49eea524bebea0d2b7dfa1c709a6694de808eb8a
853 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Neeraj Upadhyay
|
29c7005552 |
perf: don't zombie certain events in perf_event_release_kernel
Ignore events with no particular cpu associated, while moving the events to zombie state, during event release. Change-Id: I11624f3734633ee6c55454be0cd32f638ed61024 Signed-off-by: Neeraj Upadhyay <neeraju@codeaurora.org> |
||
|
Kyle Yan
|
ff97938fbf |
Merge remote-tracking branch '4.9/tmp-8dd0f52' into msm-4.9
* 4.9/tmp-8dd0f52: Linux 4.9.72 sparc32: Export vac_cache_size to fix build error bpf: fix incorrect sign extension in check_alu_op() bpf: reject out-of-bounds stack pointer calculation bpf: fix branch pruning logic bpf: adjust insn_aux_data when patching insns Revert "Bluetooth: btusb: driver to enable the usb-wakeup feature" platform/x86: asus-wireless: send an EV_SYN/SYN_REPORT between state changes MIPS: math-emu: Fix final emulation phase for certain instructions thermal/drivers/hisi: Fix multiple alarm interrupts firing thermal/drivers/hisi: Simplify the temperature/step computation thermal/drivers/hisi: Fix kernel panic on alarm interrupt thermal/drivers/hisi: Fix missing interrupt enablement thermal: hisilicon: Handle return value of clk_prepare_enable cpuidle: fix broadcast control when broadcast can not be entered rtc: set the alarm to the next expiring timer tcp: fix under-evaluated ssthresh in TCP Vegas clk: sunxi-ng: sun6i: Rename HDMI DDC clock to avoid name collision staging: greybus: light: Release memory obtained by kasprintf net: ipv6: send NS for DAD when link operationally up fm10k: ensure we process SM mbx when processing VF mbx vfio/pci: Virtualize Maximum Payload Size scsi: lpfc: PLOGI failures during NPIV testing scsi: lpfc: Fix secure firmware updates fm10k: fix mis-ordered parameters in declaration for .ndo_set_vf_bw ASoC: img-parallel-out: Add pm_runtime_get/put to set_fmt callback tracing: Exclude 'generic fields' from histograms PCI/AER: Report non-fatal errors only to the affected endpoint IB/rxe: check for allocation failure on elem ixgbe: fix use of uninitialized padding igb: check memory allocation failure PM / OPP: Move error message to debug level PCI: Create SR-IOV virtfn/physfn links before attaching driver scsi: mpt3sas: Fix IO error occurs on pulling out a drive from RAID1 volume created on two SATA drive scsi: cxgb4i: fix Tx skb leak PCI: Avoid bus reset if bridge itself is broken net: phy: at803x: Change error to EINVAL for invalid MAC kvm, mm: account kvm related kmem slabs to kmemcg rtc: pl031: make interrupt optional crypto: crypto4xx - increase context and scatter ring buffer elements backlight: pwm_bl: Fix overflow condition bnxt_en: Fix NULL pointer dereference in reopen failure path cpuidle: powernv: Pass correct drv->cpumask for registration ARM: dma-mapping: disallow dma_get_sgtable() for non-kernel managed memory Btrfs: fix an integer overflow check netfilter: nfnetlink_queue: fix secctx memory leak xhci: plat: Register shutdown for xhci_plat net: moxa: fix TX overrun memory leak isdn: kcapi: avoid uninitialized data virtio_balloon: prevent uninitialized variable use virtio-balloon: use actual number of stats for stats queue buffers KVM: pci-assign: do not map smm memory slot pages in vt-d page tables net: ipconfig: fix ic_close_devs() use-after-free cpufreq: Fix creation of symbolic links to policy directories ARM: dts: am335x-evmsk: adjust mmc2 param to allow suspend netfilter: nf_nat_snmp: Fix panic when snmp_trap_helper fails to register netfilter: nfnl_cthelper: fix a race when walk the nf_ct_helper_hash table irda: vlsi_ir: fix check for DMA mapping errors RDMA/iser: Fix possible mr leak on device removal event i40e: Do not enable NAPI on q_vectors that have no rings IB/rxe: increment msn only when completing a request IB/rxe: double free on error net: Do not allow negative values for busy_read and busy_poll sysctl interfaces nbd: set queue timeout properly infiniband: Fix alignment of mmap cookies to support VIPT caching IB/core: Protect against self-requeue of a cq work item i40iw: Receive netdev events post INET_NOTIFIER state bna: avoid writing uninitialized data into hw registers s390/qeth: no ETH header for outbound AF_IUCV s390/qeth: size calculation outbound buffers r8152: prevent the driver from transmitting packets with carrier off ASoC: STI: Fix reader substream pointer set HID: xinmo: fix for out of range for THT 2P arcade controller. hwmon: (asus_atk0110) fix uninitialized data access ARM: dts: ti: fix PCI bus dtc warnings KVM: VMX: Fix enable VPID conditions KVM: x86: correct async page present tracepoint kvm: vmx: Flush TLB when the APIC-access address changes scsi: lpfc: Fix PT2PT PRLI reject pinctrl: st: add irq_request/release_resources callbacks inet: frag: release spinlock before calling icmp_send() tipc: fix nametbl deadlock at tipc_nametbl_unsubscribe r8152: fix the rx early size of RTL8153 iommu/exynos: Workaround FLPD cache flush issues for SYSMMU v5 netfilter: nfnl_cthelper: Fix memory leak netfilter: nfnl_cthelper: fix runtime expectation policy updates usb: gadget: udc: remove pointer dereference after free usb: gadget: f_uvc: Sanity check wMaxPacketSize for SuperSpeed hwmon: (max31790) Set correct PWM value net: qmi_wwan: Add USB IDs for MDM6600 modem on Motorola Droid 4 sctp: out_qlen should be updated when pruning unsent queue bna: integer overflow bug in debugfs sch_dsmark: fix invalid skb_cow() usage vsock: cancel packets when failing to connect vhost-vsock: add pkt cancel capability vsock: track pkt owner vsock crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex r8152: fix the list rx_done may be used without initialization cpuidle: Validate cpu_dev in cpuidle_add_sysfs() nvme-loop: handle cpu unplug when re-establishing the controller arm: kprobes: Align stack to 8-bytes in test code arm: kprobes: Fix the return address of multiple kretprobes HID: corsair: Add driver Scimitar Pro RGB gaming mouse 1b1c:1b3e support to hid-corsair HID: corsair: support for K65-K70 Rapidfire and Scimitar Pro RGB kvm: fix usage of uninit spinlock in avic_vm_destroy() ALSA: hda - add support for docking station for HP 840 G3 ALSA: hda - add support for docking station for HP 820 G2 arm64: Initialise high_memory global variable earlier cxl: Check if vphb exists before iterating over AFU devices Linux 4.9.71 ath9k: fix tx99 potential info leak icmp: don't fail on fragment reassembly time exceeded IB/ipoib: Grab rtnl lock on heavy flush when calling ndo_open/stop RDMA/cma: Avoid triggering undefined behavior macvlan: Only deliver one copy of the frame to the macvlan interface udf: Avoid overflow when session starts at large offset scsi: bfa: integer overflow in debugfs scsi: sd: change allow_restart to bool in sysfs interface scsi: sd: change manage_start_stop to bool in sysfs interface rtl8188eu: Fix a possible sleep-in-atomic bug in rtw_disassoc_cmd rtl8188eu: Fix a possible sleep-in-atomic bug in rtw_createbss_cmd vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend IB/core: Fix calculation of maximum RoCE MTU scsi: scsi_devinfo: Add REPORTLUN2 to EMC SYMMETRIX blacklist entry raid5: Set R5_Expanded on parity devices as well as data. pinctrl: adi2: Fix Kconfig build problem usb: musb: da8xx: fix babble condition handling tty fix oops when rmmod 8250 soc: mediatek: pwrap: fix compiler errors powerpc/perf/hv-24x7: Fix incorrect comparison in memord scsi: hpsa: destroy sas transport properties before scsi_host scsi: hpsa: cleanup sas_phy structures in sysfs when unloading PCI: Detach driver before procfs & sysfs teardown on device remove RDMA/cxgb4: Declare stag as __be32 xfs: fix incorrect extent state in xfs_bmap_add_extent_unwritten_real xfs: fix log block underflow during recovery cycle verification l2tp: cleanup l2tp_tunnel_delete calls nvme: use kref_get_unless_zero in nvme_find_get_ns platform/x86: hp_accel: Add quirk for HP ProBook 440 G4 btrfs: tests: Fix a memory leak in error handling path in 'run_test()' arm64: prevent regressions in compressed kernel image size when upgrading to binutils 2.27 Ib/hfi1: Return actual operational VLs in port info query bcache: fix wrong cache_misses statistics bcache: explicitly destroy mutex while exiting GFS2: Take inode off order_write list when setting jdata flag scsi: scsi_debug: write_same: fix error report thermal/drivers/step_wise: Fix temperature regulation misbehavior ASoC: rsnd: rsnd_ssi_run_mods() needs to care ssi_parent_mod ppp: Destroy the mutex when cleanup clk: tegra: Fix cclk_lp divisor register clk: hi6220: mark clock cs_atb_syspll as critical clk: imx6: refine hdmi_isfr's parent to make HDMI work on i.MX6 SoCs w/o VPU clk: mediatek: add the option for determining PLL source clock mm: Handle 0 flags in _calc_vm_trans() macro crypto: tcrypt - fix buffer lengths in test_aead_speed() arm-ccn: perf: Prevent module unload while PMU is in use xfs: truncate pagecache before writeback in xfs_setattr_size() iommu/amd: Limit the IOVA page range to the specified addresses badblocks: fix wrong return value in badblocks_set if badblocks are disabled target/file: Do not return error for UNMAP if length is zero target:fix condition return in core_pr_dump_initiator_port() iscsi-target: fix memory leak in lio_target_tiqn_addtpg() target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd() platform/x86: intel_punit_ipc: Fix resource ioremap warning powerpc/ipic: Fix status get and status clear powerpc/opal: Fix EBUSY bug in acquiring tokens netfilter: ipvs: Fix inappropriate output of procfs iommu/mediatek: Fix driver name PCI: Do not allocate more buses than available in parent powerpc/powernv/cpufreq: Fix the frequency read by /proc/cpuinfo PCI/PME: Handle invalid data when reading Root Status dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type ASoC: Intel: Skylake: Fix uuid_module memory leak in failure case rtc: pcf8563: fix output clock rate video: fbdev: au1200fb: Return an error code if a memory allocation fails video: fbdev: au1200fb: Release some resources if a memory allocation fails video: udlfb: Fix read EDID timeout fbdev: controlfb: Add missing modes to fix out of bounds access sfc: don't warn on successful change of MAC HID: cp2112: fix broken gpio_direction_input callback Revert "x86/acpi: Set persistent cpuid <-> nodeid mapping when booting" target: fix race during implicit transition work flushes target: fix ALUA transition timeout handling target: Use system workqueue for ALUA transitions btrfs: add missing memset while reading compressed inline extents NFSv4.1 respect server's max size in CREATE_SESSION efi/esrt: Cleanup bad memory map log messages perf symbols: Fix symbols__fixup_end heuristic for corner cases tty: fix data race in