereference
irqchip/mbigen: Don't clear eventid when freeing an MSI
perf tests: Fix a memory leak in test__perf_evsel__tp_sched_test()
perf tests: Fix a memory leak of cpu_map object in the openat_syscall_event_on_all_cpus test
perf evsel: Free evsel->counts in perf_evsel__exit()
perf hist: Add missing map__put() in error case
perf top: Fix error handling in cmd_top()
perf build-id: Fix memory leak in print_sdt_events()
perf config: Fix a memory leak in collect_config()
perf config: Fix an error in the config template documentation
tools/power turbostat: return the exit status of a command
thermal/int340x_thermal: fix mode setting
thermal/int340x_thermal: Add additional UUIDs
ALSA: opl3: fix mismatch between snd_opl3_drum_switch definition and declaration
mmc: davinci: remove extraneous __init annotation
IB/mlx4: Fix race condition between catas error reset and aliasguid flows
ALSA: sb8: add a check for request_region
ALSA: echoaudio: add a check for ioremap_nocache
* ext4: report real fs size after failed resize
fs/ext4/resize.c
* ext4: add missing brelse() in add_new_gdb_meta_bg()
fs/ext4/resize.c
* perf/core: Restore mmap record type correctly
kernel/events/core.c
ARC: u-boot args: check that magic number is correct
ANDROID: cuttlefish_defconfig: Enable L2TP/PPTP
* ANDROID: Makefile: Properly resolve 4.9.169 merge
Makefile
Make arm64 serial port config compatible with crosvm
Merge 4.9.169 into android-4.9
Linux 4.9.169
* PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller
drivers/pci/quirks.c
xtensa: fix return_address
* sched/fair: Do not re-read ->h_load_next during hierarchical load calculation
kernel/sched/fair.c
xen: Prevent buffer overflow in privcmd ioctl
parisc: Use cr16 interval timers unconditionally on qemu
* arm64: futex: Fix FUTEX_WAKE_OP atomic ops with non-zero result value
arch/arm64/include/asm/futex.h
ARM: dts: at91: Fix typo in ISC_D0 on PC9
virtio: Honour 'may_reduce_num' in vring_create_virtqueue
* genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent()
kernel/irq/chip.c
* block: do not leak memory in bio_copy_user_iov()
block/bio.c
Btrfs: do not allow trimming when a fs is mounted with the nologreplay option
ASoC: fsl_esai: fix channel swap issue when stream starts
* include/linux/bitrev.h: fix constant bitrev
include/linux/bitrev.h
parisc: Detect QEMU earlier in boot process
ALSA: seq: Fix OOB-reads from strlcpy
* ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type
net/ipv6/ip6_tunnel.c
* net: ethtool: not call vzalloc for zero sized memory request
net/core/ethtool.c
* netns: provide pure entropy for net_hash_mix()
include/net/net_namespace.h
include/net/netns/hash.h
net/core/net_namespace.c
net/mlx5e: Add a lock on tir list
bnxt_en: Improve RX consumer index validity check.
bnxt_en: Reset device on RX buffer errors.
* vrf: check accept_source_route on the original netdevice
include/net/ip.h
net/ipv4/ip_input.c
net/ipv4/ip_options.c
tcp: Ensure DCTCP reacts to losses
sctp: initialize _pad of sockaddr_in before copying to user memory
qmi_wwan: add Olicard 600
openvswitch: fix flow actions reallocation
net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock().
kcm: switch order of device registration to fix a crash
* ipv6: sit: reset ip header pointer in ipip6_rcv
net/ipv6/sit.c
* ipv6: Fix dangling pointer when ipv6 fragment
net/ipv6/ip6_output.c
* tty: ldisc: add sysctl to prevent autoloading of ldiscs
drivers/tty/Kconfig
drivers/tty/tty_io.c
drivers/tty/tty_ldisc.c
* tty: mark Siemens R3964 line discipline as BROKEN
drivers/char/Kconfig
* arm64: kaslr: Reserve size of ARM64_MEMSTART_ALIGN in linear region
arch/arm64/mm/init.c
powerpc/security: Fix spectre_v2 reporting
powerpc/fsl: Fix the flush of branch predictor.
powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup'
powerpc/fsl: Update Spectre v2 reporting
powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used
powerpc/fsl: Flush branch predictor when entering KVM
powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit)
powerpc/fsl: Flush the branch predictor at each kernel entry (64bit)
powerpc/fsl: Add nospectre_v2 command line argument
powerpc/fsl: Emulate SPRN_BUCSR register
powerpc/fsl: Fix spectre_v2 mitigations reporting
powerpc/fsl: Add macro to flush the branch predictor
powerpc/fsl: Add infrastructure to fixup branch predictor flush
powerpc/powernv: Query firmware for count cache flush settings
powerpc/pseries: Query hypervisor for count cache flush settings
powerpc/64s: Add support for software count cache flush
powerpc/64s: Add new security feature flags for count cache flush
powerpc/asm: Add a patch_site macro & helpers for patching instructions
powerpc/fsl: Sanitize the syscall table for NXP PowerPC 32 bit platforms
powerpc/fsl: Add barrier_nospec implementation for NXP PowerPC Book3E
powerpc/64: Make meltdown reporting Book3S 64 specific
powerpc/64: Call setup_barrier_nospec() from setup_arch()
powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
powerpc/64: Make stf barrier PPC_BOOK3S_64 specific.
powerpc/64: Disable the speculation barrier from the command line
powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2
powerpc/64s: Enhance the information in cpu_show_spectre_v1()
powerpc/64: Use barrier_nospec in syscall entry
powerpc: Use barrier_nospec in copy_from_user()
powerpc/64s: Enable barrier_nospec based on firmware settings
powerpc/64s: Patch barrier_nospec in modules
powerpc: Avoid code patching freed init sections
powerpc/64s: Add support for ori barrier_nospec patching
powerpc/64s: Add barrier_nospec
powerpc: Fix invalid use of register expressions
* lib/string.c: implement a basic bcmp
include/linux/string.h
lib/string.c
x86/vdso: Drop implicit common-page-size linker flag
x86: vdso: Use $LD instead of $CC to link
* kbuild: clang: choose GCC_TOOLCHAIN_DIR not on LD
Makefile
powerpc/tm: Limit TM code inside PPC_TRANSACTIONAL_MEM
x86/power: Make restore_processor_context() sane
x86/power/32: Move SYSENTER MSR restoration to fix_processor_context()
x86/power/64: Use struct desc_ptr for the IDT in struct saved_context
x86/power: Fix some ordering bugs in __restore_processor_context()
* fscrypt: remove filesystem specific build config option
fs/crypto/Kconfig
fs/crypto/fscrypt_private.h
fs/ext4/Kconfig
fs/ext4/dir.c
fs/ext4/ext4.h
fs/ext4/inode.c
fs/ext4/ioctl.c
fs/ext4/namei.c
fs/ext4/page-io.c
fs/ext4/readpage.c
fs/ext4/super.c
fs/ext4/sysfs.c
fs/f2fs/Kconfig
fs/f2fs/f2fs.h
fs/f2fs/super.c
fs/f2fs/sysfs.c
include/linux/fs.h
include/linux/fscrypt.h
* f2fs: use IS_ENCRYPTED() to check encryption status
fs/f2fs/data.c
fs/f2fs/dir.c
fs/f2fs/f2fs.h
fs/f2fs/file.c
fs/f2fs/inode.c
fs/f2fs/namei.c
* ext4: use IS_ENCRYPTED() to check encryption status
fs/ext4/dir.c
fs/ext4/ext4.h
fs/ext4/ext4_jbd2.h
fs/ext4/extents.c
fs/ext4/file.c
fs/ext4/ialloc.c
fs/ext4/inode.c
fs/ext4/move_extent.c
fs/ext4/namei.c
fs/ext4/page-io.c
fs/ext4/readpage.c
* fscrypt: return -EXDEV for incompatible rename or link into encrypted dir
fs/crypto/hooks.c
fs/crypto/policy.c
include/linux/fscrypt.h
* fscrypt: remove CRYPTO_CTR dependency
fs/crypto/Kconfig
* fscrypt: add Adiantum support / removed speck
fs/crypto/crypto.c
fs/crypto/fname.c
fs/crypto/fscrypt_private.h
fs/crypto/keyinfo.c
fs/crypto/policy.c
include/uapi/linux/fs.h
* ANDROID: Makefile: Add '-fsplit-lto-unit' to cfi-clang-flags
Makefile
Merge 4.9.168 into android-4.9
Linux 4.9.168
ACPI / video: Extend chassis-type detection with a "Lunch Box" check
* drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers
drivers/gpu/drm/drm_dp_mst_topology.c
dmaengine: tegra: avoid overflow of byte tracking
x86/build: Mark per-CPU symbols as absolute explicitly for LLD
wlcore: Fix memory leak in case wl12xx_fetch_firmware failure
* selinux: do not override context on context mounts
security/selinux/hooks.c
x86/build: Specify elf_i386 linker emulation explicitly for i386 objects
drm/nouveau: Stop using drm_crtc_force_disable
regulator: act8865: Fix act8600_sudcdc_voltage_ranges setting
media: s5p-jpeg: Check for fmt_ver_flag when doing fmt enumeration
netfilter: physdev: relax br_netfilter dependency
dmaengine: qcom_hidma: assign channel cookie correctly
dmaengine: imx-dma: fix warning comparison of distinct pointer types
hpet: Fix missing '=' character in the __setup() code of hpet_mmap_enable
HID: intel-ish: ipc: handle PIMR before ish_wakeup also clear PISR busy_clear bit
soc/tegra: fuse: Fix illegal free of IO base address
hwrng: virtio - Avoid repeated init of completion
media: mt9m111: set initial frame size other than 0x0
powerpc/pseries: Perform full re-add of CPU for topology update post-migration
* tty: increase the default flip buffer limit to 2*640K
drivers/tty/tty_buffer.c
ARM: avoid Cortex-A9 livelock on tight dmb loops
mt7601u: bump supported EEPROM version
soc: qcom: gsbi: Fix error handling in gsbi_probe()
ARM: dts: lpc32xx: Remove leading 0x and 0s from bindings notation
efi/memattr: Don't bail on zero VA if it equals the region's PA
ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe
e1000e: fix cyclic resets at link up with active tx
cdrom: Fix race condition in cdrom_sysctl_register
* fbdev: fbmem: fix memory access if logo is bigger than the screen
drivers/video/fbdev/core/fbmem.c
iw_cxgb4: fix srqidx leak during connection abort
* genirq: Avoid summation loops for /proc/stat
include/linux/irqdesc.h
kernel/irq/chip.c
kernel/irq/internals.h
kernel/irq/irqdesc.c
bcache: improve sysfs_strtoul_clamp()
bcache: fix input overflow to sequential_cutoff
bcache: fix input overflow to cache set sysfs file io_error_halflife
* usb: f_fs: Avoid crash due to out-of-scope stack ptr access
drivers/usb/gadget/function/f_fs.c
* ALSA: PCM: check if ops are defined before suspending PCM
sound/core/pcm_native.c
ARM: 8833/1: Ensure that NEON code always compiles with Clang
* kprobes: Prohibit probing on bsearch()
lib/bsearch.c
ACPI / video: Refactor and fix dmi_is_desktop()
iwlwifi: pcie: fix emergency path
leds: lp55xx: fix null deref on firmware load failure
HID: intel-ish-hid: avoid binding wrong ishtp_cl_device
* vfs: fix preadv64v2 and pwritev64v2 compat syscalls with offset == -1
fs/read_write.c
media: mx2_emmaprp: Correct return type for mem2mem buffer helpers
media: s5p-g2d: Correct return type for mem2mem buffer helpers
media: s5p-jpeg: Correct return type for mem2mem buffer helpers
media: sh_veu: Correct return type for mem2mem buffer helpers
SoC: imx-sgtl5000: add missing put_device()
perf test: Fix failure of 'evsel-tp-sched' test on s390
scsi: megaraid_sas: return error when create DMA pool failed
IB/mlx4: Increase the timeout for CM cache
mlxsw: spectrum: Avoid -Wformat-truncation warnings
e1000e: Fix -Wformat-truncation warnings
mmc: omap: fix the maximum timeout setting
iommu/io-pgtable-arm-v7s: Only kmemleak_ignore L2 tables
ARM: 8840/1: use a raw_spinlock_t in unwind
coresight: etm4x: Add support to enable ETMv4.2
* scsi: core: replace GFP_ATOMIC with GFP_KERNEL in scsi_scan.c
drivers/scsi/scsi_scan.c
usb: chipidea: Grab the (legacy) USB PHY by phandle first
crypto: crypto4xx - add missing of_node_put after of_device_is_available
wil6210: check null pointer in _wil_cfg80211_merge_extra_ies
tools lib traceevent: Fix buffer overflow in arg_eval
* fs: fix guard_bio_eod to check for real EOD errors
fs/buffer.c
* jbd2: fix invalid descriptor block checksum
fs/jbd2/commit.c
cifs: Fix NULL pointer dereference of devname
dm thin: add sanity checks to thin-pool and external snapshot creation
cifs: use correct format characters
* fs/file.c: initialize init_files.resize_wait
fs/file.c
f2fs: do not use mutex lock in atomic context
ocfs2: fix a panic problem caused by o2cb_ctl
mm/slab.c: kmemleak no scan alien caches
* mm/vmalloc.c: fix kernel BUG at mm/vmalloc.c:512!
mm/vmalloc.c
mm/page_ext.c: fix an imbalance with kmemleak
* mm/cma.c: cma_declare_contiguous: correct err handling
mm/cma.c
scsi: hisi_sas: Set PHY linkrate when disconnected
enic: fix build warning without CONFIG_CPUMASK_OFFSTACK
* sysctl: handle overflow for file-max
kernel/sysctl.c
* include/linux/relay.h: fix percpu annotation in struct rchan
include/linux/relay.h
gpio: gpio-omap: fix level interrupt idling
* tracing: kdb: Fix ftdump to not sleep
include/linux/ring_buffer.h
kernel/trace/ring_buffer.c
kernel/trace/trace.c
h8300: use cc-cross-prefix instead of hardcoding h8300-unknown-linux-
CIFS: fix POSIX lock leak and invalid ptr deref
* i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA
drivers/i2c/i2c-core.c
mm: mempolicy: make mbind() return -EIO when MPOL_MF_STRICT is specified
tty/serial: atmel: RS485 HD w/DMA: enable RX after TX is stopped
tty/serial: atmel: Add is_half_duplex helper
* lib/int_sqrt: optimize initial value compute
lib/int_sqrt.c
* ext4: cleanup bh release code in ext4_ind_remove_space()
fs/ext4/indirect.c
* arm64: debug: Ensure debug handlers check triggering exception level
arch/arm64/kernel/probes/kprobes.c
* arm64: debug: Don't propagate UNKNOWN FAR into si_code for debug signals
arch/arm64/mm/fault.c
* ext4: switch to fscrypt_prepare_setattr()
fs/ext4/inode.c
* ext4: switch to fscrypt_prepare_rename()
fs/ext4/namei.c
* ext4: switch to fscrypt_prepare_link()
fs/ext4/namei.c
* ext4: switch to fscrypt_file_open()
fs/ext4/file.c
* ext4, dax: set ext4_dax_aops for dax files
fs/ext4/inode.c
ANDROID: cuttlefish_defconfig: Enable CONFIG_OVERLAY_FS
ANDROID: cuttlefish: enable CONFIG_NET_SCH_INGRESS=y
Merge 4.9.167 into android-4.9
Linux 4.9.167
* arm64: support keyctl() system call in 32-bit mode
arch/arm64/Kconfig
* Revert "USB: core: only clean up what we allocated"
drivers/usb/core/config.c
* xhci: Fix port resume done detection for SS ports with LPM enabled
drivers/usb/host/xhci-ring.c
drivers/usb/host/xhci.h
* USB: gadget: f_hid: fix deadlock in f_hidg_write()
drivers/usb/gadget/function/f_hid.c
KVM: x86: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts
KVM: Reject device ioctls from processes other than the VM's creator
x86/smp: Enforce CONFIG_HOTPLUG_CPU when SMP=y
* cpu/hotplug: Prevent crash when CPU bringup fails on CONFIG_HOTPLUG_CPU=n
kernel/cpu.c
perf intel-pt: Fix TSC slip
usb: host: xhci-rcar: Add XHCI_TRUST_TX_LENGTH quirk
* usb: common: Consider only available nodes for dr_mode
drivers/usb/common/common.c
gpio: adnp: Fix testing wrong value in adnp_gpio_direction_input
* fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links
fs/proc/proc_sysctl.c
Disable kgdboc failed by echo space to /sys/module/kgdboc/parameters/kgdboc
USB: serial: option: add Olicard 600
USB: serial: option: set driver_info for SIM5218 and compatibles
USB: serial: mos7720: fix mos_parport refcount imbalance on error path
USB: serial: ftdi_sio: add additional NovaTech products
USB: serial: cp210x: add new device id
serial: sh-sci: Fix setting SCSCR_TIE while transferring data
serial: max310x: Fix to avoid potential NULL pointer dereference
staging: vt6655: Fix interrupt race condition on device start up.
staging: vt6655: Remove vif check from vnt_interrupt
staging: comedi: ni_mio_common: Fix divide-by-zero for DIO cmdtest
tty: atmel_serial: fix a potential NULL pointer dereference
scsi: zfcp: fix scsi_eh host reset with port_forced ERP for non-NPIV FCP devices
scsi: zfcp: fix rport unblock if deleted SCSI devices on Scsi_Host
* scsi: sd: Quiesce warning if device does not report optimal I/O size
drivers/scsi/sd.c
* scsi: sd: Fix a race between closing an sd device and sd I/O
drivers/scsi/sd.c
* fs/open.c: allow opening only regular files during execve()
fs/open.c
* ALSA: pcm: Don't suspend stream in unrecoverable PCM state
sound/core/pcm_native.c
ALSA: pcm: Fix possible OOB access in PCM oss plugins
ALSA: seq: oss: Fix Spectre v1 vulnerability
* ALSA: rawmidi: Fix potential Spectre v1 vulnerability
sound/core/rawmidi.c
net: dsa: qca8k: remove leftover phy accessors
NFSv4.1 don't free interrupted slot on open
powerpc: bpf: Fix generation of load/store DW instructions
ARM: imx6q: cpuidle: fix bug that CPU might not wake up at expected time
btrfs: raid56: properly unmap parity page in finish_parity_scrub()
btrfs: remove WARN_ON in log_dir_items
* tun: add a missing rcu_read_unlock() in error path
drivers/net/tun.c
* tun: properly test for IFF_UP
drivers/net/tun.c
mac8390: Fix mmio access size probe
* sctp: get sctphdr by offset in sctp_compute_cksum
include/net/sctp/checksum.h
vxlan: Don't call gro_cells_destroy() before device is unregistered
* tcp: do not use ipv6 header for ipv4 flow
net/ipv6/tcp_ipv6.c
* packets: Always register packet sk in the same order
include/net/sock.h
net/packet/af_packet.c
net: rose: fix a possible stack overflow
* net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec
net/packet/af_packet.c
mISDN: hfcpci: Test both vendor & device ID for Digium HFC4S
dccp: do not use ipv6 header for ipv4 flow
stmmac: copy unicast mac address to MAC registers
* cfg80211: size various nl80211 messages correctly
net/wireless/nl80211.c
video: fbdev: Set pixclock = 0 in goldfishfb
* Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer
net/bluetooth/l2cap_core.c
* Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
net/bluetooth/l2cap_core.c
UPSTREAM: virt_wifi: Remove REGULATORY_WIPHY_SELF_MANAGED
Merge 4.9.166 into android-4.9
Linux 4.9.166
ath10k: avoid possible string overflow
power: supply: charger-manager: Fix incorrect return value
pwm-backlight: Enable/disable the PWM before/after LCD enable toggle.
* rtc: Fix overflow when converting time64_t to rtc_time
drivers/rtc/rtc-lib.c
* scsi: ufs: fix wrong command type of UTRD for UFSHCI v2.1
drivers/scsi/ufs/ufshcd.c
* USB: core: only clean up what we allocated
drivers/usb/core/config.c
* lib/int_sqrt: optimize small argument
lib/int_sqrt.c
serial: sprd: clear timeout interrupt only rather than all interrupts
* arm64: traps: disable irq in die()
arch/arm64/kernel/traps.c
* Hang/soft lockup in d_invalidate with simultaneous calls
fs/dcache.c
serial: sprd: adjust TIMEOUT to a big value
* tcp/dccp: drop SYN packets if accept queue is full
include/net/inet_connection_sock.h
net/ipv4/tcp_input.c
ALSA: hda - Enforces runtime_resume after S3 and S4 for each codec
ALSA: hda - Record the current power state before suspend/resume calls
locking/lockdep: Add debug_locks check in __lock_downgrade()
* Bluetooth: Fix decrementing reference count twice in releasing socket
net/bluetooth/hci_sock.c
* media: v4l2-ctrls.c/uvc: zero v4l2_event
drivers/media/v4l2-core/v4l2-ctrls.c
* ext4: brelse all indirect buffer in ext4_ind_remove_space()
fs/ext4/indirect.c
* ext4: fix data corruption caused by unaligned direct AIO
fs/ext4/file.c
* ext4: fix NULL pointer dereference while journal is aborted
fs/ext4/ext4_jbd2.h
objtool: Move objtool_file struct off the stack
* futex: Ensure that futex address is aligned in handle_futex_death()
kernel/futex.c
MIPS: Fix kernel crash for R6 in jump label branch function
MIPS: Ensure ELF appended dtb is relocated
mips: loongson64: lemote-2f: Add IRQF_NO_SUSPEND to "cascade" irqaction.
udf: Fix crash on IO error during truncate
libceph: wait for latest osdmap in ceph_monc_blacklist_add()
iommu/amd: fix sg->dma_address for sg->offset bigger than PAGE_SIZE
drm/vmwgfx: Don't double-free the mode stored in par->set_mode
mmc: pxamci: fix enum type confusion
Change-Id: I240c51a5bde3c2c7a9ada58c87d5d0966f26cb78
Signed-off-by: Robin Peng <robinpeng@google.com>
|
||
|
Waiman Long
|
e85fab7c4b |
locking/rwsem: Prevent decrement of reader count before increment
[ Upstream commit a9e9bcb45b1525ba7aea26ed9441e8632aeeda58 ] During my rwsem testing, it was found that after a down_read(), the reader count may occasionally become 0 or even negative. Consequently, a writer may steal the lock at that time and execute with the reader in parallel thus breaking the mutual exclusion guarantee of the write lock. In other words, both readers and writer can become rwsem owners simultaneously. The current reader wakeup code does it in one pass to clear waiter->task and put them into wake_q before fully incrementing the reader count. Once waiter->task is cleared, the corresponding reader may see it, finish the critical section and do unlock to decrement the count before the count is incremented. This is not a problem if there is only one reader to wake up as the count has been pre-incremented by 1. It is a problem if there are more than one readers to be woken up and writer can steal the lock. The wakeup was actually done in 2 passes before the following v4.9 commit: |
||
|
Greg Kroah-Hartman
|
7f21387276 |
Revert "locking/lockdep: Add debug_locks check in __lock_downgrade()"
This reverts commit
|
||
|
Waiman Long
|
670d934a1e |
locking/lockdep: Add debug_locks check in __lock_downgrade()
commit 71492580571467fb7177aade19c18ce7486267f5 upstream. Tetsuo Handa had reported he saw an incorrect "downgrading a read lock" warning right after a previous lockdep warning. It is likely that the previous warning turned off lock debugging causing the lockdep to have inconsistency states leading to the lock downgrade warning. Fix that by add a check for debug_locks at the beginning of __lock_downgrade(). Debugged-by: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp> Reported-by: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp> Reported-by: syzbot+53383ae265fb161ef488@syzkaller.appspotmail.com Signed-off-by: Waiman Long <longman@redhat.com> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Will Deacon <will.deacon@arm.com> Link: https://lkml.kernel.org/r/1547093005-26085-1-git-send-email-longman@redhat.com Signed-off-by: Ingo Molnar <mingo@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Petri Gynther
|
695d3f735a |
Merge android-4.9 (4.9.163) into android-msm-bluecross-4.9-lts
Merge 4.9.163 into android-4.9
Linux 4.9.163
x86: Add TSX Force Abort CPUID/MSR
perf/x86/intel: Generalize dynamic constraint creation
perf/x86/intel: Make cpuc allocations consistent
ARM: dts: exynos: Do not ignore real-world fuse values for thermal zone 0 on Exynos5420
ARM: 8781/1: Fix Thumb-2 syscall return for binutils 2.29+
drm: disable uncached DMA optimization for ARM and arm64
ARM: dts: exynos: Add minimal clkout parameters to Exynos3250 PMU
ARM: dts: exynos: Fix pinctrl definition for eMMC RTSN line on Odroid X2/U3
* futex,rt_mutex: Restructure rt_mutex_finish_proxy_lock()
kernel/futex.c
kernel/locking/rtmutex.c
kernel/locking/rtmutex_common.h
scsi: aacraid: Fix missing break in switch statement
iscsi_ibft: Fix missing break in switch statement
Input: elan_i2c - add id for touchpad found in Lenovo s21e-20
Input: wacom_serial4 - add support for Wacom ArtPad II tablet
* fs: ratelimit __find_get_block_slow() failure message.
fs/buffer.c
MIPS: Remove function size check in get_frame_info()
perf symbols: Filter out hidden symbols from labels
s390/qeth: fix use-after-free in error path
* netfilter: nf_nat: skip nat clash resolution for same-origin entries
net/netfilter/nf_conntrack_core.c
selftests: netfilter: add simple masq/redirect test cases
selftests: netfilter: fix config fragment CONFIG_NF_TABLES_INET
dmaengine: dmatest: Abort test in case of mapping error
vsock/virtio: reset connected sockets on device removal
vsock/virtio: fix kernel panic after device hot-unplug
dmaengine: at_xdmac: Fix wrongfull report of a channel as in use
drm/sun4i: tcon: Prepare and enable TCON channel 0 clock at init
irqchip/mmp: Only touch the PJ4 IRQ & FIQ bits on enable/disable
* usb: phy: fix link errors
drivers/usb/phy/Kconfig
arm64: dts: add msm8996 compatible to gicv3
ARM: pxa: ssp: unneeded to free devm_ allocated data
soc: fsl: qbman: avoid race in clearing QMan interrupt
autofs: fix error return in autofs_fill_super()
autofs: drop dentry reference only when it is never used
* fs/drop_caches.c: avoid softlockups in drop_pagecache_sb()
fs/drop_caches.c
mm, memory_hotplug: test_pages_in_a_zone do not pass the end of zone
mm, memory_hotplug: is_mem_section_removable do not pass the end of a zone
x86_64: increase stack size for KASAN_EXTRA
x86/kexec: Don't setup EFI info if EFI runtime is not enabled
* arm64: kprobe: Always blacklist the KVM world-switch code
arch/arm64/kernel/probes/kprobes.c
cifs: fix computation for MAX_SMB2_HDR_SIZE
* platform/x86: Fix unmet dependency warning for SAMSUNG_Q10
drivers/platform/x86/Kconfig
scsi: libfc: free skb when receiving invalid flogi resp
qed: Fix VF probe failure while FLR
nfs: Fix NULL pointer dereference of dev_name
gpio: vf610: Mask all GPIO interrupts
net: stmmac: dwmac-rk: fix error handling in rk_gmac_powerup()
net: hns: Fix wrong read accesses via Clause 45 MDIO protocol
net: hns: Fix for missing of_node_put() after of_parse_phandle()
net: altera_tse: fix msgdma_tx_completion on non-zero fill_level case
xtensa: SMP: limit number of possible CPUs by NR_CPUS
xtensa: SMP: mark each possible CPU as present
xtensa: smp_lx200_defconfig: fix vectors clash
xtensa: SMP: fix secondary CPU initialization
xtensa: SMP: fix ccount_timer_shutdown
iommu/amd: Fix IOMMU page flush when detach device from a domain
ipvs: Fix signed integer overflow when setsockopt timeout
iommu/amd: Unmap all mapped pages in error path of map_sg
iommu/amd: Call free_iova_fast with pfn in map_sg
IB/{hfi1, qib}: Fix WC.byte_len calculation for UD_SEND_WITH_IMM
perf tools: Handle TOPOLOGY headers with no CPU
* perf core: Fix perf_proc_update_handler() bug
kernel/events/core.c
* vti4: Fix a ipip packet processing bug in 'IPCOMP' virtual tunnel
net/ipv4/ip_vti.c
media: uvcvideo: Fix 'type' check leading to overflow
* exec: Fix mem leak in kernel_read_file
fs/exec.c
* hugetlbfs: fix races and page leaks during migration
mm/migrate.c
MIPS: irq: Allocate accurate order pages for irq stack
applicom: Fix potential Spectre v1 vulnerabilities
x86/CPU/AMD: Set the CPB bit unconditionally on F17h
net: phy: Micrel KSZ8061: link failure after cable connect
* tun: remove unnecessary memory barrier
drivers/net/tun.c
* tun: fix blocking read
drivers/net/tun.c
* net: avoid use IPCB in cipso_v4_error
include/net/ip.h
net/ipv4/cipso_ipv4.c
net/ipv4/ip_options.c
* net: Add __icmp_send helper.
include/net/icmp.h
net/ipv4/icmp.c
xen-netback: fix occasional leak of grant ref mappings under memory pressure
xen-netback: don't populate the hash cache on XenBus disconnect
* net: sit: fix memory leak in sit_init_net()
net/ipv6/sit.c
net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails
* net: netem: fix skb length BUG_ON in __skb_to_sgvec
net/sched/sch_netem.c
* netlabel: fix out-of-bounds memory accesses
net/ipv4/cipso_ipv4.c
net/netlabel/netlabel_kapi.c
net: dsa: mv88e6xxx: Fix u64 statistics
hv_netvsc: Fix IP header checksum for coalesced packets
bnxt_en: Drop oversize TX packets to prevent errors.
team: Free BPF filter when unregistering netdev
sky2: Disable MSI on Dell Inspiron 1545 and Gateway P-79
* net-sysfs: Fix mem leak in netdev_register_kobject
net/core/net-sysfs.c
ip6mr: Do not call __IP6_INC_STATS() from preemptible context
* staging: android: ion: fix sys heap pool's gfp_flags
drivers/staging/android/ion/ion_system_heap.c
staging: wilc1000: fix to set correct value for 'vif_num'
staging: comedi: ni_660x: fix missing break in switch statement
isdn: isdn_tty: fix build warning of strncpy
ncpfs: fix build warning of strncpy
* cpufreq: Use struct kobj_attribute instead of struct global_attr
drivers/cpufreq/cpufreq.c
include/linux/cpufreq.h
USB: serial: ftdi_sio: add ID for Hjelmslund Electronics USB485
USB: serial: cp210x: add ID for Ingenico 3070
USB: serial: option: add Telit ME910 ECM composition
ANDROID: cuttlefish: enable CONFIG_INET_UDP_DIAG=y
Change-Id: I897874d0b99a6316f7e1c7e0c04c543e5469355a
Signed-off-by: Petri Gynther <pgynther@google.com>
|
||
|
Peter Zijlstra
|
ce81355231 |
futex,rt_mutex: Restructure rt_mutex_finish_proxy_lock()
commit 38d589f2fd08f1296aea3ce62bebd185125c6d81 upstream. With the ultimate goal of keeping rt_mutex wait_list and futex_q waiters consistent it's necessary to split 'rt_mutex_futex_lock()' into finer parts, such that only the actual blocking can be done without hb->lock held. Split split_mutex_finish_proxy_lock() into two parts, one that does the blocking and one that does remove_waiter() when the lock acquire failed. When the rtmutex was acquired successfully the waiter can be removed in the acquisiton path safely, since there is no concurrency on the lock owner. This means that, except for futex_lock_pi(), all wait_list modifications are done with both hb->lock and wait_lock held. [bigeasy@linutronix.de: fix for futex_requeue_pi_signal_restart] Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Cc: juri.lelli@arm.com Cc: bigeasy@linutronix.de Cc: xlpang@redhat.com Cc: rostedt@goodmis.org Cc: mathieu.desnoyers@efficios.com Cc: jdesfossez@efficios.com Cc: dvhart@infradead.org Cc: bristot@redhat.com Link: http://lkml.kernel.org/r/20170322104152.001659630@infradead.org Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Zubin Mithra <zsm@chromium.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Petri Gynther
|
0da3e97c1f |
Merge android-4.9 (4.9.162) into android-msm-bluecross-4.9-lts
* ANDROID: cpufreq: times: don't copy invalid freqs from freq table
drivers/cpufreq/cpufreq_times.c
ANDROID: cuttlefish: enable CONFIG_USB_RTL8152=y
* ANDROID: cpufreq: times: record fast switch frequency transitions
drivers/cpufreq/cpufreq.c
drivers/cpufreq/cpufreq_times.c
include/linux/cpufreq_times.h
ANDROID: cuttlefish_defconfig: Add support for AC97 audio
Revert "ANDROID: arm: process: Add display of memory around registers when displaying regs."