tty_ldisc_ref_wait() tty: don't panic on OOM in tty_set_ldisc() rxrpc: Ignore BUSY packets on old calls net: mpls: Fix nexthop alive tracking on down events net/mlx4_core: Avoid delays during VF driver device shutdown nvmet-rdma: Fix a possible uninitialized variable dereference nvmet: confirm sq percpu has scheduled and switched to atomic nvme-loop: fix a possible use-after-free when destroying the admin queue afs: Fix abort on signal while waiting for call completion afs: Fix afs_kill_pages() afs: Fix page leak in afs_write_begin() afs: Populate and use client modification time afs: Better abort and net error handling afs: Invalid op ID should abort with RXGEN_OPCODE afs: Fix the maths in afs_fs_store_data() afs: Prevent callback expiry timer overflow afs: Migrate vlocation fields to 64-bit afs: Flush outstanding writes when an fd is closed afs: Deal with an empty callback array afs: Adjust mode bits processing afs: Populate group ID from vnode status afs: Fix missing put_page() drm/radeon: reinstate oland workaround for sclk mmc: mediatek: Fixed bug where clock frequency could be set wrong sched/deadline: Use deadline instead of period when calculating overflow sched/deadline: Throttle a constrained deadline task activated after the deadline sched/deadline: Make sure the replenishment timer fires in the next period sched/deadline: Add missing update_rq_clock() in dl_task_timer() iwlwifi: mvm: cleanup pending frames in DQA mode Drivers: hv: util: move waiting for release to hv_utils_transport itself drm/radeon/si: add dpm quirk for Oland fjes: Fix wrong netdevice feature flags scsi: hpsa: do not timeout reset operations scsi: hpsa: limit outstanding rescans scsi: hpsa: update check for logical volume status ASoC: rcar: clear DE bit only in PDMACHCR when it stops openrisc: fix issue handling 8 byte get_user calls intel_th: pci: Add Gemini Lake support drm: amd: remove broken include path qed: Fix interrupt flags on Rx LL2 qed: Fix mapping leak on LL2 rx flow qed: Align CIDs according to DORQ requirement mlxsw: reg: Fix SPVMLR max record count mlxsw: reg: Fix SPVM max record count net: Resend IGMP memberships upon peer notification. irqchip/mvebu-odmi: Select GENERIC_MSI_IRQ_DOMAIN dmaengine: Fix array index out of bounds warning in __get_unmap_pool() net: wimax/i2400m: fix NULL-deref at probe writeback: fix memory leak in wb_queue_work() blk-mq: Fix tagset reinit in the presence of cpu hot-unplug ASoC: rsnd: fix sound route path when using SRC6/SRC9 netfilter: bridge: honor frag_max_size when refragmenting drm/omap: fix dmabuf mmap for dma_alloc'ed buffers Input: i8042 - add TUXEDO BU1406 (N24_25BU) to the nomux list NFSD: fix nfsd_reset_versions for NFSv4. NFSD: fix nfsd_minorversion(.., NFSD_AVAIL) drm/amdgpu: fix parser init error path to avoid crash in parser fini iommu/io-pgtable-arm-v7s: Check for leaf entry before dereferencing it net/mlx5: Don't save PCI state when PCI error is detected net/mlx5: Fix create autogroup prev initializer rxrpc: Wake up the transmitter if Rx window size increases on the peer net: bcmgenet: Power up the internal PHY before probing the MII net: bcmgenet: synchronize irq0 status between the isr and task net: bcmgenet: power down internal phy if open or resume fails net: bcmgenet: reserved phy revisions must be checked first net: bcmgenet: correct MIB access of UniMAC RUNT counters net: bcmgenet: correct the RBUF_OVFL_CNT and RBUF_ERR_CNT MIB values bnxt_en: Ignore 0 value in autoneg supported speed from firmware. net: initialize msg.msg_flags in recvfrom userfaultfd: selftest: vm: allow to build in vm/ directory userfaultfd: shmem: __do_fault requires VM_FAULT_NOPAGE md-cluster: free md_cluster_info if node leave cluster usb: xhci-mtk: check hcc_params after adding primary hcd KVM: nVMX: do not warn when MSR bitmap address is not backed usb: phy: isp1301: Add OF device ID table mac80211: Fix addition of mesh configuration element ext4: fix crash when a directory's i_size is too small ext4: fix fdatasync(2) after fallocate(2) operation dmaengine: dmatest: move callback wait queue to thread context eeprom: at24: change nvmem stride to 1 sched/rt: Do not pull from current CPU if only one CPU to pull nfs: don't wait on commit in nfs_commit_inode() if there were no commit requests xhci: Don't add a virt_dev to the devs array before it's fully allocated Bluetooth: btusb: driver to enable the usb-wakeup feature usb: xhci: fix TDS for MTK xHCI1.1 ceph: drop negative child dentries before try pruning inode's alias usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input usb: add helper to extract bits 12:11 of wMaxPacketSize usbip: fix stub_rx: get_pipe() to validate endpoint number USB: core: prevent malicious bNumInterfaces overflow USB: uas and storage: Add US_FL_BROKEN_FUA for another JMicron JMS567 ID tracing: Allocate mask_str buffer dynamically autofs: fix careless error in recent commit crypto: salsa20 - fix blkcipher_walk API usage crypto: hmac - require that the underlying hash algorithm is unkeyed crypto: rsa - fix buffer overread when stripping leading zeroes mfd: fsl-imx25: Clean up irq settings during removal Linux 4.9.70 RDMA/cxgb4: Annotate r2 and stag as __be32 md: free unused memory after bitmap resize audit: ensure that 'audit=1' actually enables audit for PID 1 ipvlan: fix ipv6 outbound device kbuild: do not call cc-option before KBUILD_CFLAGS initialization powerpc/64: Fix checksum folding in csum_tcpudp_nofold and ip_fast_csum_nofold KVM: arm/arm64: vgic-its: Preserve the revious read from the pending table fix kcm_clone() usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping s390: always save and restore all registers on context switch ipmi: Stop timers before cleaning up the module Fix handling of verdicts after NF_QUEUE tipc: call tipc_rcv() only if bearer is up in tipc_udp_recv() s390/qeth: fix thinko in IPv4 multicast address tracking s390/qeth: fix GSO throughput regression s390/qeth: build max size GSO skbs on L2 devices tcp/dccp: block bh before arming time_wait timer stmmac: reset last TSO segment size after device open net: remove hlist_nulls_add_tail_rcu() usbnet: fix alignment for frames with no ethernet header net/packet: fix a race in packet_bind() and packet_notifier() packet: fix crash in fanout_demux_rollover() sit: update frag_off info rds: Fix NULL pointer dereference in __rds_rdma_map tipc: fix memory leak in tipc_accept_from_sock() s390/qeth: fix early exit from error path net: qmi_wwan: add Quectel BG96 2c7c:0296 ANDROID: dma-buf/sw_sync: Rename active_list to link FROMLIST: android: binder: Fix null ptr dereference in debug msg FROMLIST: android: binder: Move buffer out of area shared with user space FROMLIST: android: binder: Add allocator selftest FROMLIST: android: binder: Refactor prev and next buffer into a helper function Linux 4.9.69 afs: Connect up the CB.ProbeUuid IB/mlx5: Assign send CQ and recv CQ of UMR QP IB/mlx4: Increase maximal message size under UD QP xfrm: Copy policy family in clone_policy jump_label: Invoke jump_label_test() via early_initcall() atm: horizon: Fix irq release error clk: uniphier: fix DAPLL2 clock rate of Pro5 bpf: fix lockdep splat sctp: use the right sk after waking up from wait_buf sleep sctp: do not free asoc when it is already dead in sctp_sendmsg zsmalloc: calling zs_map_object() from irq is a bug sparc64/mm: set fields in deferred pages block: wake up all tasks blocked in get_request() dt-bindings: usb: fix reg-property port-number range xfs: fix forgotten rcu read unlock when skipping inode reclaim sunrpc: Fix rpc_task_begin trace point NFS: Fix a typo in nfs_rename() dynamic-debug-howto: fix optional/omitted ending line number to be LARGE instead of 0 lib/genalloc.c: make the avail variable an atomic_long_t drivers/rapidio/devices/rio_mport_cdev.c: fix resource leak in error handling path in 'rio_dma_transfer()' route: update fnhe_expires for redirect when the fnhe exists route: also update fnhe_genid when updating a route cache gre6: use log_ecn_error module parameter in ip6_tnl_rcv() mac80211_hwsim: Fix memory leak in hwsim_new_radio_nl() x86/mpx/selftests: Fix up weird arrays coccinelle: fix parallel build with CHECK=scripts/coccicheck kbuild: pkg: use --transform option to prefix paths in tar EDAC, i5000, i5400: Fix definition of NRECMEMB register EDAC, i5000, i5400: Fix use of MTR_DRAM_WIDTH macro powerpc/powernv/ioda2: Gracefully fail if too many TCE levels requested drm/amd/amdgpu: fix console deadlock if late init failed axonram: Fix gendisk handling netfilter: don't track fragmented packets zram: set physical queue limits to avoid array out of bounds accesses blk-mq: initialize mq kobjects in blk_mq_init_allocated_queue() i2c: riic: fix restart condition crypto: s5p-sss - Fix completing crypto request in IRQ handler ipv6: reorder icmpv6_init() and ip6_mr_init() ibmvnic: Allocate number of rx/tx buffers agreed on by firmware ibmvnic: Fix overflowing firmware/hardware TX queue rds: tcp: Sequence teardown of listen and acceptor sockets to avoid races bnx2x: do not rollback VF MAC/VLAN filters we did not configure bnx2x: fix detection of VLAN filtering feature for VF bnx2x: fix possible overrun of VFPF multicast addresses array bnx2x: prevent crash when accessing PTP with interface down spi_ks8995: regs_size incorrect for some devices spi_ks8995: fix "BUG: key accdaa28 not in .data!" KVM: arm/arm64: VGIC: Fix command handling while ITS being disabled arm64: KVM: Survive unknown traps from guests arm: KVM: Survive unknown traps from guests KVM: nVMX: reset nested_run_pending if the vCPU is going to be reset irqchip/crossbar: Fix incorrect type of register size scsi: lpfc: Fix crash during Hardware error recovery on SLI3 adapters scsi: qla2xxx: Fix ql_dump_buffer workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq libata: drop WARN from protocol error in ata_sff_qc_issue() kvm: nVMX: VMCLEAR should not cause the vCPU to shut down usb: gadget: udc: net2280: Fix tmp reusage in net2280 driver usb: gadget: pxa27x: Test for a valid argument pointer usb: dwc3: gadget: Fix system suspend/resume on TI platforms USB: gadgetfs: Fix a potential memory leak in 'dev_config()' usb: gadget: configs: plug memory leak HID: chicony: Add support for another ASUS Zen AiO keyboard gpio: altera: Use handle_level_irq when configured as a level_high ASoC: rcar: avoid SSI_MODEx settings for SSI8 ARM: OMAP2+: Release device node after it is no longer needed. ARM: OMAP2+: Fix device node reference counts powerpc/64: Fix checksum folding in csum_add() module: set __jump_table alignment to 8 lirc: fix dead lock between open and wakeup_filter powerpc: Fix compiling a BE kernel with a powerpc64le toolchain selftest/powerpc: Fix false failures for skipped tests powerpc/64: Invalidate process