Revert "arm: fix show_data fallout from KERN_CONT changes"
* ANDROID: cfi: Remove unused variable in ptr_to_check_fn
kernel/cfi.c
ANDROID: cuttlefish: enable CONFIG_NETFILTER_XT_TARGET_CT=y
* ANDROID: overlayfs: override_creds=off option bypass creator_cred
fs/overlayfs/copy_up.c
fs/overlayfs/dir.c
fs/overlayfs/inode.c
fs/overlayfs/overlayfs.h
fs/overlayfs/readdir.c
fs/overlayfs/super.c
Merge 4.9.162 into android-4.9
Linux 4.9.162
x86/uaccess: Don't leak the AC flag into __put_user() value evaluation
* mm: enforce min addr even if capable() in expand_downwards()
mm/mmap.c
mmc: spi: Fix card detection during probe
powerpc: Always initialize input array when calling epapr_hypercall()
KVM: nSVM: clear events pending from svm_complete_interrupts() when exiting to L1
svm: Fix AVIC incomplete IPI emulation
* cfg80211: extend range deviation for DMG
net/wireless/reg.c
mac80211: Add attribute aligned(2) to struct 'action'
mac80211: don't initiate TDLS connection if station is not associated to AP
ibmveth: Do not process frames after calling napi_reschedule
* net: usb: asix: ax88772_bind return error when hw_reset fail
drivers/net/usb/asix_devices.c
net: altera_tse: fix connect_local_phy error path
scsi: csiostor: fix NULL pointer dereference in csio_vport_set_state()
* direct-io: allow direct writes to empty inodes
fs/direct-io.c
serial: fsl_lpuart: fix maximum acceptable baud rate with over-sampling
* locking/rwsem: Fix (possible) missed wakeup
kernel/locking/rwsem-xadd.c
mac80211: fix miscounting of ttl-dropped frames
drivers: thermal: int340x_thermal: Fix sysfs race condition
ARC: fix __ffs return value to avoid build warnings
ASoC: imx-audmux: change snprintf to scnprintf for possible overflow
* ASoC: dapm: change snprintf to scnprintf for possible overflow
sound/soc/soc-dapm.c
usb: gadget: Potential NULL dereference on allocation error
* usb: dwc3: gadget: Fix the uninitialized link_state when udc starts
drivers/usb/dwc3/gadget.c
* usb: dwc3: gadget: synchronize_irq dwc irq in suspend
drivers/usb/dwc3/gadget.c
thermal: int340x_thermal: Fix a NULL vs IS_ERR() check
* ALSA: compress: prevent potential divide by zero bugs
sound/core/compress_offload.c
ASoC: Intel: Haswell/Broadwell: fix setting for .dynamic field
* drm/msm: Unblock writer if reader closes file
drivers/gpu/drm/msm/msm_rd.c
scsi: libsas: Fix rphy phy_identifier for PHYs with end devices attached
* Revert "loop: Fold __loop_release into loop_release"
drivers/block/loop.c
* Revert "loop: Get rid of loop_index_mutex"
drivers/block/loop.c
* Revert "loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl()"
drivers/block/loop.c
* FROMGIT: binder: create node flag to request sender's security context
drivers/android/binder.c
include/uapi/linux/android/binder.h
* ANDROID: revert "sysfs_net_ipv4: Add sysfs-based knobs for controlling TCP window size"
net/ipv4/Makefile
* Makefile: Fix 4.9.161 merge
Makefile
Merge 4.9.161 into android-4.9
Linux 4.9.161
* kbuild: consolidate Clang compiler flags
Makefile
* sched/sysctl: Fix attributes of some extern declarations
include/linux/sched/sysctl.h
phy: tegra: remove redundant self assignment of 'map'
pinctrl: max77620: Use define directive for max77620_pinconf_param values
netfilter: nf_tables: fix flush after rule deletion in the same batch
* Revert "bridge: do not add port to router list when receives query with source 0.0.0.0"
net/bridge/br_multicast.c
* mm/zsmalloc.c: fix -Wunneeded-internal-declaration warning
mm/zsmalloc.c
* mm/zsmalloc.c: change stat type parameter to int
mm/zsmalloc.c
* irqchip/gic-v3: Convert arm64 GIC accessors to {read,write}_sysreg_s
arch/arm64/include/asm/arch_gicv3.h
* kbuild: add -no-integrated-as Clang option unconditionally
Makefile
* kbuild: set no-integrated-as before incl. arch Makefile
Makefile
* kbuild: clang: disable unused variable warnings only when constant
Makefile
* kbuild: clang: remove crufty HOSTCFLAGS
Makefile
* kbuild: clang: fix build failures with sparse check
Makefile
* kbuild: move cc-option and cc-disable-warning after incl. arch Makefile
Makefile
drm/i915: Fix enum pipe vs. enum transcoder for the PCH transcoder
drm/i915: Consistently use enum pipe for PCH transcoders
x86/boot: Disable the address-of-packed-member compiler warning
* tracing: Use cpumask_available() to check if cpumask variable may be used
kernel/trace/trace.c
netpoll: Fix device name check in netpoll_setup()
* clocksource: Use GENMASK_ULL in definition of CLOCKSOURCE_MASK
include/linux/clocksource.h
hpet: Make cmd parameter of hpet_ioctl_common() unsigned
ARC: define ARCH_SLAB_MINALIGN = 8
ARC: U-boot: check arguments paranoidly
ARCv2: Enable unaligned access in early ASM code
parisc: Fix ptrace syscall number modification
net/mlx4_en: Force CHECKSUM_NONE for short ethernet frames
sctp: call gso_reset_checksum when computing checksum in sctp_gso_segment
* sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach()
net/ipv6/sit.c
team: avoid complex list operations in team_nl_cmd_options_set()
* net/packet: fix 4gb buffer limit due to overflow check
net/packet/af_packet.c
batman-adv: fix uninit-value in batadv_interface_tx()
* KEYS: always initialize keyring_index_key::desc_len
security/keys/keyring.c
security/keys/proc.c
security/keys/request_key.c
security/keys/request_key_auth.c
* KEYS: user: Align the payload buffer
include/keys/user-type.h
RDMA/srp: Rework SCSI device reset handling
net: ethernet: stmmac: change dma descriptors to __le32
isdn: avm: Fix string plus integer warning from Clang
net/mlx5e: Fix wrong (zero) TX drop counter indication for representor
mlxsw: spectrum_switchdev: Do not treat static FDB entries as sticky
leds: lp5523: fix a missing check of return value of lp55xx_read
atm: he: fix sign-extension overflow on large shift
isdn: i4l: isdn_tty: Fix some concurrency double-free bugs
net: stmmac: Fix PCI module removal leak
MIPS: jazz: fix 64bit build
scsi: isci: initialize shost fully before calling scsi_add_host()
scsi: qla4xxx: check return code of qla4xxx_copy_from_fwddb_param
MIPS: ath79: Enable OF serial ports in the default config
net: hns: Fix use after free identified by SLUB debug
qed: Fix qed_ll2_post_rx_buffer_notify_fw() by adding a write memory barrier
mfd: mc13xxx: Fix a missing check of a register-read failure
mfd: wm5110: Add missing ASRC rate register
mfd: qcom_rpm: write fw_version to CTRL_REG
mfd: ab8500-core: Return zero in get_register_interruptible()
mfd: mt6397: Do not call irq_domain_remove if PMIC unsupported
mfd: db8500-prcmu: Fix some section annotations
mfd: twl-core: Fix section annotations on {,un}protect_pm_master
mfd: ti_am335x_tscadc: Use PLATFORM_DEVID_AUTO while registering mfd cells
* KEYS: allow reaching the keys quotas exactly
security/keys/key.c
* proc, oom: do not report alien mms when setting oom_score_adj
fs/proc/base.c
numa: change get_mempolicy() to use nr_node_ids instead of MAX_NUMNODES
ceph: avoid repeatedly adding inode to mdsc->snap_flush_list
libceph: handle an empty authorize reply
mac80211: Free mpath object when rhashtable insertion fails
* ANDROID: cpufreq: times: optimize proc files
drivers/cpufreq/cpufreq_times.c
Change-Id: I39b2992729b87b1b84dc7d98725cb6550a10906d
Signed-off-by: Petri Gynther <pgynther@google.com>
|
||
|
Xie Yongji
|
b4df458223 |
locking/rwsem: Fix (possible) missed wakeup
[ Upstream commit e158488be27b157802753a59b336142dc0eb0380 ] Because wake_q_add() can imply an immediate wakeup (cmpxchg failure case), we must not rely on the wakeup being delayed. However, commit: |
||
|
Petri Gynther
|
5f697842fe |
Merge 4.9.147 into android-msm-bluecross-4.9-lts
Linux 4.9.147
rtc: snvs: Add timeouts to avoid kernel lockups
rtc: snvs: add a missing write sync
nvmet-rdma: fix response use after free
i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node
i2c: axxia: properly handle master timeout
vhost/vsock: fix reset orphans race with close timeout
* cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure cifs)
fs/cifs/Kconfig
drm/ast: Fix connector leak during driver unload
ethernet: fman: fix wrong of_node_put() in probe function
ARM: 8815/1: V7M: align v7m_dma_inv_range() with v7 counterpart
ARM: 8814/1: mm: improve/fix ARM v7_dma_inv_range() unaligned address handling
* bpf: check pending signals while verifying programs
kernel/bpf/verifier.c
* net/mlx4_en: Fix build break when CONFIG_INET is off
drivers/net/ethernet/mellanox/mlx4/Kconfig
mv88e6060: disable hardware level MAC learning
libata: whitelist all SAMSUNG MZ7KM* solid-state disks
Input: omap-keypad - fix keyboard debounce configuration
clk: mmp: Off by one in mmp_clk_add()
clk: mvebu: Off by one bugs in cp110_of_clk_get()
ide: pmac: add of_node_put()
drivers/tty: add missing of_node_put()
drivers/sbus/char: add of_node_put()
sbus: char: add of_node_put()
SUNRPC: Fix a potential race in xprt_connect()
nfs: don't dirty kernel pages read by direct-io
* bonding: fix 802.3ad state sent to partner when unbinding slave
drivers/net/bonding/bond_3ad.c
ARC: io.h: Implement reads{x}()/writes{x}()
* drm/msm: Grab a vblank reference when waiting for commit_done
drivers/gpu/drm/msm/msm_atomic.c
x86/earlyprintk/efi: Fix infinite loop on some screen widths
scsi: vmw_pscsi: Rearrange code to avoid multiple calls to free_irq during unload
scsi: libiscsi: Fix NULL pointer dereference in iscsi_eh_session_reset
mac80211_hwsim: fix module init error paths for netlink
locking/qspinlock: Fix build for anonymous union in older GCC compilers
locking/qspinlock, x86: Provide liveness guarantee
locking/qspinlock/x86: Increase _Q_PENDING_LOOPS upper bound
locking/qspinlock: Re-order code
locking/qspinlock: Kill cmpxchg() loop when claiming lock from head of queue
locking/qspinlock: Remove duplicate clear_pending() function from PV code
locking/qspinlock: Remove unbounded cmpxchg() loop from locking slowpath
locking/qspinlock: Merge 'struct __qspinlock' into 'struct qspinlock'
locking/qspinlock: Bound spinning on pending->locked transition in slowpath
locking/qspinlock: Ensure node is initialised before updating prev->next
locking: Remove smp_read_barrier_depends() from queued_spin_lock_slowpath()
IB/hfi1: Remove race conditions in user_sdma send path
mac80211: Fix condition validating WMM IE
mac80211: don't WARN on bad WMM parameters from buggy APs
drm/i915/execlists: Apply a full mb before execution for Braswell
Revert "drm/rockchip: Allow driver to be shutdown on reboot/kexec"
powerpc/msi: Fix NULL pointer access in teardown code
tracing: Fix memory leak of instance function hash filters
* tracing: Fix memory leak in set_trigger_filter()
kernel/trace/trace_events_trigger.c
ARM: mmp/mmp2: fix cpu_is_mmp2() on mmp2-dt
MMC: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310
* aio: fix spectre gadget in lookup_ioctx
fs/aio.c
pinctrl: sunxi: a83t: Fix IRQ offset typo for PH11
* timer/debug: Change /proc/timer_list from 0444 to 0400
kernel/time/timer_list.c
lib/interval_tree_test.c: allow users to limit scope of endpoint
lib/rbtree-test: lower default params
lib/rbtree_test.c: make input module parameters
lib/interval_tree_test.c: allow full tree search
lib/interval_tree_test.c: make test options module parameters
* signal: Introduce COMPAT_SIGMINSTKSZ for use in compat_sys_sigaltstack
include/linux/compat.h
kernel/signal.c
Linux 4.9.146
staging: speakup: Replace strncpy with memcpy
* pstore: Convert console write to use ->write_buf
fs/pstore/platform.c
ocfs2: fix potential use after free
debugobjects: avoid recursive calls with kmemleak
hfsplus: do not free node before using
hfs: do not free node before using
ocfs2: fix deadlock caused by ocfs2_defrag_extent()
fscache, cachefiles: remove redundant variable 'cache'
fscache: fix race between enablement and dropping of object
xen: xlate_mmu: add missing header to fix 'W=1' warning
drm/ast: fixed reading monitor EDID not stable issue
net: hisilicon: remove unexpected free_netdev
ixgbe: recognize 1000BaseLX SFP modules as 1Gbps
igb: fix uninitialized variables
cachefiles: Fix page leak in cachefiles_read_backing_file while vmscan is active
net: thunderx: fix NULL pointer dereference in nic_remove
x86/kvm/vmx: fix old-style function declaration
KVM: x86: fix empty-body warnings
USB: omap_udc: fix USB gadget functionality on Palm Tungsten E
USB: omap_udc: fix omap_udc_start() on 15xx machines
USB: omap_udc: fix crashes on probe error and module removal
USB: omap_udc: use devm_request_irq()
ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf
* bpf: fix check of allowed specifiers in bpf_trace_printk
kernel/trace/bpf_trace.c
exportfs: do not read dentry after free
ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE
ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE
RDMA/mlx5: Fix fence type for IB_WR_LOCAL_INV WR
Btrfs: send, fix infinite loop due to directory rename dependencies
objtool: Fix segfault in .cold detection with -ffunction-sections
objtool: Fix double-free in .cold detection error path
hwmon: (w83795) temp4_type has writable permission
* ASoC: dapm: Recalculate audio map forcely when card instantiated
sound/soc/soc-core.c
ASoC: omap-abe-twl6040: Fix missing audio card caused by deferred probing
hwmon: (ina2xx) Fix current value calculation
s390/cpum_cf: Reject request for sampling in event initialization
selftests: add script to stress-test nft packet path vs. control plane
sysv: return 'err' instead of 0 in __sysv_write_inode
ARM: OMAP1: ams-delta: Fix possible use of uninitialized field
ARM: dts: logicpd-somlv: Fix interrupt on mmc3_dat1
ARM: OMAP2+: prm44xx: Fix section annotation on omap44xx_prm_enable_io_wakeup
* neighbour: Avoid writing before skb->head in neigh_hh_output()
include/net/neighbour.h
* tun: forbid iface creation with rtnl ops
drivers/net/tun.c
* tcp: fix NULL ref in tail loss probe
net/ipv4/tcp_output.c
* rtnetlink: ndo_dflt_fdb_dump() only work for ARPHRD_ETHER devices
net/core/rtnetlink.c
net: Prevent invalid access to skb->prev in __qdisc_drop_all
* net: phy: don't allow __set_phy_supported to add unsupported modes
drivers/net/phy/phy_device.c
net/mlx4_core: Correctly set PFC param if global pause is turned off.
net: 8139cp: fix a BUG triggered by changing mtu with network traffic
* ipv6: Check available headroom in ip6_xmit() even without options
net/ipv6/ip6_output.c
Linux 4.9.145
* kbuild: allow to use GCC toolchain not in Clang search path
Makefile
* kbuild: fix linker feature test macros when cross compiling with Clang
scripts/Kbuild.include
mac80211: ignore NullFunc frames in the duplicate detection
mac80211: fix reordering of buffered broadcast packets
mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext
mac80211: Clear beacon_int in ieee80211_do_stop
mac80211_hwsim: Timer should be initialized before device registered
kgdboc: fix KASAN global-out-of-bounds bug in param_set_kgdboc_var()
* tty: do not set TTY_IO_ERROR flag if console port
drivers/tty/tty_port.c
tty: serial: 8250_mtk: always resume the device in probe.
staging: rtl8712: Fix possible buffer overrun
cifs: Fix separator when building path from dentry
Staging: lustre: remove two build warnings
vhost/vsock: fix use-after-free in network stack callers
vsock: lookup and setup guest_cid inside vhost_vsock_lock
* swiotlb: clean up reporting
lib/swiotlb.c
sr: pass down correctly sized SCSI sense buffer
* xhci: Prevent U1/U2 link pm states if exit latency is too long
drivers/usb/host/xhci.c
dmaengine: cppi41: delete channel from pending list when stop channel
SUNRPC: Fix leak of krb5p encode pages
virtio/s390: fix race in ccw_io_helper()
virtio/s390: avoid race on vcdev->config
ALSA: hda/realtek - Fix speaker output regression on Thinkpad T570
* ALSA: pcm: Fix interval evaluation with openmin/max
include/sound/pcm_params.h
* ALSA: pcm: Call snd_pcm_unlink() conditionally at closing
sound/core/pcm_native.c
* ALSA: pcm: Fix starvation on down_write_nonblock()
sound/core/pcm_native.c
ALSA: hda: Add support for AMD Stoney Ridge
* ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c
sound/usb/card.c
* USB: check usb_get_extra_descriptor for proper size
drivers/usb/core/hub.c
drivers/usb/core/usb.c
include/linux/usb.h
usb: appledisplay: Add 27" Apple Cinema Display
* usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device
drivers/usb/core/quirks.c
ARC: [zebu] Remove CONFIG_INITRAMFS_SOURCE from defconfigs
* mm: don't warn about allocations which stall for too long
mm/page_alloc.c
net: amd: add missing of_node_put()
team: no need to do team_notify_peers or team_mcast_rejoin when disabling port
iommu/vt-d: Use memunmap to free memremap
net: faraday: ftmac100: remove netif_running(netdev) check before disabling interrupts
mtd: rawnand: qcom: Namespace prefix some commands
net/mlx4: Fix UBSAN warning of signed integer overflow
net/mlx4_core: Fix uninitialized variable compilation warning
net/mlx4_core: Zero out lkey field in SW2HW_MPT fw command
qed: Fix reading wrong value in loop condition
qed: Fix PTT leak in qed_drain()
bnx2x: Assign unique DMAE channel number for FW DMAE transactions.
batman-adv: Expand merged fragment buffer for full packet
* HID: input: Ignore battery reported by Symbol DS4308
drivers/hid/hid-ids.h
drivers/hid/hid-input.c
can: rcar_can: Fix erroneous registration
iommu/ipmmu-vmsa: Fix crash on early domain free
brcmutil: really fix decoding channel info for 160 MHz bandwidth
iommu/vt-d: Fix NULL pointer dereference in prq_event_thread()
media: omap3isp: Unregister media device as first
Change-Id: Iec0365daf841b32455bdf0369a6947b2989f3d80
Signed-off-by: Petri Gynther <pgynther@google.com>
|
||
|
Peter Zijlstra
|
88ce30fb88 |
locking/qspinlock, x86: Provide liveness guarantee
commit 7aa54be2976550f17c11a1c3e3630002dea39303 upstream. On x86 we cannot do fetch_or() with a single instruction and thus end up using a cmpxchg loop, this reduces determinism. Replace the fetch_or() with a composite operation: tas-pending + load. Using two instructions of course opens a window we previously did not have. Consider the scenario: CPU0 CPU1 CPU2 1) lock trylock -> (0,0,1) 2) lock trylock /* fail */ 3) unlock -> (0,0,0) 4) lock trylock -> (0,0,1) 5) tas-pending -> (0,1,1) load-val <- (0,1,0) from 3 6) clear-pending-set-locked -> (0,0,1) FAIL: _2_ owners where 5) is our new composite operation. When we consider each part of the qspinlock state as a separate variable (as we can when _Q_PENDING_BITS == 8) then the above is entirely possible, because tas-pending will only RmW the pending byte, so the later load is able to observe prior tail and lock state (but not earlier than its own trylock, which operates on the whole word, due to coherence). To avoid this we need 2 things: - the load must come after the tas-pending (obviously, otherwise it can trivially observe prior state). - the tas-pending must be a full word RmW instruction, it cannot be an XCHGB for example, such that we cannot observe other state prior to setting pending. On x86 we can realize this by using "LOCK BTS m32, r32" for tas-pending followed by a regular load. Note that observing later state is not a problem: - if we fail to observe a later unlock, we'll simply spin-wait for that store to become visible. - if we observe a later xchg_tail(), there is no difference from that xchg_tail() having taken place before the tas-pending. Suggested-by: Will Deacon <will.deacon@arm.com> Reported-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Reviewed-by: Will Deacon <will.deacon@arm.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: andrea.parri@amarulasolutions.com Cc: longman@redhat.com Fixes: 59fb586b4a07 ("locking/qspinlock: Remove unbounded cmpxchg() loop from locking slowpath") Link: https://lkml.kernel.org/r/20181003130957.183726335@infradead.org Signed-off-by: Ingo Molnar <mingo@kernel.org> [bigeasy: GEN_BINARY_RMWcc macro redo] Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Peter Zijlstra
|
f650bdcabf |
locking/qspinlock: Re-order code
commit 53bf57fab7321fb42b703056a4c80fc9d986d170 upstream. Flip the branch condition after atomic_fetch_or_acquire(_Q_PENDING_VAL) such that we loose the indent. This also result in a more natural code flow IMO. Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Acked-by: Will Deacon <will.deacon@arm.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: andrea.parri@amarulasolutions.com Cc: longman@redhat.com Link: https://lkml.kernel.org/r/20181003130257.156322446@infradead.org Signed-off-by: Ingo Molnar <mingo@kernel.org> Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Will Deacon
|
0952e8f0e6 |
locking/qspinlock: Kill cmpxchg() loop when claiming lock from head of queue
commit c61da58d8a9ba9238250a548f00826eaf44af0f7 upstream. When a queued locker reaches the head of the queue, it claims the lock by setting _Q_LOCKED_VAL in the lockword. If there isn't contention, it must also clear the tail as part of this operation so that subsequent lockers can avoid taking the slowpath altogether. Currently this is expressed as a cmpxchg() loop that practically only runs up to two iterations. This is confusing to the reader and unhelpful to the compiler. Rewrite the cmpxchg() loop without the loop, so that a failed cmpxchg() implies that there is contention and we just need to write to _Q_LOCKED_VAL without considering the rest of the lockword. Signed-off-by: Will Deacon <will.deacon@arm.com> Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org> Acked-by: Waiman Long <longman@redhat.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: boqun.feng@gmail.com Cc: linux-arm-kernel@lists.infradead.org Cc: paulmck@linux.vnet.ibm.com Link: http://lkml.kernel.org/r/1524738868-31318-7-git-send-email-will.deacon@arm.com Signed-off-by: Ingo Molnar <mingo@kernel.org> Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Will Deacon
|
0f28d5f4ce |
locking/qspinlock: Remove duplicate clear_pending() function from PV code
commit 3bea9adc96842b8a7345c7fb202c16ae9c8d5b25 upstream. The native clear_pending() function is identical to the PV version, so the latter can simply be removed. This fixes the build for systems with >= 16K CPUs using the PV lock implementation. Reported-by: Waiman Long <longman@redhat.com> Signed-off-by: Will Deacon <will.deacon@arm.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: boqun.feng@gmail.com Cc: linux-arm-kernel@lists.infradead.org Cc: paulmck@linux.vnet.ibm.com Link: http://lkml.kernel.org/r/20180427101619.GB21705@arm.com Signed-off-by: Ingo Molnar <mingo@kernel.org> Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Will Deacon
|
9b5884372c |
locking/qspinlock: Remove unbounded cmpxchg() loop from locking slowpath
commit 59fb586b4a07b4e1a0ee577140ab4842ba451acd upstream. The qspinlock locking slowpath utilises a "pending" bit as a simple form of an embedded test-and-set lock that can avoid the overhead of explicit queuing in cases where the lock is held but uncontended. This bit is managed using a cmpxchg() loop which tries to transition the uncontended lock word from (0,0,0) -> (0,0,1) or (0,0,1) -> (0,1,1). Unfortunately, the cmpxchg() loop is unbounded and lockers can be starved indefinitely if the lock word is seen to oscillate between unlocked (0,0,0) and locked (0,0,1). This could happen if concurrent lockers are able to take the lock in the cmpxchg() loop without queuing and pass it around amongst themselves. This patch fixes the problem by unconditionally setting _Q_PENDING_VAL using atomic_fetch_or, and then inspecting the old value to see whether we need to spin on the current lock owner, or whether we now effectively hold the lock. The tricky scenario is when concurrent lockers end up queuing on the lock and the lock becomes available, causing us to see a lockword of (n,0,0). With pending now set, simply queuing could lead to deadlock as the head of the queue may not have observed the pending flag being cleared. Conversely, if the head of the queue did observe pending being cleared, then it could transition the lock from (n,0,0) -> (0,0,1) meaning that any attempt to "undo" our setting of the pending bit could race with a concurrent locker trying to set it. We handle this race by preserving the pending bit when taking the lock after reaching the head of the queue and leaving the tail entry intact if we saw pending set, because we know that the tail is going to be updated shortly. Signed-off-by: Will Deacon <will.deacon@arm.com> Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org> Acked-by: Waiman Long <longman@redhat.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: boqun.feng@gmail.com Cc: linux-arm-kernel@lists.infradead.org Cc: paulmck@linux.vnet.ibm.com Link: http://lkml.kernel.org/r/1524738868-31318-6-git-send-email-will.deacon@arm.com Signed-off-by: Ingo Molnar <mingo@kernel.org> Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Will Deacon
|
60668f3cdd |
locking/qspinlock: Merge 'struct __qspinlock' into 'struct qspinlock'
commit 625e88be1f41b53cec55827c984e4a89ea8ee9f9 upstream. 'struct __qspinlock' provides a handy union of fields so that subcomponents of the lockword can be accessed by name, without having to manage shifts and masks explicitly and take endianness into account. This is useful in qspinlock.h and also potentially in arch headers, so move the 'struct __qspinlock' into 'struct qspinlock' and kill the extra definition. Signed-off-by: Will Deacon <will.deacon@arm.com> Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org> Acked-by: Waiman Long <longman@redhat.com> Acked-by: Boqun Feng <boqun.feng@gmail.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: linux-arm-kernel@lists.infradead.org Cc: paulmck@linux.vnet.ibm.com Link: http://lkml.kernel.org/r/1524738868-31318-3-git-send-email-will.deacon@arm.com Signed-off-by: Ingo Molnar <mingo@kernel.org> Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Will Deacon
|
8e5b3bcc52 |
locking/qspinlock: Bound spinning on pending->locked transition in slowpath
commit 6512276d97b160d90b53285bd06f7f201459a7e3 upstream. If a locker taking the qspinlock slowpath reads a lock value indicating that only the pending bit is set, then it will spin whilst the concurrent pending->locked transition takes effect. Unfortunately, there is no guarantee that such a transition will ever be observed since concurrent lockers could continuously set pending and hand over the lock amongst themselves, leading to starvation. Whilst this would probably resolve in practice, it means that it is not possible to prove liveness properties about the lock and means that lock acquisition time is unbounded. Rather than removing the pending->locked spinning from the slowpath altogether (which has been shown to heavily penalise a 2-threaded locking stress test on x86), this patch replaces the explicit spinning with a call to atomic_cond_read_relaxed and allows the architecture to provide a bound on the number of spins. For architectures that can respond to changes in cacheline state in their smp_cond_load implementation, it should be sufficient to use the default bound of 1. Suggested-by: Waiman Long <longman@redhat.com> Signed-off-by: Will Deacon <will.deacon@arm.com> Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org> Acked-by: Waiman Long <longman@redhat.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: boqun.feng@gmail.com Cc: linux-arm-kernel@lists.infradead.org Cc: paulmck@linux.vnet.ibm.com Link: http://lkml.kernel.org/r/1524738868-31318-4-git-send-email-will.deacon@arm.com Signed-off-by: Ingo Molnar <mingo@kernel.org> Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Will Deacon
|
48c42d4dfe |
locking/qspinlock: Ensure node is initialised before updating prev->next
commit 95bcade33a8af38755c9b0636e36a36ad3789fe6 upstream.
When a locker ends up queuing on the qspinlock locking slowpath, we
initialise the relevant mcs node and publish it indirectly by updating
the tail portion of the lock word using xchg_tail. If we find that there
was a pre-existing locker in the queue, we subsequently update their
->next field to point at our node so that we are notified when it's our
turn to take the lock.
This can be roughly illustrated as follows:
/* Initialise the fields in node and encode a pointer to node in tail */
tail = initialise_node(node);
/*
* Exchange tail into the lockword using an atomic read-modify-write
* operation with release semantics
*/
old = xchg_tail(lock, tail);
/* If there was a pre-existing waiter ... */
if (old & _Q_TAIL_MASK) {
prev = decode_tail(old);
smp_read_barrier_depends();
/* ... then update their ->next field to point to node.
WRITE_ONCE(prev->next, node);
}
The conditional update of prev->next therefore relies on the address
dependency from the result of xchg_tail ensuring order against the
prior initialisation of node. However, since the release semantics of
the xchg_tail operation apply only to the write portion of the RmW,
then this ordering is not guaranteed and it is possible for the CPU
to return old before the writes to node have been published, consequently
allowing us to point prev->next to an uninitialised node.
This patch fixes the problem by making the update of prev->next a RELEASE
operation, which also removes the reliance on dependency ordering.