table caching after setting process table x86/hpet: Prevent might sleep splat on resume sched/fair: Make select_idle_cpu() more aggressive x86/platform/uv/BAU: Fix HUB errors by remove initial write to sw-ack register x86/selftests: Add clobbers for int80 on x86_64 ARM: OMAP2+: gpmc-onenand: propagate error on initialization failure vti6: Don't report path MTU below IPV6_MIN_MTU. ARM: 8657/1: uaccess: consistently check object sizes Revert "spi: SPI_FSL_DSPI should depend on HAS_DMA" Revert "drm/armada: Fix compile fail" mm: drop unused pmdp_huge_get_and_clear_notify() thp: fix MADV_DONTNEED vs. numa balancing race thp: reduce indentation level in change_huge_pmd() ARM: avoid faulting on qemu ARM: BUG if jumping to usermode address in kernel mode usb: f_fs: Force Reserved1=1 in OS_DESC_EXT_COMPAT crypto: talitos - fix ctr-aes-talitos crypto: talitos - fix use of sg_link_tbl_len crypto: talitos - fix AEAD for sha224 on non sha224 capable chips crypto: talitos - fix setkey to check key weakness crypto: talitos - fix memory corruption on SEC2 crypto: talitos - fix AEAD test failures bus: arm-ccn: fix module unloading Error: Removing state 147 which has instances left. bus: arm-ccn: Fix use of smp_processor_id() in preemptible context bus: arm-ccn: Check memory allocation failure bus: arm-cci: Fix use of smp_processor_id() in preemptible context arm64: fpsimd: Prevent registers leaking from dead tasks KVM: arm/arm64: vgic-its: Check result of allocation before use KVM: arm/arm64: vgic-irqfd: Fix MSI entry allocation KVM: arm/arm64: Fix broken GICH_ELRSR big endian conversion KVM: VMX: remove I/O port 0x80 bypass on Intel hosts arm: KVM: Fix VTTBR_BADDR_MASK BUG_ON off-by-one arm64: KVM: fix VTTBR_BADDR_MASK BUG_ON off-by-one media: dvb: i2c transfers over usb cannot be done from stack drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU kdb: Fix handling of kallsyms_symbol_next() return value brcmfmac: change driver unbind order of the sdio function devices powerpc/64s: Initialize ISAv3 MMU registers before setting partition table KVM: s390: Fix skey emulation permission check s390: fix compat system call table smp/hotplug: Move step CPUHP_AP_SMPCFD_DYING to the correct place iommu/vt-d: Fix scatterlist offset handling ALSA: usb-audio: Add check return value for usb_string() ALSA: usb-audio: Fix out-of-bound error ALSA: seq: Remove spurious WARN_ON() at timer check ALSA: pcm: prevent UAF in snd_pcm_info btrfs: fix missing error return in btrfs_drop_snapshot KVM: x86: fix APIC page invalidation x86/PCI: Make broadcom_postcore_init() check acpi_disabled X.509: fix comparisons of ->pkey_algo X.509: reject invalid BIT STRING for subjectPublicKey KEYS: add missing permission check for request_key() destination ASN.1: check for error from ASN1_OP_END__ACT actions ASN.1: fix out-of-bounds read when parsing indefinite length item efi/esrt: Use memunmap() instead of kfree() to free the remapping efi: Move some sysfs files to be read-only by root scsi: libsas: align sata_device's rps_resp on a cacheline scsi: use dma_get_cache_alignment() as minimum DMA alignment scsi: dma-mapping: always provide dma_get_cache_alignment isa: Prevent NULL dereference in isa_bus driver callbacks hv: kvp: Avoid reading past allocated blocks from KVP file virtio: release virtio index when fail to device_register can: usb_8dev: cancel urb on -EPIPE and -EPROTO can: esd_usb2: cancel urb on -EPIPE and -EPROTO can: ems_usb: cancel urb on -EPIPE and -EPROTO can: kvaser_usb: cancel urb on -EPIPE and -EPROTO can: kvaser_usb: ratelimit errors if incomplete messages are received can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback() can: kvaser_usb: free buf in error paths can: ti_hecc: Fix napi poll return value for repoll usb: gadget: udc: renesas_usb3: fix number of the pipes ANDROID: Revert "arm64: move ELF_ET_DYN_BASE to 4GB / 4MB" ANDROID: Revert "arm: move ELF_ET_DYN_BASE to 4MB" Linux 4.9.68 xen-netfront: avoid crashing on resume after a failure in talk_to_netback() usb: host: fix incorrect updating of offset USB: usbfs: Filter flags passed in from user space USB: devio: Prevent integer overflow in proc_do_submiturb() USB: Increase usbfs transfer limit USB: core: Add type-specific length check of BOS descriptors usb: xhci: fix panic in xhci_free_virt_devices_depth_first usb: hub: Cycle HUB power when initialization fails dma-buf: Update kerneldoc for sync_file_create dma-buf/sync_file: hold reference to fence when creating sync_file dma-buf/sw_sync: force signal all unsignaled fences on dying timeline dma-fence: Introduce drm_fence_set_error() helper dma-fence: Wrap querying the fence->status dma-fence: Clear fence->status during dma_fence_init() dma-buf/sw_sync: clean up list before signaling the fence dma-buf/sw_sync: move timeline_fence_ops around dma-buf/sw-sync: Use an rbtree to sort fences in the timeline dma-buf/sw-sync: Fix locking around sync_timeline lists dma-buf/sw-sync: sync_pt is private and of fixed size dma-buf/sw-sync: Reduce irqsave/irqrestore from known context dma-buf/sw-sync: Prevent user overflow on timeline advance dma-buf/sw-sync: Fix the is-signaled test to handle u32 wraparound dma-buf/dma-fence: Extract __dma_fence_is_later() net: fec: fix multicast filtering hardware setup xen-netback: vif counters from int/long to u64 cec: initiator should be the same as the destination for, poll xen-netfront: Improve error handling during initialization mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers vfio/spapr: Fix missing mutex unlock when creating a window be2net: fix initial MAC setting net: thunderx: avoid dereferencing xcv when NULL net: phy: micrel: KSZ8795 do not set SUPPORTED_[Asym_]Pause gtp: fix cross netns recv on gtp socket gtp: clear DF bit on GTP packet tx nvmet: cancel fatal error and flush async work before free controller i2c: i2c-cadence: Initialize configuration before probing devices tcp: correct memory barrier usage in tcp_check_space() dmaengine: pl330: fix double lock tipc: fix cleanup at module unload tipc: fix nametbl_lock soft lockup at module exit RDMA/qedr: Fix RDMA CM loopback RDMA/qedr: Return success when not changing QP state mac80211: don't try to sleep in rate_control_rate_init() drm/amdgpu: fix unload driver issue for virtual display x86/fpu: Set the xcomp_bv when we fake up a XSAVES area net: sctp: fix array overrun read on sctp_timer_tbl drm/exynos/decon5433: set STANDALONE_UPDATE_F on output enablement drm/amdgpu: fix bug set incorrect value to vce register qla2xxx: Fix wrong IOCB type assumption powerpc/mm: Fix memory hotplug BUG() on radix perf/x86/intel: Account interrupts for PEBS errors NFSv4: Fix client recovery when server reboots multiple times mac80211: prevent skb/txq mismatch KVM: arm/arm64: Fix occasional warning from the timer work function drm/exynos/decon5433: set STANDALONE_UPDATE_F also if planes are disabled drm/exynos/decon5433: update shadow registers iff there are active windows nfs: Don't take a reference on fl->fl_file for LOCK operation ravb: Remove Rx overflow log messages mac80211: calculate min channel width correctly mm: fix remote numa hits statistics net: qrtr: Mark 'buf' as little endian libfs: Modify mount_pseudo_xattr to be clear it is not a userspace mount net/appletalk: Fix kernel memory disclosure be2net: fix unicast list filling be2net: fix accesses to unicast list vti6: fix device register to report IFLA_INFO_KIND ARM: OMAP1: DMA: Correct the number of logical channels ARM: OMAP2+: Fix WL1283 Bluetooth Baud Rate net: systemport: Pad packet before inserting TSB net: systemport: Utilize skb_put_padto() libcxgb: fix error check for ip6_route_output() usb: gadget: f_fs: Fix ExtCompat descriptor validation dmaengine: stm32-dma: Fix null pointer dereference in stm32_dma_tx_status dmaengine: stm32-dma: Set correct args number for DMA request from DT l2tp: take remote address into account in l2tp_ip and l2tp_ip6 socket lookups net/mlx4_en: Fix type mismatch for 32-bit systems dax: Avoid page invalidation races and unnecessary radix tree traversals iio: adc: ti-ads1015: add 10% to conversion wait time tools include: Do not use poison with C++ kprobes/x86: Disable preemption in ftrace-based jprobes perf test attr: Fix ignored test case result usbip: tools: Install all headers needed for libusbip development sysrq : fix Show Regs call trace on ARM EDAC, sb_edac: Fix missing break in switch x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X usb: phy: tahvo: fix error handling in tahvo_usb_probe() mmc: sdhci-msm: fix issue with power irq spi: spi-axi: fix potential use-after-free after deregistration spi: sh-msiof: Fix DMA transfer size check staging: rtl8188eu: avoid a null dereference on pmlmepriv serial: 8250_fintek: Fix rs485 disablement on invalid ioctl() m68k: fix ColdFire node shift size calculation staging: greybus: loopback: Fix iteration count on async path selftests/x86/ldt_get: Add a few additional tests for limits s390/pci: do not require AIS facility ima: fix hash algorithm initialization USB: serial: option: add Quectel BG96 id s390/runtime instrumentation: simplify task exit handling serial: 8250_pci: Add Amazon PCI serial device ID usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices mm, oom_reaper: gather each vma to prevent leaking TLB entry Revert "crypto: caam - get rid of tasklet" drm/fsl-dcu: enable IRQ before drm_atomic_helper_resume() drm/fsl-dcu: avoid disabling pixel clock twice on suspend bcache: recover data from backing when data is clean bcache: only permit to recovery read error when cache device is clean Linux 4.9.67 drm/i915: Prevent zero length "index" write drm/i915: Don't try indexed reads to alternate slave addresses NFS: revalidate "." etc correctly on "open". Revert "x86/entry/64: Add missing irqflags tracing to native_load_gs_index()" drm/amd/pp: fix typecast error in powerplay. drm/ttm: once more fix ttm_buffer_object_transfer drm/hisilicon: Ensure LDI regs are properly configured. drm/panel: simple: Add missing panel_simple_unprepare() calls drm/radeon: fix atombios on big endian drm/amdgpu: Potential uninitialized variable in amdgpu_vm_update_directories() drm/amdgpu: potential uninitialized variable in amdgpu_vce_ring_parse_cs() Revert "drm/radeon: dont switch vt on suspend" nvme-pci: add quirk for delay before CHK RDY for WDC SN200 hwmon: (jc42) optionally try to disable the SMBUS timeout bcache: Fix building error on MIPS i2c: i801: Fix Failed to allocate irq -2147483648 error eeprom: at24: check at24_read/write arguments eeprom: at24: correctly set the size for at24mac402 eeprom: at24: fix reading from 24MAC402/24MAC602 mmc: core: prepend 0x to OCR entry in sysfs mmc: core: Do not leave the block driver in a suspended state KVM: lapic: Fixup LDR on load in x2apic KVM: lapic: Split out x2apic ldr calculation KVM: x86: inject exceptions produced by x86_decode_insn KVM: x86: Exit to user-mode on #UD intercept when emulator requires KVM: x86: pvclock: Handle first-time write to pvclock-page contains random junk ARM: OMAP2+: Fix WL1283 Bluetooth Baud Rate mfd: twl4030-power: Fix pmic for boards that need vmmc1 on reboot nfsd: fix panic in posix_unblock_lock called from nfs4_laundromat nfsd: Fix another OPEN stateid race nfsd: Fix stateid races between OPEN and CLOSE btrfs: clear space cache inode generation always mm/madvise.c: fix madvise() infinite loop under special circumstances mm, hugetlbfs: introduce ->split() to vm_operations_struct mm/cma: fix alloc_contig_range ret code/potential leak mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d() ARM: dts: omap3: logicpd-torpedo-37xx-devkit: Fix MMC1 cd-gpio ARM: dts: LogicPD Torpedo: Fix camera pin mux Linux 4.9.66 xen: xenbus driver must not accept invalid transaction ids nvmet: fix KATO offset in Set Features cec: update log_addr[] before finishing configuration cec: CEC_MSG_GIVE_FEATURES should abort for CEC version < 2 cec: when canceling a message, don't overwrite old status info s390/kbuild: enable modversions for symbols exported from asm ASoC: wm_adsp: Don't overrun firmware file buffer when reading region data btrfs: return the actual error value from from btrfs_uuid_tree_iterate crypto: marvell - Copy IVDIG before launching partial DMA ahash requests ASoC: rsnd: don't double free kctrl netfilter: nf_tables: fix oob access netfilter: nft_queue: use raw_smp_processor_id() spi: SPI_FSL_DSPI should depend on HAS_DMA staging: iio: cdc: fix improper return value iio: light: fix improper return value adm80211: add checks for dma mapping errors mac80211: Suppress NEW_PEER_CANDIDATE event if no room mac80211: Remove invalid flag operations in mesh TSF synchronization drm/mediatek: don't use drm_put_dev clk: qcom: ipq4019: Add all the frequencies for apss cpu drm: Apply range restriction after color adjustment when allocation gpio: mockup: dynamically allocate memory for chip name ALSA: hda - Apply ALC269_FIXUP_NO_SHUTUP on HDA_FIXUP_ACT_PROBE ath10k: set CTS protection VDEV param only if VDEV is up bnxt_en: Set default completion ring for async events. pinctrl: sirf: atlas7: Add missing 'of_node_put()' ath10k: fix potential memory leak in ath10k_wmi_tlv_op_pull_fw_stats() ath10k: ignore configuring the incorrect board_id ath10k: fix incorrect txpower set by P2P_DEVICE interface mwifiex: sdio: fix use after free issue for save_adapter adm80211: return an error if adm8211_alloc_rings() fails rt2800: set minimum MPDU and PSDU lengths to sane values drm/armada: Fix compile fail net: 3com: typhoon: typhoon_init_one: fix incorrect return values net: 3com: typhoon: typhoon_init_one: make return values more specific net: Allow IP_MULTICAST_IF to set index to L3 slave fscrypt: use ENOTDIR when setting encryption policy on nondirectory fscrypt: use ENOKEY when file cannot be created w/o key dmaengine: zx: set DMA_CYCLIC cap_mask bit clk: sunxi-ng: fix PLL_CPUX adjusting on A33 clk: sunxi-ng: A31: Fix spdif clock register drm/sun4i: Fix a return value in case of error PCI: Apply _HPX settings only to relevant devices RDS: RDMA: fix the ib_map_mr_sg_zbva() argument RDS: RDMA: return appropriate error on rdma map failures RDS: make message size limit compliant with spec e1000e: Avoid receiver overrun interrupt bursts e1000e: Separate signaling for link check/link up e1000e: Fix return value test e1000e: Fix error path in link detection Revert "drm/i915: Do not rely on wm preservation for ILK watermarks" PM / OPP: Add missing of_node_put(np) net/9p: Switch to wait_event_killable() fscrypt: lock mutex before checking for bounce page pool sched/rt: Simplify the IPI based RT balancing logic media: v4l2-ctrl: Fix flags field on Control events cx231xx-cards: fix NULL-deref on missing association descriptor media: rc: check for integer overflow media: Don't do DMA on stack for firmware upload in the AS102 driver powerpc/signal: Properly handle return value from uprobe_deny_signal() parisc: Fix validity check of pointer size argument in new CAS implementation ixgbe: Fix skb list corruption on Power systems fm10k: Use smp_rmb rather than read_barrier_depends i40evf: Use smp_rmb rather than read_barrier_depends ixgbevf: Use smp_rmb rather than read_barrier_depends igbvf: Use smp_rmb rather than read_barrier_depends igb: Use smp_rmb rather than read_barrier_depends i40e: Use smp_rmb rather than read_barrier_depends NFC: fix device-allocation error return IB/srp: Avoid that a cable pull can trigger a kernel crash IB/srpt: Do not accept invalid initiator port names libnvdimm, namespace: make 'resource' attribute only readable by root libnvdimm, namespace: fix label initialization to use valid seq numbers libnvdimm, pfn: make 'resource' attribute only readable by root clk: ti: dra7-atl-clock: fix child-node lookups SUNRPC: Fix tracepoint storage issues with svc_recv and svc_rqst_status KVM: SVM: obey guest PAT KVM: nVMX: set IDTR and GDTR limits when loading L1 host state lockd: double unregister of inetaddr notifiers irqchip/gic-v3: Fix ppi-partitions lookup block: Fix a race between blk_cleanup_queue() and timeout handling p54: don't unregister leds when they are not initialized mtd: nand: mtk: fix infinite ECC decode IRQ issue mtd: nand: Fix writing mtdoops to nand flash. mtd: nand: omap2: Fix subpage write target: Fix QUEUE_FULL + SCSI task attribute handling iscsi-target: Fix non-immediate TMR reference leak fs/9p: Compare qid.path in v9fs_test_inode fix a page leak in vhost_scsi_iov_to_sgl() error recovery ALSA: hda/realtek - Fix ALC700 family no sound issue ALSA: hda: Fix too short HDMI/DP chmap reporting ALSA: timer: Remove kernel warning at compat ioctl error paths ALSA: usb-audio: Add sanity checks in v2 clock parsers ALSA: usb-audio: Fix potential out-of-bound access at parsing SU ALSA: usb-audio: Add sanity checks to FE parser ALSA: pcm: update tstamp only if audio_tstamp changed ext4: fix interaction between i_size, fallocate, and delalloc after a crash ata: fixes kernel crash while tracing ata_eh_link_autopsy event rtlwifi: fix uninitialized rtlhal->last_suspend_sec time rtlwifi: rtl8192ee: Fix memory leak when loading firmware nfsd: deal with revoked delegations appropriately NFS: Avoid RCU usage in tracepoints nfs: Fix ugly referral attributes NFS: Fix typo in nomigration mount option isofs: fix timestamps beyond 2027 bcache: check ca->alloc_thread initialized before wake up it libceph: don't WARN() if user tries to add invalid key eCryptfs: use after free in ecryptfs_release_messaging() nilfs2: fix race condition that causes file system corruption autofs: don't fail mount for transient error rt2x00usb: mark device removed when get ENOENT usb error MIPS: BCM47XX: Fix LED inversion for WRT54GSv1 MIPS: Fix an n32 core file generation regset support regression MIPS: dts: remove bogus bcm96358nb4ser.dtb from dtb-y entry MIPS: Fix odd fp register warnings with MIPS64r2 dm: fix race between dm_get_from_kobject() and __dm_destroy() MIPS: pci: Remove KERN_WARN instance inside the mt7620 driver dm: allocate struct mapped_device with kvzalloc dm bufio: fix integer overflow when limiting maximum cache size ALSA: hda: Add Raven PCI ID PCI: Set Cavium ACS capability quirk flags to assert RR/CR/SV/UF MIPS: ralink: Fix typo in mt7628 pinmux function MIPS: ralink: Fix MT7628 pinmux ARM: 8721/1: mm: dump: check hardware RO bit for LPAE ARM: 8722/1: mm: make STRICT_KERNEL_RWX effective for LPAE arm64: Implement arch-specific pte_access_permitted() x86/entry/64: Add missing irqflags tracing to native_load_gs_index() x86/decoder: Add new TEST instruction pattern lib/mpi: call cond_resched() from mpi_powm() loop sched: Make resched_cpu() unconditional vsock: use new wait API for vsock_stream_sendmsg() ipv6: only call ip6_route_dev_notify() once for NETDEV_UNREGISTER x86/mm: fix use-after-free of vma during userfaultfd fault ACPI / EC: Fix regression related to triggering source of EC event handling s390/disassembler: increase show_code buffer size s390/disassembler: add missing end marker for e7 table s390/runtime instrumention: fix possible memory corruption s390: fix transactional execution control register handling Conflicts: drivers/android/binder_alloc.c drivers/android/binder_alloc.h drivers/android/binder_alloc_selftest.c drivers/mmc/core/bus.c drivers/mmc/host/sdhci-msm.c drivers/thermal/step_wise.c kernel/cpu.c mm/oom_kill.c sound/usb/mixer.c Change-Id: Id01eb66cafc5970b460321e44ec8ffcfa76971a6 Signed-off-by: Kyle Yan <kyan@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
eb4ef2dea9 |
Merge 4.9.68 into android-4.9-o
Changes in 4.9.68 bcache: only permit to recovery read error when cache device is clean bcache: recover data from backing when data is clean drm/fsl-dcu: avoid disabling pixel clock twice on suspend drm/fsl-dcu: enable IRQ before drm_atomic_helper_resume() Revert "crypto: caam - get rid of tasklet" mm, oom_reaper: gather each vma to prevent leaking TLB entry uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub serial: 8250_pci: Add Amazon PCI serial device ID s390/runtime instrumentation: simplify task exit handling USB: serial: option: add Quectel BG96 id ima: fix hash algorithm initialization s390/pci: do not require AIS facility selftests/x86/ldt_get: Add a few additional tests for limits staging: greybus: loopback: Fix iteration count on async path m68k: fix ColdFire node shift size calculation serial: 8250_fintek: Fix rs485 disablement on invalid ioctl() staging: rtl8188eu: avoid a null dereference on pmlmepriv spi: sh-msiof: Fix DMA transfer size check spi: spi-axi: fix potential use-after-free after deregistration mmc: sdhci-msm: fix issue with power irq usb: phy: tahvo: fix error handling in tahvo_usb_probe() serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() EDAC, sb_edac: Fix missing break in switch sysrq : fix Show Regs call trace on ARM usbip: tools: Install all headers needed for libusbip development perf test attr: Fix ignored test case result kprobes/x86: Disable preemption in ftrace-based jprobes tools include: Do not use poison with C++ iio: adc: ti-ads1015: add 10% to conversion wait time dax: Avoid page invalidation races and unnecessary radix tree traversals net/mlx4_en: Fix type mismatch for 32-bit systems l2tp: take remote address into account in l2tp_ip and l2tp_ip6 socket lookups dmaengine: stm32-dma: Set correct args number for DMA request from DT dmaengine: stm32-dma: Fix null pointer dereference in stm32_dma_tx_status usb: gadget: f_fs: Fix ExtCompat descriptor validation libcxgb: fix error check for ip6_route_output() net: systemport: Utilize skb_put_padto() net: systemport: Pad packet before inserting TSB ARM: OMAP2+: Fix WL1283 Bluetooth Baud Rate ARM: OMAP1: DMA: Correct the number of logical channels vti6: fix device register to report IFLA_INFO_KIND be2net: fix accesses to unicast list be2net: fix unicast list filling net/appletalk: Fix kernel memory disclosure libfs: Modify mount_pseudo_xattr to be clear it is not a userspace mount net: qrtr: Mark 'buf' as little endian mm: fix remote numa hits statistics mac80211: calculate min channel width correctly ravb: Remove Rx overflow log messages nfs: Don't take a reference on fl->fl_file for LOCK operation drm/exynos/decon5433: update shadow registers iff there are active windows drm/exynos/decon5433: set STANDALONE_UPDATE_F also if planes are disabled KVM: arm/arm64: Fix occasional warning from the timer work function mac80211: prevent skb/txq mismatch NFSv4: Fix client recovery when server reboots multiple times perf/x86/intel: Account interrupts for PEBS errors powerpc/mm: Fix memory hotplug BUG() on radix qla2xxx: Fix wrong IOCB type assumption drm/amdgpu: fix bug set incorrect value to vce register drm/exynos/decon5433: set STANDALONE_UPDATE_F on output enablement net: sctp: fix array overrun read on sctp_timer_tbl x86/fpu: Set the xcomp_bv when we fake up a XSAVES area drm/amdgpu: fix unload driver issue for virtual display mac80211: don't try to sleep in rate_control_rate_init() RDMA/qedr: Return success when not changing QP state RDMA/qedr: Fix RDMA CM loopback tipc: fix nametbl_lock soft lockup at module exit tipc: fix cleanup at module unload dmaengine: pl330: fix double lock tcp: correct memory barrier usage in tcp_check_space() i2c: i2c-cadence: Initialize configuration before probing devices nvmet: cancel fatal error and flush async work before free controller gtp: clear DF bit on GTP packet tx gtp: fix cross netns recv on gtp socket net: phy: micrel: KSZ8795 do not set SUPPORTED_[Asym_]Pause net: thunderx: avoid dereferencing xcv when NULL be2net: fix initial MAC setting vfio/spapr: Fix missing mutex unlock when creating a window mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers xen-netfront: Improve error handling during initialization cec: initiator should be the same as the destination for, poll xen-netback: vif counters from int/long to u64 net: fec: fix multicast filtering hardware setup dma-buf/dma-fence: Extract __dma_fence_is_later() dma-buf/sw-sync: Fix the is-signaled test to handle u32 wraparound dma-buf/sw-sync: Prevent user overflow on timeline advance dma-buf/sw-sync: Reduce irqsave/irqrestore from known context dma-buf/sw-sync: sync_pt is private and of fixed size dma-buf/sw-sync: Fix locking around sync_timeline lists dma-buf/sw-sync: Use an rbtree to sort fences in the timeline dma-buf/sw_sync: move timeline_fence_ops around dma-buf/sw_sync: clean up list before signaling the fence dma-fence: Clear fence->status during dma_fence_init() dma-fence: Wrap querying the fence->status dma-fence: Introduce drm_fence_set_error() helper dma-buf/sw_sync: force signal all unsignaled fences on dying timeline dma-buf/sync_file: hold reference to fence when creating sync_file dma-buf: Update kerneldoc for sync_file_create usb: hub: Cycle HUB power when initialization fails usb: xhci: fix panic in xhci_free_virt_devices_depth_first USB: core: Add type-specific length check of BOS descriptors USB: Increase usbfs transfer limit USB: devio: Prevent integer overflow in proc_do_submiturb() USB: usbfs: Filter flags passed in from user space usb: host: fix incorrect updating of offset xen-netfront: avoid crashing on resume after a failure in talk_to_netback() Linux 4.9.68 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Jiri Olsa
|
a88ff235e8 |
perf/x86/intel: Account interrupts for PEBS errors
[ Upstream commit 475113d937adfd150eb82b5e2c5507125a68e7af ]
It's possible to set up PEBS events to get only errors and not
any data, like on SNB-X (model 45) and IVB-EP (model 62)
via 2 perf commands running simultaneously:
taskset -c 1 ./perf record -c 4 -e branches:pp -j any -C 10
This leads to a soft lock up, because the error path of the
intel_pmu_drain_pebs_nhm() does not account event->hw.interrupt
for error PEBS interrupts, so in case you're getting ONLY
errors you don't have a way to stop the event when it's over
the max_samples_per_tick limit:
NMI watchdog: BUG: soft lockup - CPU#22 stuck for 22s! [perf_fuzzer:5816]
...
RIP: 0010:[<ffffffff81159232>] [<ffffffff81159232>] smp_call_function_single+0xe2/0x140
...
Call Trace:
? trace_hardirqs_on_caller+0xf5/0x1b0
? perf_cgroup_attach+0x70/0x70
perf_install_in_context+0x199/0x1b0
? ctx_resched+0x90/0x90
SYSC_perf_event_open+0x641/0xf90
SyS_perf_event_open+0x9/0x10
do_syscall_64+0x6c/0x1f0
entry_SYSCALL64_slow_path+0x25/0x25
Add perf_event_account_interrupt() which does the interrupt
and frequency checks and call it from intel_pmu_drain_pebs_nhm()'s
error path.
We keep the pending_kill and pending_wakeup logic only in the
__perf_event_overflow() path, because they make sense only if
there's any data to deliver.
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephane Eranian <eranian@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vince Weaver <vince@deater.net>
Cc: Vince Weaver <vincent.weaver@maine.edu>
Link: http://lkml.kernel.org/r/1482931866-6018-2-git-send-email-jolsa@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Raghavendra Rao Ananta
|
b5fd2edf6f |
perf: Fix event cleanup across CPU hotplugs
Perf hardware events are generally tied to a particular CPU. During the cleanup process perf_remove_from_context() tries to execute the PMU related cleanup on the CPU that the event is tied to. But if the CPU is offline, the cleanup is not completed successfully at the PMU level, but the event is freed (at the core level). This fix is to collect the events that are approaching the release when it's CPU is down. These zombie events are cleaned up when the CPU is hotplugged on again. Change-Id: I9ddf8f32cfcec4e0cb1c0910fb68b6db984d7553 Signed-off-by: Raghavendra Rao Ananta <rananta@codeaurora.org> |
||
|
Raghavendra Rao Ananta
|
459740ae0d |
perf: Enable user and kernel event sharing
The kernel and the user-space are now able to share the similar events. The kernel and user's attr->type (hardware/raw) and attr->config should be same for them to share the same counter. Change-Id: I4a4b35bde6beaf8f2aef74e683a9804e31807013 Signed-off-by: Raghavendra Rao Ananta <rananta@codeaurora.org> |
||
|
Kyle Yan
|
1bca48ef39 |
Merge remote-tracking branch '4.9/tmp-05a906d' into msm-4.9
* 4.9/tmp-05a906d:
Linux 4.9.56
Revert "socket, bpf: fix possible use after free"
Linux 4.9.55
KVM: x86: fix singlestepping over syscall
f2fs: don't allow encrypted operations without keys
ext4: don't allow encrypted operations without keys
ext4: Don't clear SGID when inheriting ACLs
ext4: fix data corruption for mmap writes
vfs: deny copy_file_range() for non regular files
sched/cpuset/pm: Fix cpuset vs. suspend-resume bugs
mmc: core: add driver strength selection when selecting hs400es
nvme-pci: Use PCI bus address for data/queues in CMB
drm/i915/bios: ignore HDMI on port A
brcmfmac: setup passive scan if requested by user-space
brcmfmac: add length check in brcmf_cfg80211_escan_handler()
scsi: sd: Do not override max_sectors_kb sysfs setting
iwlwifi: add workaround to disable wide channels in 5GHz
iwlwifi: mvm: use IWL_HCMD_NOCOPY for MCAST_FILTER_CMD
netlink: fix nla_put_{u8,u16,u32} for KASAN
rocker: fix rocker_tlv_put_* functions for KASAN
HID: wacom: bits shifted too much for 9th and 10th buttons
HID: wacom: Always increment hdev refcount within wacom_get_hdev_data
HID: wacom: leds: Don't try to control the EKR's read-only LEDs
HID: i2c-hid: allocate hid buffers for real worst case
ftrace: Fix kmemleak in unregister_ftrace_graph
stm class: Fix a use-after-free
Drivers: hv: fcopy: restore correct transfer length
driver core: platform: Don't read past the end of "driver_override" buffer
percpu: make this_cpu_generic_read() atomic w.r.t. interrupts
powerpc/tm: Fix illegal TM state in signal handler
powerpc/64s: Use emergency stack for kernel TM Bad Thing program checks
socket, bpf: fix possible use after free
net: rtnetlink: fix info leak in RTM_GETSTATS call
tipc: use only positive error codes in messages
ip6_tunnel: update mtu properly for ARPHRD_ETHER tunnel device in tx path
ip6_gre: ip6gre_tap device should keep dst
netlink: do not proceed if dump's start() errs
net: Set sk_prot_creator when cloning sockets to the right proto
packet: only test po->has_vnet_hdr once in packet_snd
packet: in packet_do_bind, test fanout with bind_lock held
net: dsa: Fix network device registration order
tun: bail out from tun_get_user() if the skb is empty
l2tp: fix race condition in l2tp_tunnel_delete
l2tp: Avoid schedule while atomic in exit_net
vti: fix use after free in vti_tunnel_xmit/vti6_tnl_xmit
net: qcom/emac: specify the correct size when mapping a DMA buffer
net_sched: always reset qdisc backlog in qdisc_reset()
isdn/i4l: fetch the ppp_write buffer in one shot
bpf: one perf event close won't free bpf program attached by another perf event
packet: hold bind lock when rebinding to fanout hook
net: emac: Fix napi poll list corruption
tcp: fastopen: fix on syn-data transmit failure
net/sched: cls_matchall: fix crash when used with classful qdisc
ip6_tunnel: do not allow loading ip6_tunnel if ipv6 is disabled in cmdline
net: phy: Fix mask value write on gmii2rgmii converter speed register
ip6_gre: skb_push ipv6hdr before packing the header in ip6gre_header
udpv6: Fix the checksum computation when HW checksum does not apply
tcp: fix data delivery rate
bpf/verifier: reject BPF_ALU64|BPF_END
tcp: update skb->skb_mstamp more carefully
sctp: potential read out of bounds in sctp_ulpevent_type_enabled()
net: sched: fix use-after-free in tcf_action_destroy and tcf_del_walker
mlxsw: spectrum: Prevent mirred-related crash on removal
ALSA: usx2y: Suppress kernel warning at page allocation failures
Revert "ALSA: echoaudio: purge contradictions between dimension matrix members and total number of members"
ALSA: compress: Remove unused variable
lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
lib/ratelimit.c: use deferred printk() version
mm, oom_reaper: skip mm structs with mmu notifiers
staging: vchiq_2835_arm: Fix NULL ptr dereference in free_pagelist
uwb: ensure that endpoint is interrupt
uwb: properly check kthread_run return value
iio: adc: mcp320x: Fix oops on module unload
iio: adc: mcp320x: Fix readout of negative voltages
iio: ad7793: Fix the serial interface reset
IIO: BME280: Updates to Humidity readings need ctrl_reg write!
iio: core: Return error for failed read_reg
staging: iio: ad7192: Fix - use the dedicated reset function avoiding dma from stack.