Signed-off-by: Will Deacon <will.deacon@arm.com>
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/1518528177-19169-2-git-send-email-will.deacon@arm.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Paul E. McKenney
|
c3b6e79fbf |
locking: Remove smp_read_barrier_depends() from queued_spin_lock_slowpath()
commit 548095dea63ffc016d39c35b32c628d033638aca upstream. Queued spinlocks are not used by DEC Alpha, and furthermore operations such as READ_ONCE() and release/relaxed RMW atomics are being changed to imply smp_read_barrier_depends(). This commit therefore removes the now-redundant smp_read_barrier_depends() from queued_spin_lock_slowpath(), and adjusts the comments accordingly. Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Ingo Molnar <mingo@redhat.com> Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Petri Gynther
|
5cdb13f3cd |
Merge 4.9.140 into android-msm-bluecross-4.9-lts
Linux 4.9.140
* Revert "ipv6: set rt6i_protocol properly in the route when it is installed"
net/ipv6/route.c
* Revert "x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation"
kernel/cpu.c
Linux 4.9.139
ARM: spectre-v1: mitigate user accesses
ARM: spectre-v1: use get_user() for __get_user()
ARM: use __inttype() in get_user()
ARM: oabi-compat: copy semops using __copy_from_user()
ARM: vfp: use __copy_from_user() when restoring VFP state
ARM: signal: copy registers using __copy_from_user()
ARM: spectre-v1: fix syscall entry
ARM: spectre-v1: add array_index_mask_nospec() implementation
ARM: spectre-v1: add speculation barrier (csdb) macros
ARM: KVM: report support for SMCCC_ARCH_WORKAROUND_1
ARM: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling
ARM: spectre-v2: KVM: invalidate icache on guest exit for Brahma B15
ARM: KVM: invalidate icache on guest exit for Cortex-A15
ARM: KVM: invalidate BTB on guest exit for Cortex-A12/A17
ARM: spectre-v2: warn about incorrect context switching functions
ARM: spectre-v2: add firmware based hardening
ARM: spectre-v2: harden user aborts in kernel space
ARM: spectre-v2: add Cortex A8 and A15 validation of the IBE bit
ARM: spectre-v2: harden branch predictor on context switches
ARM: spectre: add Kconfig symbol for CPUs vulnerable to Spectre
ARM: bugs: add support for per-processor bug checking
ARM: bugs: hook processor bug checking into SMP and suspend paths
ARM: bugs: prepare processor bug infrastructure
ARM: add more CPU part numbers for Cortex and Brahma B15 CPUs
* arm64: uaccess: suppress spurious clang warning
arch/arm64/include/asm/uaccess.h
* Kbuild: use -fshort-wchar globally
Makefile
x86/build: Use cc-option to validate stack alignment parameter
x86/build: Fix stack alignment for CLang
efi/libstub/arm64: Set -fpie when building the EFI stub
efi/libstub: Preserve .debug sections after absolute relocation check
efi/libstub/arm64: Force 'hidden' visibility for section markers
* efi/libstub/arm64: Use hidden attribute for struct screen_info reference
arch/arm64/include/asm/efi.h
x86/boot: #undef memcpy() et al in string.c
* crypto: arm64/sha - avoid non-standard inline asm tricks
arch/arm64/crypto/sha1-ce-core.S
arch/arm64/crypto/sha1-ce-glue.c
arch/arm64/crypto/sha2-ce-core.S
arch/arm64/crypto/sha2-ce-glue.c
* kbuild: clang: Disable 'address-of-packed-member' warning
Makefile
x86/build: Specify stack alignment for clang
x86/build: Use __cc-option for boot code compiler options
* kbuild: Add __cc-option macro
Makefile
scripts/Kbuild.include
scripts/Makefile.host
crypto, x86: aesni - fix token pasting for clang
x86/kbuild: Use cc-option to enable -falign-{jumps/loops}
* modules: mark __inittest/__exittest as __maybe_unused
include/linux/module.h
* kbuild: Add support to generate LLVM assembly files
Makefile
scripts/Makefile.build
* kbuild: use -Oz instead of -Os when using clang
Makefile
* kbuild, LLVMLinux: Add -Werror to cc-option to support clang
scripts/Kbuild.include
* kbuild: drop -Wno-unknown-warning-option from clang options
Makefile
scripts/Makefile.extrawarn
* kbuild: fix asm-offset generation to work with clang
include/linux/kbuild.h
scripts/Makefile.lib
* kbuild: consolidate redundant sed script ASM offset generation
scripts/Makefile.lib
* kbuild: Consolidate header generation from ASM offset information
Kbuild
scripts/Makefile.lib
scripts/mod/Makefile
* kbuild: clang: add -no-integrated-as to KBUILD_[AC]FLAGS
Makefile
* kbuild: Add better clang cross build support
Makefile
* ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF
net/ipv6/route.c
* inet: frags: better deal with smp races
net/ipv4/inet_fragment.c
usbnet: smsc95xx: disable carrier check while suspending
tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths
sctp: not allow to set asoc prsctp_enable by sockopt
* net-gro: reset skb->pkt_type in napi_reuse_skb()
net/core/dev.c
* ip_tunnel: don't force DF when MTU is locked
net/ipv4/ip_tunnel_core.c
* flow_dissector: do not dissect l4 ports for fragments
net/core/flow_dissector.c
Linux 4.9.138
KVM: arm64: Fix caching of host MDCR_EL2 value
drm/i915/execlists: Force write serialisation into context image vs execution
drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values
* drm/dp_mst: Check if primary mstb is null
drivers/gpu/drm/drm_dp_mst_topology.c
drm/rockchip: Allow driver to be shutdown on reboot/kexec
* mm: migration: fix migration of huge PMD shared pages
include/linux/hugetlb.h
include/linux/mm.h
mm/rmap.c
hugetlbfs: fix kernel BUG at fs/hugetlbfs/inode.c:444!
lib/ubsan.c: don't mark __ubsan_handle_builtin_unreachable as noreturn
* configfs: replace strncpy with memcpy
fs/configfs/symlink.c
* fuse: fix leaked notify reply
fs/fuse/dev.c
* fuse: fix use-after-free in fuse_direct_IO()
fs/fuse/file.c
* rtc: hctosys: Add missing range error reporting
drivers/rtc/hctosys.c
nfsd: COPY and CLONE operations require the saved filehandle to be set
sunrpc: correct the computation for page_ptr when truncating
* mount: Prevent MNT_DETACH from disconnecting locked mounts
fs/namespace.c
* mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts
fs/namespace.c
* mount: Retest MNT_LOCKED in do_umount
fs/namespace.c
* ext4: fix buffer leak in __ext4_read_dirblock() on error path
fs/ext4/namei.c
* ext4: fix buffer leak in ext4_xattr_move_to_block() on error path
fs/ext4/xattr.c
* ext4: release bs.bh before re-using in ext4_xattr_block_find()
fs/ext4/xattr.c
* ext4: fix possible leak of s_journal_flag_rwsem in error path
fs/ext4/super.c
* ext4: fix possible leak of sbi->s_group_desc_leak in error path
fs/ext4/super.c
* ext4: avoid possible double brelse() in add_new_gdb() on error path
fs/ext4/resize.c
* ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing
fs/ext4/resize.c
* ext4: avoid buffer leak in ext4_orphan_add() after prior errors
fs/ext4/namei.c
* ext4: fix possible inode leak in the retry loop of ext4_resize_fs()
fs/ext4/resize.c
* ext4: avoid potential extra brelse in setup_new_flex_group_blocks()
fs/ext4/resize.c
* ext4: add missing brelse() add_new_gdb_meta_bg()'s error path
fs/ext4/resize.c
* ext4: add missing brelse() in set_flexbg_block_bitmap()'s error path
fs/ext4/resize.c
* ext4: add missing brelse() update_backups()'s error path
fs/ext4/resize.c
clockevents/drivers/i8253: Add support for PIT shutdown quirk
Btrfs: fix data corruption due to cloning of eof block
Btrfs: fix cur_offset in the error case for nocow
arch/alpha, termios: implement BOTHER, IBSHIFT and termios2
* termios, tty/tty_baudrate.c: fix buffer overrun
drivers/tty/tty_ioctl.c
of, numa: Validate some distance map rules
* mtd: docg3: don't set conflicting BCH_CONST_PARAMS option
drivers/mtd/devices/Kconfig
* netfilter: conntrack: fix calculation of next bucket number in early_drop
net/netfilter/nf_conntrack_core.c
mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings
ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry
vhost/scsi: truncate T10 PI iov_iter to prot_bytes
reset: hisilicon: fix potential NULL pointer dereference
mach64: fix image corruption due to reading accelerator registers
mach64: fix display corruption on big endian machines
Revert "ceph: fix dentry leak in splice_dentry()"
libceph: bump CEPH_MSG_MAX_DATA_LEN
clk: rockchip: Fix static checker warning in rockchip_ddrclk_get_parent call
clk: at91: Fix division by zero in PLL recalc_rate()
clk: s2mps11: Fix matching when built as module and DT node contains compatible
xtensa: fix boot parameters address translation
xtensa: make sure bFLT stack is 16 byte aligned
xtensa: add NOTES section to the linker script
MIPS: Loongson-3: Fix BRIDGE irq delivery problem
MIPS: Loongson-3: Fix CPU UART irq delivery problem
parisc: Fix exported address of os_hpmc handler
parisc: Fix HPMC handler by increasing size to multiple of 16 bytes
parisc: Align os_hpmc_size on word boundary
bna: ethtool: Avoid reading past end of buffer
e1000: fix race condition between e1000_down() and e1000_watchdog
e1000: avoid null pointer dereference on invalid stat type
* mm: do not bug_on on incorrect length in __mm_populate()
mm/gup.c
mm/mmap.c
* fuse: set FR_SENT while locked
fs/fuse/dev.c
* fuse: fix blocked_waitq wakeup
fs/fuse/dev.c
* fuse: Fix use-after-free in fuse_dev_do_write()
fs/fuse/dev.c
* fuse: Fix use-after-free in fuse_dev_do_read()
fs/fuse/dev.c
scsi: qla2xxx: shutdown chip if reset fail
scsi: qla2xxx: Fix incorrect port speed being set for FC adapters
cdrom: fix improper type cast, which can leat to information leak.
9p: clear dangling pointers in p9stat_free
9p locks: fix glock.client_id leak in do_lock
powerpc/selftests: Wait all threads to join
media: tvp5150: fix width alignment during set_selection()
sc16is7xx: Fix for multi-channel stall
MIPS/PCI: Call pcie_bus_configure_settings() to set MPS/MRRS
powerpc/boot: Ensure _zimage_start is a weak symbol
MIPS: kexec: Mark CPU offline before disabling local IRQ
media: pci: cx23885: handle adding to list failure
drm/omap: fix memory barrier bug in DMM driver
powerpc/nohash: fix undefined behaviour when testing page size support
ARM: imx_v6_v7_defconfig: Select CONFIG_TMPFS_POSIX_ACL
* tty: check name length in tty_find_polling_driver()
drivers/tty/tty_io.c
powerpc/eeh: Fix possible null deref in eeh_dump_dev_log()
Linux 4.9.137
MD: fix invalid stored role for a disk - try2
btrfs: set max_extent_size properly
Btrfs: fix null pointer dereference on compressed write path error
btrfs: qgroup: Dirty all qgroups before rescan
Btrfs: fix wrong dentries after fsync of file that got its parent replaced
btrfs: make sure we create all new block groups
btrfs: reset max_extent_size on clear in a bitmap
btrfs: wait on caching when putting the bg cache
btrfs: don't attempt to trim devices that don't support it
btrfs: iterate all devices during trim, instead of fs_devices::alloc_list
btrfs: fix error handling in free_log_tree
btrfs: locking: Add extra check in btrfs_init_new_buffer() to avoid deadlock
btrfs: Handle owner mismatch gracefully when walking up tree
soc/tegra: pmc: Fix child-node lookup
arm64: dts: stratix10: Correct System Manager register size
Cramfs: fix abad comparison when wrap-arounds occur
rpmsg: smd: fix memory leak on channel create
* arm64: lse: remove -fcall-used-x0 flag
arch/arm64/lib/Makefile
media: em28xx: make v4l2-compliance happier by starting sequence on zero
media: em28xx: fix input name for Terratec AV 350
media: tvp5150: avoid going past array on v4l2_querymenu()
media: em28xx: use a default format if TRY_FMT fails
xen: fix xen_qlock_wait()
kgdboc: Passing ekgdboc to command line causes panic
media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD
TC: Set DMA masks for devices
MIPS: OCTEON: fix out of bounds array access on CN68XX
powerpc/msi: Fix compile error on mpc83xx
* dm ioctl: harden copy_params()'s copy_from_user() from malicious users
drivers/md/dm-ioctl.c
lockd: fix access beyond unterminated strings in prints
nfsd: Fix an Oops in free_session()
NFSv4.1: Fix the r/wsize checking
* genirq: Fix race on spurious interrupt detection
kernel/irq/manage.c
* printk: Fix panic caused by passing log_buf_len to command line
kernel/printk/printk.c
smb3: on kerberos mount if server doesn't specify auth type use krb5
smb3: do not attempt cifs operation in smb3 query info error path
smb3: allow stats which track session and share reconnects to be reset
w1: omap-hdq: fix missing bus unregister at removal
iio: adc: at91: fix wrong channel number in triggered buffer mode
iio: adc: at91: fix acking DRDY irq on simple conversions
iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs()
iio: ad5064: Fix regulator handling
* kbuild: fix kernel/bounds.c 'W=1' warning
kernel/bounds.c
hugetlbfs: dirty pages as they are added to pagecache
ima: fix showing large 'violations' or 'runtime_measurements_count'
crypto: tcrypt - fix ghash-generic speed test
crypto: lrw - Fix out-of bounds access on counter overflow
signal/GenWQE: Fix sending of SIGKILL
* PCI: Add Device IDs for Intel GPU "spurious interrupt" quirk
drivers/pci/quirks.c
EDAC, skx_edac: Fix logical channel intermediate decoding
EDAC, {i7core,sb,skx}_edac: Fix uncorrected error counting
HID: hiddev: fix potential Spectre v1
* ext4: propagate error from dquot_initialize() in EXT4_IOC_FSSETXATTR
fs/ext4/ioctl.c
* ext4: initialize retries variable in ext4_da_write_inline_data_begin()
fs/ext4/inline.c
gfs2_meta: ->mount() can get NULL dev_name
* jbd2: fix use after free in jbd2_log_do_checkpoint()
fs/jbd2/checkpoint.c
ASoC: intel: skylake: Add missing break in skl_tplg_get_token()
libnvdimm: Hold reference on parent while scheduling async init
* net/ipv4: defensive cipso option parsing
net/ipv4/cipso_ipv4.c
iwlwifi: mvm: check return value of rs_rate_from_ucode_rate()
usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten
libertas: don't set URB_ZERO_PACKET on IN USB transfer
xen: make xen_qlock_wait() nestable
xen: fix race in xen_qlock_wait()
xen/blkfront: avoid NULL blkfront_info dereference on device removal
tpm: Restore functionality to xen vtpm driver.
xen-swiotlb: use actually allocated size on check physical continuous
ARM: dts: exynos: Mark 1 GHz CPU OPP as suspend OPP on Exynos5250
ARM: dts: exynos: Convert exynos5250.dtsi to opp-v2 bindings
arm: dts: exynos: Add missing cooling device properties for CPUs
ARM: dts: exynos: Remove "cooling-{min|max}-level" for CPU nodes
ALSA: hda: Check the non-cached stream buffers more explicitly
dmaengine: dma-jz4780: Return error if not probed from DT
* signal: Always deliver the kernel's SIGKILL and SIGSTOP to a pid namespace init
kernel/signal.c
scsi: lpfc: Correct soft lockup when running mds diagnostics
* uio: ensure class is registered before devices
drivers/uio/uio.c
driver/dma/ioat: Call del_timer_sync() without holding prep_lock
usb: chipidea: Prevent unbalanced IRQ disable
crypto: caam - fix implicit casts in endianness helpers
coresight: etb10: Fix handling of perf mode
* PCI/MSI: Warn and return error if driver enables MSI/MSI-X twice
drivers/pci/msi.c
MD: fix invalid stored role for a disk
* ext4: fix argument checking in EXT4_IOC_MOVE_EXT
fs/ext4/move_extent.c
usb: gadget: udc: atmel: handle at91sam9rl PMC
VMCI: Resource wildcard match fixed
tpm: suppress transmit cmd error logs when TPM 1.2 is disabled/deactivated
IB/ipoib: Clear IPCB before icmp_send
RDMA/core: Do not expose unsupported counters
scsi: megaraid_sas: fix a missing-check bug
scsi: esp_scsi: Track residual for PIO transfers
cgroup, netclassid: add a preemption point to write_classid
ath10k: schedule hardware restart if WMI command times out
ixgbevf: VF2VF TCP RSS
pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant
* pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant
drivers/pinctrl/qcom/pinctrl-spmi-mpp.c
* pinctrl: qcom: spmi-mpp: Fix drive strength setting
drivers/pinctrl/qcom/pinctrl-spmi-mpp.c
ACPI / LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers
* kprobes: Return error if we fail to reuse kprobe instead of BUG_ON()
kernel/kprobes.c
brcmfmac: fix for proper support of 160MHz bandwidth
* pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux
drivers/pinctrl/qcom/pinctrl-spmi-mpp.c
x86: boot: Fix EFI stub alignment
Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth
cpufreq: dt: Try freeing static OPPs only if we have added them
x86/olpc: Indicate that legacy PC XO-1 platform should not register RTC
iwlwifi: pcie: avoid empty free RB queue
mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01
perf strbuf: Match va_{add,copy} with va_end
perf tools: Cleanup trace-event-info 'tdata' leak
perf tools: Free temporary 'sys' string in read_event_files()
hwmon: (pwm-fan) Set fan speed to 0 on suspend
s390/sthyi: Fix machine name validity indication
* tun: Consistently configure generic netdev params via rtnetlink
drivers/net/tun.c
swim: fix cleanup on setup error
ataflop: fix error handling during setup
* locking/lockdep: Fix debug_locks off performance problem
lib/debug_locks.c
i2c: rcar: cleanup DMA for all kinds of failure
selftests: ftrace: Add synthetic event syntax testcase
net: qla3xxx: Remove overflowing shift statement
x86/fpu: Remove second definition of fpu in __fpu__restore_sig()
perf cpu_map: Align cpu map synthesized events properly.
* sched/fair: Fix the min_vruntime update logic in dequeue_entity()
kernel/sched/fair.c
sparc64: Make proc_id signed.
sparc: Fix single-pcr perf event counter management.
* xfrm: policy: use hlist rcu variants on insert
net/xfrm/xfrm_policy.c
Revert "perf tools: Fix PMU term format max value calculation"
bpf: do not blindly change rlimit in reuseport net selftest
x86/speculation: Support Enhanced IBRS on future CPUs
x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided
* x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation
kernel/cpu.c
ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops
ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905)
ALSA: hda - Fix headphone pin config for ASUS G751
ALSA: hda - Add quirk for ASUS G751 laptop
parisc: Fix map_pages() to not overwrite existing pte entries
parisc: Fix address in HPMC IVA
ipmi: Fix timer race with module unload
pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges
jffs2: free jffs2_sb_info through jffs2_kill_sb()
hwmon: (pmbus) Fix page count auto-detection.
bcache: fix miss key refill->end in writeback
Linux 4.9.136
* posix-timers: Sanitize overrun handling
include/linux/posix-timers.h
kernel/time/posix-cpu-timers.c
kernel/time/posix-timers.c
net: fs_enet: do not call phy_stop() in interrupts
x86/time: Correct the attribute on jiffies' definition
x86/percpu: Fix this_cpu_read()
* sched/fair: Fix throttle_list starvation with low CFS quota
kernel/sched/fair.c
kernel/sched/sched.h
Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM
* USB: fix the usbfs flag sanitization for control transfers
drivers/usb/core/devio.c
* usb: gadget: storage: Fix Spectre v1 vulnerability
drivers/usb/gadget/function/f_mass_storage.c
cdc-acm: correct counting of UART states in serial state notification
IB/ucm: Fix Spectre v1 vulnerability
RDMA/ucma: Fix Spectre v1 vulnerability
* drm/edid: Add 6 bpc quirk for BOE panel in HP Pavilion 15-n233sl
drivers/gpu/drm/drm_edid.c
ptp: fix Spectre v1 vulnerability
cachefiles: fix the race between cachefiles_bury_object() and rmdir(2)
xfs: truncate transaction does not modify the inobt
gpio: mxs: Get rid of external API call
ahci: don't ignore result code of ahci_reset_controller()
* crypto: shash - Fix a sleep-in-atomic bug in shash_setkey_unaligned
crypto/shash.c
Revert "x86/mm: Expand static page table for fixmap space"
* ip6_tunnel: Fix encapsulation layout
net/ipv6/ip6_tunnel.c
* rtnetlink: Disallow FDB configuration for non-Ethernet device
net/core/rtnetlink.c
* net: fix pskb_trim_rcsum_slow() with odd trim offset
net/core/skbuff.c
* net: drop skb on failure in ip_check_defrag()
net/ipv4/ip_fragment.c
* bonding: fix length of actor system
drivers/net/bonding/bond_netlink.c
* ethtool: fix a privilege escalation bug
net/core/ethtool.c
vhost: Fix Spectre V1 vulnerability
sctp: fix race on sctp_id2asoc
r8169: fix NAPI handling under high load
* net: udp: fix handling of CHECKSUM_COMPLETE packets
net/core/datagram.c
net/ipv4/udp.c
net/ipv6/ip6_checksum.c
net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules
* net: socket: fix a missing-check bug
net/socket.c
net: sched: gred: pass the right attribute to gred_change_table_def()
* net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs
net/ipv6/addrconf.c
llc: set SOCK_RCU_FREE in llc_sap_add_socket()
* ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called
net/ipv6/ndisc.c
* ipv6: mcast: fix a use-after-free in inet6_mc_check
net/ipv6/mcast.c
* net: bridge: remove ipv6 zero address check in mcast queries
net/bridge/br_multicast.c
* bridge: do not add port to router list when receives query with source 0.0.0.0
net/bridge/br_multicast.c
perf tools: Disable parallelism for 'make clean'
* Revert "netfilter: ipv6: nf_defrag: drop skb dst before queueing"
net/ipv6/netfilter/nf_conntrack_reasm.c
mtd: spi-nor: Add support for is25wp series chips
* fs/fat/fatent.c: add cond_resched() to fat_count_free_clusters()
fs/fat/fatent.c
net: ena: fix NULL dereference due to untimely napi initialization
rxrpc: Only take the rwind and mtu values from latest ACK
rxrpc: Don't check RXRPC_CALL_TX_LAST after calling rxrpc_rotate_tx_window()
ARM: dts: imx53-qsb: disable 1.2GHz OPP
perf tests: Fix indexing when invoking subtests
* xhci: Fix USB3 NULL pointer dereference at logical disconnect.
drivers/usb/host/xhci-hub.c
libertas: call into generic suspend code before turning off power
IB/mlx4: Fix an error handling path in 'mlx4_ib_rereg_user_mr()'
x86/paravirt: Fix some warning messages
iio: buffer: fix the function signature to match implementation
nvmet: fix space padding in serial number
* bonding: ratelimit failed speed/duplex update warning
drivers/net/bonding/bond_main.c
enic: do not overwrite error code
xen-netfront: Fix mismatched rtnl_unlock
sparc64: Fix regression in pmdp_invalidate().
xen-netfront: Update features after registering netdev
test_bpf: Fix testing with CONFIG_BPF_JIT_ALWAYS_ON=y on other arches
ALSA: hda - Fix incorrect usage of IS_REACHABLE()
* futex: futex_wake_op, do not fail on invalid op
kernel/futex.c
cifs: Use ULL suffix for 64-bit constant
* perf/core: Fix locking for children siblings group read
kernel/events/core.c
macsec: fix memory leaks when skb_to_sgvec fails
* l2tp: remove configurable payload offset
net/l2tp/l2tp_core.c
net/l2tp/l2tp_core.h
net/l2tp/l2tp_netlink.c
iio: pressure: zpa2326: Remove always-true check which confuses gcc
* module: fix DEBUG_SET_MODULE_RONX typo
init/main.c
* drm/msm: Fix possible null dereference on failure of get_pages()
drivers/gpu/drm/msm/msm_gem.c
Btrfs: incremental send, fix invalid memory access
Revert "IB/ipoib: Update broadcast object if PKey value was changed in index 0"
i40e: avoid NVM acquire deadlock during NVM update
drm: bochs: Don't remove uninitialized fbdev framebuffer
scsi: qla2xxx: Avoid double completion of abort command
IB/mlx5: Avoid passing an invalid QP type to firmware
mm/frame_vector.c: release a semaphore in 'get_vaddr_frames()'
nbd: only set MSG_MORE when we have more to send
IB/rxe: put the pool on allocation failure
IB/ipoib: Fix lockdep issue found on ipoib_ib_dev_heavy_flush
* ipv6: fix cleanup ordering for ip6_mr failure
net/ipv6/af_inet6.c
ath10k: convert warning about non-existent OTP board id to debug message
ALSA: hda - No loopback on ALC299 codec
sctp: use right member as the param of list_for_each_entry
* net: cdc_ncm: GetNtbFormat endian fix
drivers/net/usb/cdc_ncm.c
ocfs2: fix deadlock caused by recursive locking in xattr
qed: Warn PTT usage by wrong hw-function
iio: adc: Revert "axp288: Drop bogus AXP288_ADC_TS_PIN_CTRL register modifications"
rds: ib: Fix missing call to rds_ib_dev_put in rds_ib_setup_qp
staging: wilc1000: Fix problem with wrong vif index
ptr_ring: fix up after recent ptr_ring changes
clk: samsung: Fix m2m scaler clock on Exynos542x
usb: dwc3: omap: remove IRQ_NOAUTOEN used with shared irq
usb: renesas_usbhs: gadget: fix unused-but-set-variable warning
usb: renesas_usbhs: gadget: fix spin_lock_init() for &uep->lock
net/mlx5: Fix health work queue spin lock to IRQ safe
perf probe: Fix probe definition for inlined functions
perf evsel: Fix probing of precise_ip level for default cycles event
net/mlx5: Fix driver load error flow when firmware is stuck
* ip6_tunnel: Correct tos value in collect_md mode
net/ipv6/ip6_tunnel.c
net/mlx5e: Fix fixpoint divide exception in mlx5e_am_stats_compare
ufs: we need to sync inode before freeing it
Btrfs: clear EXTENT_DEFRAG bits in finish_ordered_io
net: stmmac: ensure jumbo_frm error return is correctly checked for -ve value
* elevator: fix truncation of icq_cache_name
include/linux/elevator.h
gpu: ipu-v3: Fix CSI selection for VDIC
ARM: 8677/1: boot/compressed: fix decompressor header layout for v7-M
x86/cpu/cyrix: Add alternative Device ID of Geode GX1 SoC
qlcnic: Fix tunnel offload for 82xx adapters
net: ethernet: stmmac: Fix altr_tse_pcs SGMII Initialization
libata: fix error checking in in ata_parse_force_one()
mac80211: fix TX aggregation start/stop callback race
arch/sparc: increase CONFIG_NODES_SHIFT on SPARC64 to 5
ASoC: Intel: Skylake: Fix to parse consecutive string tkns in manifest
reset: hi6220: Set module license so that it can be loaded
ata: sata_rcar: Handle return value of clk_prepare_enable
btrfs: fiemap: Cache and merge fiemap extent before submit it to user
ARM: dts: bcm283x: Reserve first page for firmware
ath10k: fix NAPI enable/disable symmetry for AHB interface
bnxt_en: Don't use rtnl lock to protect link change logic in workqueue.
tipc: fix a race condition of releasing subscriber object
tipc: Fix tipc_sk_reinit handling of -EAGAIN
net/mlx5: Fix command completion after timeout access invalid structure
net: phy: marvell: Limit 88m1101 autoneg errata to 88E1145 as well.
nvme-pci: fix CMB sysfs file removal in reset path
rxe: Fix a sleep-in-atomic bug in post_one_send
orangefs: off by ones in xattr size checks
IB/core: Fix the validations of a multicast LID in attach or detach operations
IB/ipoib: Do not warn if IPoIB debugfs doesn't exist
platform/x86: acer-wmi: setup accelerometer when ACPI device was found
* ipv6: set rt6i_protocol properly in the route when it is installed
net/ipv6/route.c
efi/fb: Correct PCI_STD_RESOURCE_END usage
i2c: bcm2835: Avoid possible NULL ptr dereference
* PCI: Disable MSI for HiSilicon Hip06/Hip07 only in Root Port mode
drivers/pci/quirks.c
ACPI: sysfs: Make ACPI GPE mask kernel parameter cover all GPEs
igb: Remove superfluous reset to PHY and page 0 selection
* f2fs: fix multiple f2fs_add_link() having same name for inline dentry
fs/f2fs/dir.c
scsi: aacraid: Fix typo in blink status
MIPS: Handle non word sized instructions when examining frame
MIPS: microMIPS: Fix decoding of swsp16 instruction
mm/memory_hotplug.c: fix overflow in test_pages_in_a_zone()
perf symbols: Fix memory corruption because of zero length symbols
net: cxgb3_main: fix a missing-check bug
declance: Fix continuation with the adapter identification message
net: fec: fix rare tx timeout
perf/x86/intel/uncore: Fix PCI BDF address of M3UPI on SKX
* perf/ring_buffer: Prevent concurent ring buffer access
kernel/events/core.c
smsc95xx: Check for Wake-on-LAN modes
smsc75xx: Check for Wake-on-LAN modes
r8152: Check for supported Wake-on-LAN Modes
sr9800: Check for supported Wake-on-LAN modes
lan78xx: Check for supported Wake-on-LAN modes
* ax88179_178a: Check for supported Wake-on-LAN modes
drivers/net/usb/ax88179_178a.c
* asix: Check for supported Wake-on-LAN modes
drivers/net/usb/asix_common.c
qed: Avoid constant logical operation warning in qed_vf_pf_acquire
qed: Avoid implicit enum conversion in qed_roce_mode_to_flavor
pxa168fb: prepare the clock
* Bluetooth: SMP: fix crash in unpairing
net/bluetooth/mgmt.c
net/bluetooth/smp.c
net/bluetooth/smp.h
mac80211_hwsim: do not omit multicast announce of first added radio
* nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT
net/wireless/nl80211.c
soc: fsl: qe: Fix copy/paste bug in ucc_get_tdm_sync_shift()
soc: fsl: qbman: qman: avoid allocating from non existing gen_pool
net: macb: Clean 64b dma addresses if they are not detected
ARM: dts: BCM63xx: Fix incorrect interrupt specifiers
* xfrm: validate template mode
net/xfrm/xfrm_user.c
ARM: 8799/1: mm: fix pci_ioremap_io() offset check
mac80211: TDLS: fix skb queue/priority assignment
* cfg80211: Address some corner cases in scan result channel updating
net/wireless/scan.c
mac80211: fix pending queue hang due to TX_DROP
* cfg80211: reg: Init wiphy_idx in regulatory_hint_core()
net/wireless/reg.c
mac80211: Always report TX status
* xfrm6: call kfree_skb when skb is toobig
net/ipv6/xfrm6_output.c
* xfrm: Validate address prefix lengths in the xfrm selector.
net/xfrm/xfrm_user.c
Linux 4.9.135
HV: properly delay KVP packets when negotiation is in progress
* ext4: avoid running out of journal credits when appending to an inline file
fs/ext4/ext4.h
fs/ext4/inline.c
fs/ext4/xattr.c
* sched/cputime: Fix ksoftirqd cputime accounting regression
kernel/sched/cputime.c
kernel/sched/sched.h
* sched/cputime: Increment kcpustat directly on irqtime account
kernel/sched/cputime.c
kernel/sched/sched.h
macintosh/rack-meter: Convert cputime64_t use to u64
* sched/cputime: Convert kcpustat to nsecs
drivers/cpufreq/cpufreq.c
drivers/cpufreq/cpufreq_governor.c
drivers/cpufreq/cpufreq_stats.c
fs/proc/stat.c
fs/proc/uptime.c
kernel/sched/cpuacct.c
kernel/sched/cputime.c
usb: gadget: serial: fix oops when data rx'd after close
* HID: quirks: fix support for Apple Magic Keyboards
drivers/hid/hid-core.c
ARC: build: Don't set CROSS_COMPILE in arch's Makefile
ARC: build: Get rid of toolchain check
* netfilter: check for seqadj ext existence before adding it in nf_nat_setup_info
net/netfilter/nf_nat_core.c
mm: Preserve _PAGE_DEVMAP across mprotect() calls
* mremap: properly flush TLB before releasing the page
include/linux/huge_mm.h
mm/mremap.c
iommu/amd: Return devid as alias for ACPI HID devices
powerpc/tm: Avoid possible userspace r1 corruption on reclaim
powerpc/tm: Fix userspace r13 corruption
net/mlx4: Use cpumask_available for eq->affinity_mask
* scsi: sd: don't crash the host on invalid commands
drivers/scsi/sd.c
drm: mali-dp: Call drm_crtc_vblank_reset on device init
ravb: do not write 1 to reserved bits
Input: atakbd - fix Atari CapsLock behaviour
Input: atakbd - fix Atari keymap
scsi: ibmvscsis: Ensure partition name is properly NUL terminated
scsi: ibmvscsis: Fix a stringop-overflow warning
clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs
batman-adv: fix hardif_neigh refcount on queue_work() failure
batman-adv: fix backbone_gw refcount on queue_work() failure
batman-adv: Prevent duplicated tvlv handler
batman-adv: Prevent duplicated global TT entry
batman-adv: Prevent duplicated softif_vlan entry
batman-adv: Prevent duplicated nc_node entry
batman-adv: Fix segfault when writing to sysfs elp_interval
batman-adv: Fix segfault when writing to throughput_override
media: af9035: prevent buffer overflow on write
Linux 4.9.134
* ipv4: frags: precedence bug in ip_expire()
net/ipv4/ip_fragment.c
* ip: frags: fix crash in ip_do_fragment()
net/ipv4/ip_fragment.c
net/ipv6/netfilter/nf_conntrack_reasm.c
* ip: process in-order fragments efficiently
net/ipv4/inet_fragment.c
net/ipv4/ip_fragment.c
* ip: add helpers to process in-order fragments faster.