iio: ad_sigma_delta: Implement a dedicated reset function
iio: adc: twl4030: Disable the vusb3v1 rugulator in the error handling path of 'twl4030_madc_probe()'
iio: adc: twl4030: Fix an error handling path in 'twl4030_madc_probe()'
Revert "xhci: Limit USB2 port wake support for AMD Promontory hosts"
xhci: set missing SuperSpeedPlus Link Protocol bit in roothub descriptor
xhci: Fix sleeping with spin_lock_irq() held in ASmedia 1042A workaround
xhci: fix finding correct bus_state structure for USB 3.1 hosts
USB: fix out-of-bounds in usb_set_configuration
usb: Increase quirk delay for USB devices
USB: core: harden cdc_parse_cdc_header
USB: uas: fix bug in handling of alternate settings
USB: g_mass_storage: Fix deadlock when driver is unbound
usb: gadget: mass_storage: set msg_registered after msg registered
USB: devio: Don't corrupt user memory
USB: dummy-hcd: Fix erroneous synchronization change
USB: dummy-hcd: fix infinite-loop resubmission bug
USB: dummy-hcd: fix connection failures (wrong speed)
USB: cdc-wdm: ignore -EPIPE from GetEncapsulatedResponse
usb: pci-quirks.c: Corrected timeout values used in handshake
ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor
usb: renesas_usbhs: fix usbhsf_fifo_clear() for RX direction
usb: renesas_usbhs: fix the BCLR setting condition for non-DCP pipe
usb-storage: fix bogus hardware error messages for ATA pass-thru devices
usb-storage: unusual_devs entry to fix write-access regression for Seagate external drives
usb: gadget: udc: renesas_usb3: Fix return value of usb3_write_pipe()
usb: gadget: udc: renesas_usb3: fix Pn_RAMMAP.Pn_MPKT value
usb: gadget: udc: renesas_usb3: fix for no-data control transfer
usb: gadget: udc: atmel: set vbus irqflags explicitly
USB: gadgetfs: fix copy_to_user while holding spinlock
USB: gadgetfs: Fix crash caused by inadequate synchronization
Linux 4.9.54
s390/mm: make pmdp_invalidate() do invalidation only
ttpci: address stringop overflow warning
ALSA: au88x0: avoid theoretical uninitialized access
ASoC: rt5660: remove double const
ASoC: rt5659: drop double const
ASoC: rt5514: fix gcc-7 warning
ARM: remove duplicate 'const' annotations'
IB/qib: fix false-postive maybe-uninitialized warning
tools/power turbostat: bugfix: GFXMHz column not changing
ARM: dts: BCM5301X: Fix memory start address
libata: transport: Remove circular dependency at free time
ASoC: wm_adsp: Return an error on write to a disabled volatile control
xfs: remove kmem_zalloc_greedy
i2c: meson: fix wrong variable usage in meson_i2c_put_data
netfilter: nf_tables: set pktinfo->thoff at AH header if found
md/raid10: submit bio directly to replacement disk
rds: ib: add error handle
mm/cgroup: avoid panic when init with low memory
iommu/io-pgtable-arm: Check for leaf entry before dereferencing it
x86/acpi: Restore the order of CPU IDs
cpufreq: intel_pstate: Update pid_params.sample_rate_ns in pid_param_set()
ibmvnic: Free tx/rx scrq pointer array when releasing sub-crqs
nfs: make nfs4_cb_sv_ops static
parisc: perf: Fix potential NULL pointer dereference
netfilter: nfnl_cthelper: fix incorrect helper->expect_class_max
nvme-rdma: handle cpu unplug when re-establishing the controller
MIPS: smp-cps: Fix retrieval of VPE mask on big endian CPUs
exynos-gsc: Do not swap cb/cr for semi planar formats
iommu/exynos: Block SYSMMU while invalidating FLPD cache
MIPS: IRQ Stack: Unwind IRQ stack onto task stack
netfilter: invoke synchronize_rcu after set the _hook_ to NULL
drivers/rapidio/devices/tsi721.c: make module parameter variable name unique
kasan: do not sanitize kexec purgatory
hugetlbfs: initialize shared policy as part of inode allocation
sata_via: Enable hotplug only on VT6421
Btrfs: fix potential use-after-free for cloned bio
Btrfs: fix segmentation fault when doing dio read
bridge: netlink: register netdevice before executing changelink
mmc: sdio: fix alignment issue in struct sdio_func
qed: Fix possible system hang in the dcbnl-getdcbx() path.
net: dsa: b53: Include IMP/CPU port in dumb forwarding mode
udp: disable inner UDP checksum offloads in IPsec case
usb: plusb: Add support for PL-27A1
team: fix memory leaks
net/packet: check length in getsockopt() called with PACKET_HDRLEN
net: core: Prevent from dereferencing null pointer when releasing SKB
lkdtm: Fix Oops when unloading the module
mips: ath79: clock:- Unmap region obtained by of_iomap
MIPS: Lantiq: Fix another request_mem_region() return code check
HID: wacom: release the resources before leaving despite devm
drm: mali-dp: Fix transposed horizontal/vertical flip
drm: mali-dp: Fix destination size handling when rotating
ASoC: dapm: fix some pointer error handling
rtl8xxxu: Add additional USB IDs for rtl8192eu devices
usb: chipidea: vbus event may exist before starting gadget
iommu/arm-smmu: Set privileged attribute to 'default' instead of 'unprivileged'
spi: pxa2xx: Add support for Intel Gemini Lake
ath10k: prevent sta pointer rcu violation
audit: log 32-bit socketcalls
ASoC: dapm: handle probe deferrals
partitions/efi: Fix integer overflow in GPT size calculation
sfc: get PIO buffer size from the NIC
USB: serial: mos7840: fix control-message error handling
USB: serial: mos7720: fix control-message error handling
drm/amdkfd: fix improper return value on error
arm: dts: mt2701: Add subsystem clock controller device nodes
IB/ipoib: Replace list_del of the neigh->list with list_del_init
IB/ipoib: rtnl_unlock can not come after free_netdev
IB/ipoib: Fix deadlock over vlan_mutex
serial: 8250_port: Remove dangerous pr_debug()
tty: goldfish: Fix a parameter of a call to free_irq
serial: 8250: moxa: Store num_ports in brd
drm/i915/psr: disable psr2 for resolution greater than 32X20
ARM: 8635/1: nommu: allow enabling REMAP_VECTORS_TO_RAM
IB/rxe: Fix a MR reference leak in check_rkey()
IB/rxe: Add a runtime check in alloc_index()
iio: adc: hx711: Add DT binding for avia,hx711
iio: adc: axp288: Drop bogus AXP288_ADC_TS_PIN_CTRL register modifications
iio: adc: imx25-gcq: Fix module autoload
hwmon: (gl520sm) Fix overflows and crash seen when writing into limit attributes
usb: make the MTK XHCI driver compile for older MIPS SoCs
clk/axs10x: Clear init field in driver probe
sh_eth: use correct name for ECMR_MPDE bit
reset: ti_syscon: fix a ti_syscon_reset_status issue
extcon: axp288: Use vbus-valid instead of -present to determine cable presence
igb: re-assign hw address pointer on reset after PCI error
ARM: dts: am335x-chilisom: Wakeup from RTC-only state by power on event
scsi: be2iscsi: Add checks to validate CID alloc/free
power: supply: axp288_fuel_gauge: Fix fuel_gauge_reg_readb return on error
MIPS: ralink: Fix incorrect assignment on ralink_soc
MIPS: ralink: Fix a typo in the pinmux setup.
MIPS: Ensure bss section ends on a long-aligned address
ARM: dts: r8a7790: Use R-Car Gen 2 fallback binding for msiof nodes
RDS: RDMA: Fix the composite message user notification
clk: sunxi-ng: fix PLL_CPUX adjusting on H3
ARM: dts: exynos: Add CPU OPPs for Exynos4412 Prime
drm/i915: Fix the overlay frontbuffer tracking
GFS2: Fix reference to ERR_PTR in gfs2_glock_iter_next
drm: bridge: add DT bindings for TI ths8135
drm_fourcc: Fix DRM_FORMAT_MOD_LINEAR #define
FROMLIST: binder: fix use-after-free in binder_transaction()
FROMLIST: binder: fix an ret value override
FROMLIST: binder: fix memory corruption in binder_transaction binder
Conflicts:
mm/oom_kill.c
sound/usb/card.c
Change-Id: I8b32fbdaa2be959a4149cf07d0bda16b75eeacbc
Signed-off-by: Kyle Yan <kyan@codeaurora.org>
|
||
|
Greg Kroah-Hartman
|
f931a27161 |
Merge 4.9.55 into android-4.9-o
Changes in 4.9.55
USB: gadgetfs: Fix crash caused by inadequate synchronization
USB: gadgetfs: fix copy_to_user while holding spinlock
usb: gadget: udc: atmel: set vbus irqflags explicitly
usb: gadget: udc: renesas_usb3: fix for no-data control transfer
usb: gadget: udc: renesas_usb3: fix Pn_RAMMAP.Pn_MPKT value
usb: gadget: udc: renesas_usb3: Fix return value of usb3_write_pipe()
usb-storage: unusual_devs entry to fix write-access regression for Seagate external drives
usb-storage: fix bogus hardware error messages for ATA pass-thru devices
usb: renesas_usbhs: fix the BCLR setting condition for non-DCP pipe
usb: renesas_usbhs: fix usbhsf_fifo_clear() for RX direction
ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor
usb: pci-quirks.c: Corrected timeout values used in handshake
USB: cdc-wdm: ignore -EPIPE from GetEncapsulatedResponse
USB: dummy-hcd: fix connection failures (wrong speed)
USB: dummy-hcd: fix infinite-loop resubmission bug
USB: dummy-hcd: Fix erroneous synchronization change
USB: devio: Don't corrupt user memory
usb: gadget: mass_storage: set msg_registered after msg registered
USB: g_mass_storage: Fix deadlock when driver is unbound
USB: uas: fix bug in handling of alternate settings
USB: core: harden cdc_parse_cdc_header
usb: Increase quirk delay for USB devices
USB: fix out-of-bounds in usb_set_configuration
xhci: fix finding correct bus_state structure for USB 3.1 hosts
xhci: Fix sleeping with spin_lock_irq() held in ASmedia 1042A workaround
xhci: set missing SuperSpeedPlus Link Protocol bit in roothub descriptor
Revert "xhci: Limit USB2 port wake support for AMD Promontory hosts"
iio: adc: twl4030: Fix an error handling path in 'twl4030_madc_probe()'
iio: adc: twl4030: Disable the vusb3v1 rugulator in the error handling path of 'twl4030_madc_probe()'
iio: ad_sigma_delta: Implement a dedicated reset function
staging: iio: ad7192: Fix - use the dedicated reset function avoiding dma from stack.
iio: core: Return error for failed read_reg
IIO: BME280: Updates to Humidity readings need ctrl_reg write!