include/net/inet_frag.h
net/ipv4/ip_fragment.c
* ip: use rb trees for IP frag queue.
include/linux/skbuff.h
include/net/inet_frag.h
net/ipv4/inet_fragment.c
net/ipv4/ip_fragment.c
net/ipv6/netfilter/nf_conntrack_reasm.c
net/ipv6/reassembly.c
* net: add rb_to_skb() and other rb tree helpers
include/linux/skbuff.h
net/ipv4/tcp_input.c
* net: pskb_trim_rcsum() and CHECKSUM_COMPLETE are friends
include/linux/skbuff.h
net/core/skbuff.c
* ipv6: defrag: drop non-last frags smaller than min mtu
net/ipv6/netfilter/nf_conntrack_reasm.c
net/ipv6/reassembly.c
* net: modify skb_rbtree_purge to return the truesize of all purged skbs.
include/linux/skbuff.h
net/core/skbuff.c
* net: speed up skb_rbtree_purge()
net/core/skbuff.c
* ip: discard IPv4 datagrams with overlapping segments.
include/uapi/linux/snmp.h
net/ipv4/ip_fragment.c
net/ipv4/proc.c
* inet: frags: fix ip6frag_low_thresh boundary
net/ipv4/ip_fragment.c
net/ipv6/netfilter/nf_conntrack_reasm.c
net/ipv6/reassembly.c
* inet: frags: get rid of ipfrag_skb_cb/FRAG_CB
include/linux/skbuff.h
* inet: frags: reorganize struct netns_frags
include/net/inet_frag.h
* rhashtable: reorganize struct rhashtable layout
include/linux/rhashtable.h
* ipv6: frags: rewrite ip6_expire_frag_queue()
net/ipv6/reassembly.c
* inet: frags: do not clone skb in ip_expire()
net/ipv4/ip_fragment.c
* inet: frags: break the 2GB limit for frags storage
include/net/inet_frag.h
net/ipv4/ip_fragment.c
net/ipv4/proc.c
net/ipv6/netfilter/nf_conntrack_reasm.c
net/ipv6/proc.c
net/ipv6/reassembly.c
* inet: frags: remove inet_frag_maybe_warn_overflow()
include/net/inet_frag.h
net/ipv4/inet_fragment.c
net/ipv4/ip_fragment.c
net/ipv6/netfilter/nf_conntrack_reasm.c
net/ipv6/reassembly.c
* inet: frags: get rif of inet_frag_evicting()
include/net/inet_frag.h
net/ipv4/ip_fragment.c
net/ipv6/reassembly.c
* inet: frags: remove some helpers
include/net/inet_frag.h
include/net/ip.h
include/net/ipv6.h
net/ipv4/ip_fragment.c
net/ipv4/proc.c
net/ipv6/proc.c
* inet: frags: use rhashtables for reassembly units
include/net/inet_frag.h
include/net/ipv6.h
net/ipv4/inet_fragment.c
net/ipv4/ip_fragment.c
net/ipv6/netfilter/nf_conntrack_reasm.c
net/ipv6/reassembly.c
* rhashtable: add schedule points
lib/rhashtable.c
* ipv6: export ip6 fragments sysctl to unprivileged users
net/ipv6/reassembly.c
inet: frags: refactor lowpan_net_frag_init()
* inet: frags: refactor ipv6_frag_init()
net/ipv6/reassembly.c
* inet: frags: refactor ipfrag_init()
net/ipv4/ip_fragment.c
* inet: frags: add a pointer to struct netns_frags
include/net/inet_frag.h
include/net/ipv6.h
net/ipv4/inet_fragment.c
net/ipv4/ip_fragment.c
net/ipv6/netfilter/nf_conntrack_reasm.c
net/ipv6/reassembly.c
* inet: frags: change inet_frags_init_net() return value
include/net/inet_frag.h
net/ipv4/ip_fragment.c
net/ipv6/netfilter/nf_conntrack_reasm.c
net/ipv6/reassembly.c
* inet: make sure to grab rcu_read_lock before using ireq->ireq_opt
include/net/inet_sock.h
net/ipv4/inet_connection_sock.c
net/ipv4/tcp_ipv4.c
* tcp/dccp: fix lockdep issue when SYN is backlogged
include/net/inet_sock.h
net/ipv4/tcp_input.c
* rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096
net/core/rtnetlink.c
net: systemport: Fix wake-up interrupt race during resume
net: mvpp2: Extract the correct ethtype from the skb for tx csum offload
net: dsa: bcm_sf2: Fix unbind ordering
team: Forbid enslaving team device to itself
qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface
qlcnic: fix Tx descriptor corruption on 82xx devices
net/usb: cancel pending work when unbinding smsc75xx
* netlabel: check for IPV4MASK in addrinfo_get
net/netlabel/netlabel_unlabeled.c
* net/ipv6: Display all addresses in output of /proc/net/if_inet6
net/ipv6/addrconf.c
* net: ipv4: update fnhe_pmtu when first hop's MTU changes
include/linux/netdevice.h
include/net/ip_fib.h
net/core/dev.c
net/ipv4/fib_frontend.c
net/ipv4/fib_semantics.c
net: hns: fix for unmapping problem when SMMU is on
net: dsa: bcm_sf2: Call setup during switch resume
* ipv6: take rcu lock in rawv6_send_hdrinc()
net/ipv6/raw.c
* ipv4: fix use-after-free in ip_cmsg_recv_dstaddr()
net/ipv4/ip_sockglue.c
* ip_tunnel: be careful when accessing the inner header
net/ipv4/ip_tunnel.c
* ip6_tunnel: be careful when accessing the inner header
net/ipv6/ip6_tunnel.c
* bonding: avoid possible dead-lock
drivers/net/bonding/bond_main.c
include/net/bonding.h
bnxt_en: Fix TX timeout during netpoll.
* xhci: Don't print a warning when setting link state for disabled ports
drivers/usb/host/xhci-hub.c
i2c: i2c-scmi: fix for i2c_smbus_write_block_data
perf script python: Fix export-to-postgresql.py occasional failure
mach64: detect the dot clock divider correctly on sparc
* mm/vmstat.c: fix outdated vmstat_text
mm/vmstat.c
* ext4: Fix error code in ext4_xattr_set_entry()
fs/ext4/xattr.c
drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7
x86/kvm/lapic: always disable MMIO interface in x2APIC mode
ARM: dts: at91: add new compatibility string for macb on sama5d3
net: macb: disable scatter-gather for macb on sama5d3
stmmac: fix valid numbers of unicast filter entries
sound: enable interrupt after dma buffer initialization
scsi: qla2xxx: Fix an endian bug in fcpcmd_is_corrupted()
scsi: iscsi: target: Don't use stack buffer for scatterlist
mfd: omap-usb-host: Fix dts probe of children
selftests: memory-hotplug: add required configs
selftests/efivarfs: add required kernel configs
ASoC: sigmadsp: safeload should not have lower byte limit
ASoC: wm8804: Add ACPI support
Linux 4.9.133
x86/fpu: Finish excising 'eagerfpu'
Revert "perf: sync up x86/.../cpufeatures.h"
x86/fpu: Remove struct fpu::counter
x86/fpu: Remove use_eager_fpu()
* ebtables: arpreply: Add the standard target sanity check
include/linux/netfilter_bridge/ebtables.h
ath10k: fix scan crash due to incorrect length calculation
ubifs: Check for name being NULL while mounting
ucma: fix a use-after-free in ucma_resolve_ip()
* f2fs: fix invalid memory access
fs/f2fs/checkpoint.c
x86/mm: Expand static page table for fixmap space
ARC: clone syscall to setp r25 as thread pointer
powerpc/fadump: Return error when fadump registration fails
ath10k: fix kernel panic issue during pci probe
ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait
* cgroup: Fix deadlock in cpu hotplug path
kernel/cgroup.c
* ext4: always verify the magic number in xattr blocks
fs/ext4/xattr.c
* ext4: add corruption check in ext4_xattr_set_entry()
fs/ext4/xattr.c
of: unittest: Disable interrupt node tests for old world MAC systems
* tty: Drop tty->count on tty_reopen() failure
drivers/tty/tty_io.c
USB: serial: simple: add Motorola Tetra MTP6550 id
usb: xhci-mtk: resume USB3 roothub first
* xhci: Add missing CAS workaround for Intel Sunrise Point xHCI
drivers/usb/host/xhci-pci.c
dm cache: fix resize crash if user doesn't reload cache table
dm cache metadata: ignore hints array being too small during resize
* PM / core: Clear the direct_complete flag on errors
drivers/base/power/main.c
mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys
* PCI: Reprogram bridge prefetch registers on resume
drivers/pci/pci.c
x86/vdso: Fix vDSO syscall fallback asm constraint regression
x86/vdso: Fix asm constraints on vDSO syscall fallbacks
xen-netback: fix input validation in xenvif_set_hash_mapping()
fbdev/omapfb: fix omapfb_memory_read infoleak
* mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly
mm/vmstat.c
Linux 4.9.132
dm thin metadata: fix __udivdi3 undefined on 32-bit
ocfs2: fix locking for res->tracking and dlm->tracking_list
* proc: restrict kernel stack dumps to root
fs/proc/base.c
* gpiolib: Free the last requested descriptor
drivers/gpio/gpiolib.c
crypto: mxs-dcp - Fix wait logic on chan threads
crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe()
ALSA: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760
smb2: fix missing files in root share directory listing
* sysfs: Do not return POSIX ACL xattrs via listxattr
fs/xattr.c
xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage
xen: avoid crash in disable_hotplug_cpu
xen/manage: don't complain about an empty value in control/sysrq node
cifs: read overflow in is_valid_oplock_break()
s390/qeth: don't dump past end of unknown HW header
s390/qeth: use vzalloc for QUERY OAT buffer
r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED
arm64: jump_label.h: use asm_volatile_goto macro instead of "asm goto"
hexagon: modify ffs() and fls() to return int
arch/hexagon: fix kernel/dma.c build warning
dm thin metadata: try to avoid ever aborting transactions
perf/x86/intel: Add support/quirk for the MISPREDICT bit on Knights Landing CPUs
net: ena: fix driver when PAGE_SIZE == 64kB
fs/cifs: suppress a string overflow warning
dm raid: fix rebuild of specific devices by updating superblock
drm/nouveau/TBDdevinit: don't fail when PMU/PRE_OS is missing from VBIOS
net/mlx5: Consider PCI domain in search for next dev
nvmet-rdma: fix possible bogus dereference under heavy load
USB: yurex: Check for truncation in yurex_read()
RDMA/ucma: check fd type in ucma_migrate_id()
perf probe powerpc: Ignore SyS symbols irrespective of endianness
perf evsel: Fix potential null pointer dereference in perf_evsel__new_idx()
* HID: hid-saitek: Add device ID for RAT 7 Contagion
drivers/hid/hid-ids.h
usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i]
* HID: add support for Apple Magic Keyboards
drivers/hid/hid-apple.c
drivers/hid/hid-ids.h
* mm: madvise(MADV_DODUMP): allow hugetlbfs pages
mm/madvise.c
tools/vm/page-types.c: fix "defined but not used" warning
tools/vm/slabinfo.c: fix sign-compare warning
mac80211: shorten the IBSS debug messages
mac80211: don't Tx a deauth frame if the AP forbade Tx
mac80211: Fix station bandwidth setting after channel switch
mac80211: fix a race between restart and CSA flows
* cfg80211: fix a type issue in ieee80211_chandef_to_operating_class()
net/wireless/util.c
fs/cifs: don't translate SFM_SLASH (U+F026) to backslash
net: cadence: Fix a sleep-in-atomic-context bug in macb_halt_tx()
i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP
i2c: uniphier: issue STOP only for last message or I2C_M_STOP
RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0
ARC: atomics: unbork atomic_fetch_##op()
* gpio: Fix crash due to registration race
drivers/gpio/gpiolib-of.c
* cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE
net/wireless/nl80211.c
net: hns: add netif_carrier_off before change speed and duplex
mac80211: mesh: fix HWMP sequence numbering to follow standard
gpio: adp5588: Fix sleep-in-atomic-context bug
mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X
mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X
KVM: PPC: Book3S HV: Don't truncate HPTE index in xlate function
mac80211: Run TXQ teardown code before de-registering interfaces
* time: Introduce jiffies64_to_nsecs()
include/linux/jiffies.h
kernel/time/time.c
kernel/time/timeconst.bc
serial: mvebu-uart: Fix reporting of effective CSIZE to userspace
Linux 4.9.131
* media: v4l: event: Prevent freeing event subscriptions while accessed
drivers/media/v4l2-core/v4l2-event.c
drivers/media/v4l2-core/v4l2-fh.c
include/media/v4l2-fh.h
arm64: KVM: Sanitize PSTATE.M when being set from userspace
i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus
* arm/arm64: smccc-1.1: Handle function result as parameters
include/linux/arm-smccc.h
* arm/arm64: smccc-1.1: Make return values unsigned long
include/linux/arm-smccc.h
drm/amdgpu: Update power state at the end of smu hw_init.
drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode
hwmon: (adt7475) Make adt7475_read_word() return errors
hwmon: (ina2xx) fix sysfs shunt resistor read access
e1000: ensure to free old tx/rx rings in set_ringparam()
e1000: check on netif_running() before calling e1000_up()
net: hns: fix skb->truesize underestimation
net: hns: fix length and page_offset overflow when CONFIG_ARM64_64K_PAGES
* thermal: of-thermal: disable passive polling when thermal zone is disabled
drivers/thermal/of-thermal.c
qed: Wait for MCP halt and resume commands to take place
qed: Wait for ready indication before rereading the shmem
* ext4: never move the system.data xattr out of the inode body
fs/ext4/xattr.c
arm64: KVM: Tighten guest core register access from userspace
IB/hfi1: Fix SL array bounds check
serial: imx: restore handshaking irq for imx1
scsi: target: iscsi: Use bin2hex instead of a re-implementation
IB/hfi1: Fix context recovery when PBC has an UnsupportedVL
IB/hfi1: Invalid user input can result in crash
IB/srp: Avoid that sg_reset -d ${srp_device} triggers an infinite loop
Input: elantech - enable middle button of touchpad on ThinkPad P72
* USB: remove LPM management from usb_driver_claim_interface()
drivers/usb/core/driver.c
Revert "usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt()"
* USB: usbdevfs: restore warning for nonsensical flags
drivers/usb/core/devio.c
* USB: usbdevfs: sanitize flags more
drivers/usb/core/devio.c
media: uvcvideo: Support realtek's UVC 1.5 device
* slub: make ->cpu_partial unsigned int
include/linux/slub_def.h
mm/slub.c
* USB: handle NULL config in usb_find_alt_setting()
drivers/usb/core/usb.c
* USB: fix error handling in usb_driver_claim_interface()
drivers/usb/core/driver.c
* regulator: fix crash caused by null driver data
drivers/regulator/core.c
spi: rspi: Fix interrupted DMA transfers
spi: rspi: Fix invalid SPI use during system suspend
spi: sh-msiof: Fix handling of write value for SISTR register
spi: sh-msiof: Fix invalid SPI use during system suspend
spi: tegra20-slink: explicitly enable/disable clock
serial: cpm_uart: return immediately from console poll
tty: serial: lpuart: avoid leaking struct tty_struct
floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl
ARM: dts: dra7: fix DCAN node addresses
* EDAC: Fix memleak in module init error path
drivers/edac/edac_mc_sysfs.c
nfsd: fix corrupted reply to badly ordered compound
gpio: Fix wrong rounding in gpio-menz127
* module: exclude SHN_UNDEF symbols from kallsyms api
kernel/module.c
* ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs
sound/soc/soc-dapm.c
EDAC, i7core: Fix memleaks and use-after-free on probe and remove
scsi: megaraid_sas: Update controller info during resume
scsi: bnx2i: add error handling for ioremap_nocache
perf/x86/intel/lbr: Fix incomplete LBR call stack
HID: hid-ntrig: add error handling for sysfs_create_group
ARM: mvebu: declare asm symbols as character arrays in pmsu.c
wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout()
rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication()
drm/sun4i: Fix releasing node when enumerating enpoints
net: phy: xgmiitorgmii: Check phy_driver ready before accessing
ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock
net: phy: xgmiitorgmii: Check read_status results
ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge
media: tm6000: add error handling for dvb_register_adapter
drivers/tty: add error handling for pcmcia_loop_config
* staging: android: ashmem: Fix mmap size validation
drivers/staging/android/ashmem.c
media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data
media: soc_camera: ov772x: correct setting of banding filter
media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power
ALSA: snd-aoa: add of_node_put() in error path
s390/extmem: fix gcc 8 stringop-overflow warning
* alarmtimer: Prevent overflow for relative nanosleep
kernel/time/alarmtimer.c
powerpc/powernv/ioda2: Reduce upper limit for DMA window size
usb: wusbcore: security: cast sizeof to int for comparison
scsi: ibmvscsi: Improve strings handling
* scsi: klist: Make it safe to use klists in atomic context
lib/klist.c
scsi: target/iscsi: Make iscsit_ta_authentication() respect the output buffer size
x86/entry/64: Add two more instruction suffixes
ARM: hwmod: RTC: Don't assume lock/unlock will be called with irq enabled
x86/tsc: Add missing header to tsc_msr.c
media: fsl-viu: fix error handling in viu_of_probe()
powerpc/kdump: Handle crashkernel memory reservation failure
media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt()
IB/core: type promotion bug in rdma_rw_init_one_mr()
md-cluster: clear another node's suspend_area after the copy is finished
* power: remove possible deadlock when unregistering power_supply
drivers/power/supply/power_supply_core.c
include/linux/power_supply.h
s390/mm: correct allocate_pgste proc_handler callback
6lowpan: iphc: reset mac_header after decompress to fix panic
USB: serial: kobil_sct: fix modem-status error handling
Bluetooth: Add a new Realtek 8723DE ID 0bda:b009
iommu/amd: make sure TLB to be flushed before IOVA freed
power: vexpress: fix corruption in notifier registration
uwb: hwa-rc: fix memory leak at probe
staging: rts5208: fix missing error check on call to rtsx_write_register
x86/numa_emulation: Fix emulated-to-physical node mapping
vmci: type promotion bug in qp_host_get_user_memory()
tsl2550: fix lux1_input error in low light
* crypto: skcipher - Fix -Wstringop-truncation warnings
crypto/ablkcipher.c
crypto/blkcipher.c
Change-Id: I20f8975728186d16d30d0be15426ff5a732935d1
Signed-off-by: Petri Gynther <pgynther@google.com>
|
||
|
Waiman Long
|
81301a15a2 |
locking/lockdep: Fix debug_locks off performance problem
[ Upstream commit 9506a7425b094d2f1d9c877ed5a78f416669269b ] It was found that when debug_locks was turned off because of a problem found by the lockdep code, the system performance could drop quite significantly when the lock_stat code was also configured into the kernel. For instance, parallel kernel build time on a 4-socket x86-64 server nearly doubled. Further analysis into the cause of the slowdown traced back to the frequent call to debug_locks_off() from the __lock_acquired() function probably due to some inconsistent lockdep states with debug_locks off. The debug_locks_off() function did an unconditional atomic xchg to write a 0 value into debug_locks which had already been set to 0. This led to severe cacheline contention in the cacheline that held debug_locks. As debug_locks is being referenced in quite a few different places in the kernel, this greatly slow down the system performance. To prevent that trashing of debug_locks cacheline, lock_acquired() and lock_contended() now checks the state of debug_locks before proceeding. The debug_locks_off() function is also modified to check debug_locks before calling __debug_locks_off(). Signed-off-by: Waiman Long <longman@redhat.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Will Deacon <will.deacon@arm.com> Link: http://lkml.kernel.org/r/1539913518-15598-1-git-send-email-longman@redhat.com Signed-off-by: Ingo Molnar <mingo@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Petri Gynther
|
f5b86a6e45 |
Merge 4.9.124 into android-msm-bluecross-4.9-lts
Linux 4.9.124
reiserfs: fix broken xattr handling (heap corruption, bad retval)
i2c: imx: Fix race condition in dma read
PCI: pciehp: Fix unprotected list iteration in IRQ handler
PCI: pciehp: Fix use-after-free on unplug
* PCI: Skip MPS logic for Virtual Functions (VFs)
drivers/pci/probe.c
PCI: hotplug: Don't leak pci_slot on registration failure
parisc: Remove unnecessary barriers from spinlock.h
* packet: refine ring v3 block size test to hold one frame
net/packet/af_packet.c
* netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state
net/netfilter/nf_conntrack_proto_dccp.c
* xfrm_user: prevent leaking 2 bytes of kernel memory
net/xfrm/xfrm_user.c
parisc: Remove ordered stores from syscall.S
* ext4: fix spectre gadget in ext4_mb_regular_allocator()
fs/ext4/mballoc.c
KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer
* tcp: identify cryptic messages as TCP seq # bugs
net/ipv4/tcp.c
net: qca_spi: Fix log level if probe fails
net: qca_spi: Make sure the QCA7000 reset is triggered
net: qca_spi: Avoid packet drop during initial sync
PCI: versatile: Fix I/O space page leak
* PCI: OF: Fix I/O space page leak
drivers/pci/pci.c
include/linux/pci.h
net: usb: rtl8150: demote allmulti message to dev_dbg()
net/ethernet/freescale/fman: fix cross-build error
drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply()
pinctrl: nsp: Fix potential NULL dereference
pinctrl: nsp: off by ones in nsp_pinmux_enable()
* tcp: remove DELAYED ACK events in DCTCP
include/net/tcp.h
net/ipv4/tcp_output.c
qlogic: check kstrtoul() for errors
* packet: reset network header if packet shorter than ll reserved space
net/packet/af_packet.c
tools: build: Use HOSTLDFLAGS with fixdep
ixgbe: Be more careful when modifying MAC filters
ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller
ARM: DRA7/OMAP5: Enable ACTLR[0] (Enable invalidates of BTB) for secondary cores
ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot
RDMA/mlx5: Fix memory leak in mlx5_ib_create_srq() error path
nfit: fix unchecked dereference in acpi_nfit_ctl
perf llvm-utils: Remove bashism from kernel include fetch script
bnxt_en: Fix for system hang if request_irq fails
bnxt_en: Always set output parameters in bnxt_get_max_rings().
ARC: Improve cmpxchg syscall implementation
* netfilter: nf_conntrack: Fix possible possible crash on module loading.
net/netfilter/nf_conntrack_core.c
drm/armada: fix colorkey mode property
ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem
ieee802154: at86rf230: use __func__ macro for debug messages
ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem
net/sched: act_tunnel_key: fix NULL dereference when 'goto chain' is used
ARM: pxa: irq: fix handling of ICMR registers in suspend/resume
ravb: fix invalid context bug while changing link options by ethtool
ravb: fix invalid context bug while calling auto-negotiation by ethtool
sh_eth: fix invalid context bug while changing link options by ethtool
sh_eth: fix invalid context bug while calling auto-negotiation by ethtool
net: qrtr: Broadcast messages only from control port
* ipv6: make ipv6_renew_options() interrupt/kernel safe
include/net/ipv6.h
net/ipv6/calipso.c
net/ipv6/exthdrs.c
net/ipv6/ipv6_sockglue.c
* netfilter: x_tables: set module owner for icmp(6) matches
net/ipv4/netfilter/ip_tables.c
net/ipv6/netfilter/ip6_tables.c
ieee802154: 6lowpan: set IFLA_LINK
samples/bpf: Check the error of write() and read()
samples/bpf: add missing <linux/if_vlan.h>
smsc75xx: Add workaround for gigabit link up hardware errata.
kasan: fix shadow_size calculation error in kasan_module_alloc
* tracing: Use __printf markup to silence compiler
kernel/trace/trace.c
ARM: imx_v4_v5_defconfig: Select ULPI support
ARM: imx_v6_v7_defconfig: Select ULPI support
HID: wacom: Correct touch maximum XY of 2nd-gen Intuos
ipvlan: call dev_change_flags when ipvlan mode is reset
objtool: Support GCC 8 '-fnoreorder-functions'
m68k: fix "bad page state" oops on ColdFire boot
acpi/nfit: fix cmd_rc for acpi_nfit_ctl to always return a value
bnx2x: Fix receiving tx-timeout in error or recovery state.
PCI: xilinx-nwl: Add missing of_node_put()
PCI: xilinx: Add missing of_node_put()
bpf, s390: fix potential memleak when later bpf_jit_prog fails
drm/exynos: decon5433: Fix WINCONx reset value
drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes
drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes
* nl80211: relax ht operation checks for mesh
net/wireless/nl80211.c
md/raid10: fix that replacement cannot complete recovery after reassemble
dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate()
dmaengine: pl330: report BURST residue granularity
ARM: dts: da850: Fix interrups property for gpio
selftests/x86/sigreturn: Do minor cleanups
selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs
ceph: fix dentry leak in splice_dentry()
* netfilter: nf_log: fix uninit read in nf_log_proc_dostring
net/netfilter/nf_log.c
perf bench: Fix numa report output code
perf report powerpc: Fix crash if callchain is empty
perf test session topology: Fix test on s390
NFC: pn533: Fix wrong GFP flag usage
* usb: xhci: increase CRS timeout value
drivers/usb/host/xhci.c
usb: xhci: remove the code build warning
ALSA: seq: Fix UBSAN warning at SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT ioctl
ARM: dts: am437x: make edt-ft5x06 a wakeup source
brcmfmac: stop watchdog before detach and free everything
iio: pressure: bmp280: fix relative humidity unit
cxgb4: when disabling dcb set txq dcb priority to 0
batman-adv: Fix bat_v best gw refcnt after netlink dump
batman-adv: Fix bat_ogm_iv best gw refcnt after netlink dump
* Smack: Mark inode instant in smack_task_to_inode
security/smack/smack_lsm.c
* ipv6: mcast: fix unsolicited report interval after receiving querys
net/ipv6/mcast.c
locking/lockdep: Do not record IRQ state within lockdep code
KVM: arm/arm64: Drop resource size check for GICV window
net: davinci_emac: match the mdio device against its compatible if possible
ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP
nvmet: reset keep alive timer in controller enable
* net: stmmac: socfpga: add additional ocp reset line for Stratix10
drivers/net/ethernet/stmicro/stmmac/Kconfig
* net: propagate dev_get_valid_name return code
net/core/dev.c
net: hamradio: use eth_broadcast_addr
enic: initialize enic->rfs_h.lock in enic_probe
qed: Add sanity check for SIMD fastpath handler.
* arm64: make secondary_start_kernel() notrace
arch/arm64/kernel/smp.c
xen/scsiback: add error handling for xenbus_printf
scsi: xen-scsifront: add error handling for xenbus_printf
xen: add error handling for xenbus_printf
usb: gadget: dwc2: fix memory leak in gadget_init()
* usb: gadget: composite: fix delayed_status race condition when set_interface
drivers/usb/gadget/composite.c
usb: dwc2: fix isoc split in transfer with no data
libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store()
IB/rxe: Fix missing completion for mem_reg work requests
drm: mali-dp: Enable Global SE interrupts mask for DP500
arm64: dts: ns2: Fix I2C controller interrupt type
ARM: dts: Cygnus: Fix PCIe controller interrupt type
ARM: dts: Cygnus: Fix I2C controller interrupt type
ARM: dts: NSP: Fix PCIe controllers interrupt types
ARM: dts: NSP: Fix i2c controller interrupt type
selftests: sync: add config fragment for testing sync framework
selftests: zram: return Kselftest Skip code for skipped tests
selftests: user: return Kselftest Skip code for skipped tests
selftests: static_keys: return Kselftest Skip code for skipped tests
selftests: pstore: return Kselftest Skip code for skipped tests
* netfilter: ipv6: nf_defrag: reduce struct net memory waste
include/net/net_namespace.h
include/net/netns/ipv6.h
net/ipv6/netfilter/nf_conntrack_reasm.c
* usb: dwc3: of-simple: fix use-after-free on remove
drivers/usb/dwc3/dwc3-of-simple.c
ARC: Explicitly add -mmedium-calls to CFLAGS
x86/entry/64: Remove %ebx handling from error_entry/exit
Change-Id: Icbeb206a153ad3c73c1a73466271f36a49e9f57d
Signed-off-by: Petri Gynther <pgynther@google.com>
|
||
|
Prateek Sood
|
2009f1797b |
locking/osq_lock: Fix osq_lock queue corruption
commit 50972fe78f24f1cd0b9d7bbf1f87d2be9e4f412e upstream.
Fix ordering of link creation between node->prev and prev->next in
osq_lock(). A case in which the status of optimistic spin queue is
CPU6->CPU2 in which CPU6 has acquired the lock.
tail
v
,-. <- ,-.
|6| |2|
`-' -> `-'
At this point if CPU0 comes in to acquire osq_lock, it will update the
tail count.
CPU2 CPU0
----------------------------------
tail
v
,-. <- ,-. ,-.
|6| |2| |0|
`-' -> `-' `-'
After tail count update if CPU2 starts to unqueue itself from
optimistic spin queue, it will find an updated tail count with CPU0 and
update CPU2 node->next to NULL in osq_wait_next().
unqueue-A
tail
v
,-. <- ,-. ,-.
|6| |2| |0|
`-' `-' `-'
unqueue-B
->tail != curr && !node->next
If reordering of following stores happen then prev->next where prev
being CPU2 would be updated to point to CPU0 node:
tail
v
,-. <- ,-. ,-.
|6| |2| |0|
`-' `-' -> `-'
osq_wait_next()
node->next <- 0
xchg(node->next, NULL)
tail
v
,-. <- ,-. ,-.
|6| |2| |0|
`-' `-' `-'
unqueue-C
At this point if next instruction
WRITE_ONCE(next->prev, prev);
in CPU2 path is committed before the update of CPU0 node->prev = prev then
CPU0 node->prev will point to CPU6 node.
tail
v----------. v
,-. <- ,-. ,-.
|6| |2| |0|
`-' `-' `-'
`----------^
At this point if CPU0 path's node->prev = prev is committed resulting
in change of CPU0 prev back to CPU2 node. CPU2 node->next is NULL
currently,
tail
v
,-. <- ,-. <- ,-.
|6| |2| |0|
`-' `-' `-'
`----------^
so if CPU0 gets into unqueue path of osq_lock it will keep spinning
in infinite loop as condition prev->next == node will never be true.
Signed-off-by: Prateek Sood <prsood@codeaurora.org>
[ Added pictures, rewrote comments. ]
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: sramana@codeaurora.org
Link: http://lkml.kernel.org/r/1500040076-27626-1-git-send-email-prsood@codeaurora.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Prateek Sood
|
0cbde6c5b6 |
locking/rwsem-xadd: Fix missed wakeup due to reordering of load
commit 9c29c31830a4eca724e137a9339137204bbb31be upstream.
If a spinner is present, there is a chance that the load of
rwsem_has_spinner() in rwsem_wake() can be reordered with
respect to decrement of rwsem count in __up_write() leading
to wakeup being missed:
spinning writer up_write caller
--------------- -----------------------
[S] osq_unlock() [L] osq
spin_lock(wait_lock)
sem->count=0xFFFFFFFF00000001
+0xFFFFFFFF00000000
count=sem->count
MB
sem->count=0xFFFFFFFE00000001
-0xFFFFFFFF00000001
spin_trylock(wait_lock)
return
rwsem_try_write_lock(count)
spin_unlock(wait_lock)
schedule()
Reordering of atomic_long_sub_return_release() in __up_write()
and rwsem_has_spinner() in rwsem_wake() can cause missing of
wakeup in up_write() context. In spinning writer, sem->count
and local variable count is 0XFFFFFFFE00000001. It would result
in rwsem_try_write_lock() failing to acquire rwsem and spinning
writer going to sleep in rwsem_down_write_failed().
The smp_rmb() will make sure that the spinner state is
consulted after sem->count is updated in up_write context.
Signed-off-by: Prateek Sood <prsood@codeaurora.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: dave@stgolabs.net
Cc: longman@redhat.com
Cc: parri.andrea@gmail.com
Cc: sramana@codeaurora.org
Link: http://lkml.kernel.org/r/1504794658-15397-1-git-send-email-prsood@codeaurora.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|