iio: ad7793: Fix the serial interface reset
iio: adc: mcp320x: Fix readout of negative voltages
iio: adc: mcp320x: Fix oops on module unload
uwb: properly check kthread_run return value
uwb: ensure that endpoint is interrupt
staging: vchiq_2835_arm: Fix NULL ptr dereference in free_pagelist
mm, oom_reaper: skip mm structs with mmu notifiers
lib/ratelimit.c: use deferred printk() version
lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
ALSA: compress: Remove unused variable
Revert "ALSA: echoaudio: purge contradictions between dimension matrix members and total number of members"
ALSA: usx2y: Suppress kernel warning at page allocation failures
mlxsw: spectrum: Prevent mirred-related crash on removal
net: sched: fix use-after-free in tcf_action_destroy and tcf_del_walker
sctp: potential read out of bounds in sctp_ulpevent_type_enabled()
tcp: update skb->skb_mstamp more carefully
bpf/verifier: reject BPF_ALU64|BPF_END
tcp: fix data delivery rate
udpv6: Fix the checksum computation when HW checksum does not apply
ip6_gre: skb_push ipv6hdr before packing the header in ip6gre_header
net: phy: Fix mask value write on gmii2rgmii converter speed register
ip6_tunnel: do not allow loading ip6_tunnel if ipv6 is disabled in cmdline
net/sched: cls_matchall: fix crash when used with classful qdisc
tcp: fastopen: fix on syn-data transmit failure
net: emac: Fix napi poll list corruption
packet: hold bind lock when rebinding to fanout hook
bpf: one perf event close won't free bpf program attached by another perf event
isdn/i4l: fetch the ppp_write buffer in one shot
net_sched: always reset qdisc backlog in qdisc_reset()
net: qcom/emac: specify the correct size when mapping a DMA buffer
vti: fix use after free in vti_tunnel_xmit/vti6_tnl_xmit
l2tp: Avoid schedule while atomic in exit_net
l2tp: fix race condition in l2tp_tunnel_delete
tun: bail out from tun_get_user() if the skb is empty
net: dsa: Fix network device registration order
packet: in packet_do_bind, test fanout with bind_lock held
packet: only test po->has_vnet_hdr once in packet_snd
net: Set sk_prot_creator when cloning sockets to the right proto
netlink: do not proceed if dump's start() errs
ip6_gre: ip6gre_tap device should keep dst
ip6_tunnel: update mtu properly for ARPHRD_ETHER tunnel device in tx path
tipc: use only positive error codes in messages
net: rtnetlink: fix info leak in RTM_GETSTATS call
socket, bpf: fix possible use after free
powerpc/64s: Use emergency stack for kernel TM Bad Thing program checks
powerpc/tm: Fix illegal TM state in signal handler
percpu: make this_cpu_generic_read() atomic w.r.t. interrupts
driver core: platform: Don't read past the end of "driver_override" buffer
Drivers: hv: fcopy: restore correct transfer length
stm class: Fix a use-after-free
ftrace: Fix kmemleak in unregister_ftrace_graph
HID: i2c-hid: allocate hid buffers for real worst case
HID: wacom: leds: Don't try to control the EKR's read-only LEDs
HID: wacom: Always increment hdev refcount within wacom_get_hdev_data
HID: wacom: bits shifted too much for 9th and 10th buttons
rocker: fix rocker_tlv_put_* functions for KASAN
netlink: fix nla_put_{u8,u16,u32} for KASAN
iwlwifi: mvm: use IWL_HCMD_NOCOPY for MCAST_FILTER_CMD
iwlwifi: add workaround to disable wide channels in 5GHz
scsi: sd: Do not override max_sectors_kb sysfs setting
brcmfmac: add length check in brcmf_cfg80211_escan_handler()
brcmfmac: setup passive scan if requested by user-space
drm/i915/bios: ignore HDMI on port A
nvme-pci: Use PCI bus address for data/queues in CMB
mmc: core: add driver strength selection when selecting hs400es
sched/cpuset/pm: Fix cpuset vs. suspend-resume bugs
vfs: deny copy_file_range() for non regular files
ext4: fix data corruption for mmap writes
ext4: Don't clear SGID when inheriting ACLs
ext4: don't allow encrypted operations without keys
f2fs: don't allow encrypted operations without keys
KVM: x86: fix singlestepping over syscall
Linux 4.9.55
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Yonghong Song
|
0dee549f79 |
bpf: one perf event close won't free bpf program attached by another perf event
[ Upstream commit ec9dd352d591f0c90402ec67a317c1ed4fb2e638 ]
This patch fixes a bug exhibited by the following scenario:
1. fd1 = perf_event_open with attr.config = ID1
2. attach bpf program prog1 to fd1
3. fd2 = perf_event_open with attr.config = ID1
<this will be successful>
4. user program closes fd2 and prog1 is detached from the tracepoint.
5. user program with fd1 does not work properly as tracepoint
no output any more.
The issue happens at step 4. Multiple perf_event_open can be called
successfully, but only one bpf prog pointer in the tp_event. In the
current logic, any fd release for the same tp_event will free
the tp_event->prog.
The fix is to free tp_event->prog only when the closing fd
corresponds to the one which registered the program.
Signed-off-by: Yonghong Song <yhs@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Kyle Yan
|
7d337cc7f9 |
Merge remote-tracking branch '4.9/tmp-85e1c01' into 4.9
* 4.9/tmp-85e1c01:
Linux 4.9.48
epoll: fix race between ep_poll_callback(POLLFREE) and ep_free()/ep_remove()
kvm: arm/arm64: Force reading uncached stage2 PGD
drm/ttm: Fix accounting error when fail to get pages for pool
xfrm: policy: check policy direction value
lib/mpi: kunmap after finishing accessing buffer
wl1251: add a missing spin_lock_init()
CIFS: remove endian related sparse warning
CIFS: Fix maximum SMB2 header size
alpha: uapi: Add support for __SANE_USERSPACE_TYPES__
cpuset: Fix incorrect memory_pressure control file mapping
cpumask: fix spurious cpumask_of_node() on non-NUMA multi-node configs
ceph: fix readpage from fscache
mm, madvise: ensure poisoned pages are removed from per-cpu lists
mm, uprobes: fix multiple free of ->uprobes_state.xol_area
crypto: algif_skcipher - only call put_page on referenced and used pages
i2c: ismt: Return EMSGSIZE for block reads with bogus length
i2c: ismt: Don't duplicate the receive length for block reads
irqchip: mips-gic: SYNC after enabling GIC region
ANDROID: fiq_debugger: Fix minor bug in code
ANDROID: configs: remove requirement for CONFIG_SYNC
FROMLIST: binder: fix an ret value override
FROMLIST: binder: fix memory corruption in binder_transaction binder
Linux 4.9.47
lz4: fix bogus gcc warning
scsi: sg: reset 'res_in_use' after unlinking reserved array
scsi: sg: protect accesses to 'reserved' page array
locking/spinlock/debug: Remove spinlock lockup detection code
arm64: fpsimd: Prevent registers leaking across exec
x86/io: Add "memory" clobber to insb/insw/insl/outsb/outsw/outsl
arm64: mm: abort uaccess retries upon fatal signal
kvm: arm/arm64: Fix race in resetting stage2 PGD
gcov: support GCC 7.1
staging: wilc1000: simplify vif[i]->ndev accesses
scsi: isci: avoid array subscript warning
p54: memset(0) whole array
FROMLIST: android: binder: Add page usage in binder stats
FROMLIST: android: binder: Add shrinker tracepoints
FROMLIST: android: binder: Add global lru shrinker to binder
FROMLIST: android: binder: Move buffer out of area shared with user space
FROMLIST: android: binder: Add allocator selftest
FROMLIST: android: binder: Refactor prev and next buffer into a helper function
android: android-base.config: enable IP6_NF_MATCH_RPFILTER
Linux 4.9.46
powerpc/mm: Ensure cpumask update is ordered
ACPI: EC: Fix regression related to wrong ECDT initialization order
ACPI / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal
ACPI: ioapic: Clear on-stack resource before using it
ntb: transport shouldn't disable link due to bogus values in SPADs
ntb: ntb_test: ensure the link is up before trying to configure the mws
ntb: no sleep in ntb_async_tx_submit
NTB: ntb_test: fix bug printing ntb_perf results
ntb_transport: fix bug calculating num_qps_mw
ntb_transport: fix qp count bug
Clarify (and fix) MAX_LFS_FILESIZE macros
staging: rtl8188eu: add RNX-N150NUB support
iio: hid-sensor-trigger: Fix the race with user space powering up sensors
iio: imu: adis16480: Fix acceleration scale factor for adis16480
ANDROID: binder: fix proc->tsk check.
binder: Use wake up hint for synchronous transactions.
binder: use group leader instead of open thread
Revert "android: binder: Sanity check at binder ioctl"
Bluetooth: bnep: fix possible might sleep error in bnep_session
Bluetooth: cmtp: fix possible might sleep error in cmtp_session
Bluetooth: hidp: fix possible might sleep error in hidp_session_thread
netfilter: nat: fix src map lookup
Revert "leds: handle suspend/resume in heartbeat trigger"
net: sunrpc: svcsock: fix NULL-pointer exception
x86/mm: Fix use-after-free of ldt_struct
timers: Fix excessive granularity of new timers after a nohz idle
perf/x86/intel/rapl: Make package handling more robust
perf probe: Fix --funcs to show correct symbols for offline module
perf/core: Fix group {cpu,task} validation
ftrace: Check for null ret_stack on profile function graph entry function
nfsd: Limit end of page list when decoding NFSv4 WRITE
cifs: return ENAMETOOLONG for overlong names in cifs_open()/cifs_lookup()
cifs: Fix df output for users with quota limits
kbuild: linker script do not match C names unless LD_DEAD_CODE_DATA_ELIMINATION is configured
tracing: Fix freeing of filter in create_filter() when set_str is false
tracing: Fix kmemleak in tracing_map_array_free()
tracing: Call clear_boot_tracer() at lateinit_sync
drm: rcar-du: Fix H/V sync signal polarity configuration
drm: rcar-du: Fix display timing controller parameter
drm: rcar-du: Fix crash in encoder failure error path
drm/atomic: If the atomic check fails, return its value first
drm: Release driver tracking before making the object available again
mm/memblock.c: reversed logic in memblock_discard()
fork: fix incorrect fput of ->exe_file causing use-after-free
mm/madvise.c: fix freeing of locked page with MADV_FREE
i2c: designware: Fix system suspend
mm, shmem: fix handling /sys/kernel/mm/transparent_hugepage/shmem_enabled
ARCv2: PAE40: Explicitly set MSB counterpart of SLC region ops addresses
ALSA: firewire: fix NULL pointer dereference when releasing uninitialized data of iso-resource
ALSA: hda - Add stereo mic quirk for Lenovo G50-70 (17aa:3978)
ALSA: core: Fix unexpected error at replacing user TLV
ALSA: usb-audio: Add delay quirk for H650e/Jabra 550a USB headsets
KVM: x86: block guest protection keys unless the host has them enabled
KVM: s390: sthyi: fix specification exception detection
KVM: s390: sthyi: fix sthyi inline assembly
Input: ALPS - fix two-finger scroll breakage in right side on ALPS touchpad
Input: elan_i2c - add ELAN0602 ACPI ID to support Lenovo Yoga310
Input: trackpoint - add new trackpoint firmware ID
bpf/verifier: fix min/max handling in BPF_SUB
bpf: fix mixed signed/unsigned derived min/max value bounds
bpf, verifier: fix alu ops against map_value{, _adj} register types
bpf: adjust verifier heuristics
bpf, verifier: add additional patterns to evaluate_reg_imm_alu
net_sched: fix order of queue length updates in qdisc_replace()
net: sched: fix NULL pointer dereference when action calls some targets
irda: do not leak initialized list.dev to userspace
net/mlx4_core: Enable 4K UAR if SRIOV module parameter is not enabled
tcp: when rearming RTO, if RTO time is in past then fire RTO ASAP
ipv6: repair fib6 tree in failure case
ipv6: reset fn->rr_ptr when replacing route
tipc: fix use-after-free
sctp: fully initialize the IPv6 address in sctp_v6_to_addr()
nfp: fix infinite loop on umapping cleanup
ipv4: better IP_MAX_MTU enforcement
ptr_ring: use kmalloc_array()
openvswitch: fix skb_panic due to the incorrect actions attrlen
bpf: fix bpf_trace_printk on 32 bit archs
net_sched: remove warning from qdisc_hash_add
net_sched/sfq: update hierarchical backlog when drop packet
ipv4: fix NULL dereference in free_fib_info_rcu()
dccp: defer ccid_hc_tx_delete() at dismantle time
dccp: purge write queue in dccp_destroy_sock()
af_key: do not use GFP_KERNEL in atomic contexts
sparc64: remove unnecessary log message
ANDROID: NFC: st21nfca: Fix memory OOB and leak issues in connectivity events handler
Linux 4.9.45
usb: qmi_wwan: add D-Link DWM-222 device ID
usb: optimize acpi companion search for usb port devices
pids: make task_tgid_nr_ns() safe
Sanitize 'move_pages()' permission checks
genirq/ipi: Fixup checks against nr_cpu_ids
genirq: Restore trigger settings in irq_modify_status()
irqchip/atmel-aic: Fix unbalanced refcount in aic_common_rtc_irq_fixup()
irqchip/atmel-aic: Fix unbalanced of_node_put() in aic_common_irq_fixup()
x86/asm/64: Clear AC on NMI entries
xen-blkfront: use a right index when checking requests
powerpc: Fix VSX enabling/flushing to also test MSR_FP and MSR_VEC
blk-mq-pci: add a fallback when pci_irq_get_affinity returns NULL
xen: fix bio vec merging
mm: revert x86_64 and arm64 ELF_ET_DYN_BASE base changes
mm/mempolicy: fix use after free when calling get_mempolicy
mm: fix double mmap_sem unlock on MMF_UNSTABLE enforced SIGBUS
mm: discard memblock data later
ALSA: usb-audio: Add mute TLV for playback volumes on C-Media devices
ALSA: usb-audio: Apply sample rate quirk to Sennheiser headset
ALSA: seq: 2nd attempt at fixing race creating a queue
Input: elan_i2c - Add antoher Lenovo ACPI ID for upcoming Lenovo NB
Input: elan_i2c - add ELAN0608 to the ACPI table
crypto: x86/sha1 - Fix reads beyond the number of blocks passed
crypto: ixp4xx - Fix error handling path in 'aead_perform()'
parisc: pci memory bar assignment fails with 64bit kernels on dino/cujo
audit: Fix use after free in audit_remove_watch_rule()
netfilter: nf_ct_ext: fix possible panic after nf_ct_extend_unregister
ANDROID: check dir value of xfrm_userpolicy_id
ANDROID: NFC: Fix possible memory corruption when handling SHDLC I-Frame commands
ANDROID: nfc: fdp: Fix possible buffer overflow in WCS4000 NFC driver
ANDROID: NFC: st21nfca: Fix out of bounds kernel access when handling ATR_REQ
ANDROID: usb: gadget: assign no-op request complete callbacks
ANDROID: usb: gadget: configfs: fix null ptr in android_disconnect
ANDROID: uid_sys_stats: Fix implicit declaration of get_cmdline()
uid_sys_stats: log task io with a debug flag
Linux 4.9.44
MIPS: DEC: Fix an int-handler.S CPU_DADDI_WORKAROUNDS regression
pinctrl: meson-gxbb: Add missing GPIODV_18 pin entry
pinctrl: samsung: Remove bogus irq_[un]mask from resource management
pinctrl: uniphier: fix WARN_ON() of pingroups dump on LD20
pinctrl: uniphier: fix WARN_ON() of pingroups dump on LD11
pinctrl: intel: merrifield: Correct UART pin lists
pinctrl: sunxi: add a missing function of A10/A20 pinctrl driver
pnfs/blocklayout: require 64-bit sector_t
iio: adc: vf610_adc: Fix VALT selection value for REFSEL bits
usb:xhci:Add quirk for Certain failing HP keyboard on reset after resume
usb: quirks: Add no-lpm quirk for Moshi USB to Ethernet Adapter
usb: core: unlink urbs from the tail of the endpoint's urb_list
USB: Check for dropped connection before switching to full speed
usb: renesas_usbhs: Fix UGCTRL2 value for R-Car Gen3
usb: gadget: udc: renesas_usb3: Fix usb_gadget_giveback_request() calling
uas: Add US_FL_IGNORE_RESIDUE for Initio Corporation INIC-3069
staging: comedi: comedi_fops: do not call blocking ops when !TASK_RUNNING
iio: light: tsl2563: use correct event code
iio: accel: bmc150: Always restore device to normal mode after suspend-resume
staging:iio:resolver:ad2s1210 fix negative IIO_ANGL_VEL read
USB: hcd: Mark secondary HCD as dead if the primary one died
usb: musb: fix tx fifo flush handling again
USB: serial: pl2303: add new ATEN device id
USB: serial: cp210x: add support for Qivicon USB ZigBee dongle
USB: serial: option: add D-Link DWM-222 device ID
drm/i915: Fix out-of-bounds array access in bdw_load_gamma_lut
drm/etnaviv: Fix off-by-one error in reloc checking
nfs/flexfiles: fix leak of nfs4_ff_ds_version arrays
mmc: mmc: correct the logic for setting HS400ES signal voltage
nand: fix wrong default oob layout for small pages using soft ecc
fuse: initialize the flock flag in fuse_file on allocation
target: Fix node_acl demo-mode + uncached dynamic shutdown regression
iscsi-target: Fix iscsi_np reset hung task during parallel delete
iscsi-target: fix memory leak in iscsit_setup_text_cmd()
mtd: nand: Fix timing setup for NANDs that do not support SET FEATURES
xtensa: don't limit csum_partial export by CONFIG_NET
xtensa: mm/cache: add missing EXPORT_SYMBOLs
xtensa: fix cache aliasing handling code for WT cache
futex: Remove unnecessary warning from get_futex_key
mm: fix list corruptions on shmem shrinklist
mm: ratelimit PFNs busy info message
ANDROID: Use sk_uid to replace uid get from socket file
Linux 4.9.43
Revert "ARM: dts: sun8i: Support DTB build for NanoPi M1"
KVM: arm/arm64: Handle hva aging while destroying the vm
sparc64: Prevent perf from running during super critical sections
udp: consistently apply ufo or fragmentation
revert "ipv4: Should use consistent conditional judgement for ip fragment in __ip_append_data and ip_finish_output"
revert "net: account for current skb length when deciding about UFO"
packet: fix tp_reserve race in packet_set_ring
igmp: Fix regression caused by igmp sysctl namespace code.
net: avoid skb_warn_bad_offload false positives on UFO
tcp: fastopen: tcp_connect() must refresh the route
net: sched: set xt_tgchk_param par.nft_compat as 0 in ipt_init_target
net/mlx4_en: don't set CHECKSUM_COMPLETE on SCTP packets
bpf, s390: fix jit branch offset related to ldimm64
net: fix keepalive code vs TCP_FASTOPEN_CONNECT
tcp: avoid setting cwnd to invalid ssthresh after cwnd reduction states
ppp: fix xmit recursion detection on ppp channels
ppp: Fix false xmit recursion detect with two ppp devices
Linux 4.9.42
workqueue: implicit ordered attribute should be overridable
net: phy: Fix PHY unbind crash
net: account for current skb length when deciding about UFO
ipv4: Should use consistent conditional judgement for ip fragment in __ip_append_data and ip_finish_output
net/mlx5: E-Switch, Re-enable RoCE on mode change only after FDB destroy
mm: don't dereference struct page fields of invalid pages
signal: protect SIGNAL_UNKILLABLE from unintentional clearing.
lib/Kconfig.debug: fix frv build failure
mm, slab: make sure that KMALLOC_MAX_SIZE will fit into MAX_ORDER
ARM: 8632/1: ftrace: fix syscall name matching
virtio_blk: fix panic in initialization error path
nbd: blk_mq_init_queue returns an error code on failure, not NULL
iw_cxgb4: do not send RX_DATA_ACK CPLs after close/abort
ARM: dts: sunxi: Change node name for pwrseq pin on Olinuxino-lime2-emmc
ARM: dts: sun8i: Support DTB build for NanoPi M1
drm/virtio: fix framebuffer sparse warning
scsi: qla2xxx: Get mutex lock before checking optrom_state
clk/samsung: exynos542x: mark some clocks as critical
ipv4: make tcp_notsent_lowat sysctl knob behave as true unsigned int
phy state machine: failsafe leave invalid RUNNING state
netfilter: use fwmark_reflect in nf_send_reset
ASoC: rt5645: set sel_i2s_pre_div1 to 2
spi: spi-axi: Free resources on error path
x86/boot: Add missing declaration of string functions
tg3: Fix race condition in tg3_get_stats64().
net: phy: dp83867: fix irq generation
sh_eth: R8A7740 supports packet shecksumming
sh_eth: fix EESIPR values for SH77{34|63}
wext: handle NULL extra data in iwe_stream_add_point better
sparc64: Fix exception handling in UltraSPARC-III memcpy.
sparc64: Measure receiver forward progress to avoid send mondo timeout
xen-netback: correctly schedule rate-limited queues
net: phy: Correctly process PHY_HALTED in phy_stop_machine()
net/mlx5e: Schedule overflow check work to mlx5e workqueue
net/mlx5e: Fix wrong delay calculation for overflow check scheduling
net/mlx5e: Fix outer_header_zero() check size
net/mlx5: Fix command bad flow on command entry allocation failure
net/mlx5: Consider tx_enabled in all modes on remap
sctp: fix the check for _sctp_walk_params and _sctp_walk_errors
sctp: don't dereference ptr before leaving _sctp_walk_{params, errors}()
dccp: fix a memleak for dccp_feat_init err process
dccp: fix a memleak that dccp_ipv4 doesn't put reqsk properly
dccp: fix a memleak that dccp_ipv6 doesn't put reqsk properly
net: ethernet: nb8800: Handle all 4 RGMII modes identically
ipv6: Don't increase IPSTATS_MIB_FRAGFAILS twice in ip6_fragment()
packet: fix use-after-free in prb_retire_rx_blk_timer_expired()
openvswitch: fix potential out of bound access in parse_ct
mcs7780: Fix initialization when CONFIG_VMAP_STACK is enabled
rtnetlink: allocate more memory for dev_set_mac_address()
ipv4: initialize fib_trie prior to register_netdev_notifier call.
net: dsa: b53: Add missing ARL entries for BCM53125
ipv6: avoid overflow of offset in ip6_find_1stfragopt
net: Zero terminate ifr_name in dev_ifname().
ipv4: ipv6: initialize treq->txhash in cookie_v[46]_check()
tcp_bbr: init pacing rate on first RTT sample
tcp_bbr: remove sk_pacing_rate=0 transient during init
tcp_bbr: introduce bbr_init_pacing_rate_from_rtt() helper
tcp_bbr: introduce bbr_bw_to_pacing_rate() helper
tcp_bbr: cut pacing rate only if filled pipe
saa7164: fix double fetch PCIe access condition
Btrfs: fix early ENOSPC due to delalloc
f2fs: sanity check checkpoint segno and blkoff
media: lirc: LIRC_GET_REC_RESOLUTION should return microseconds
mmc: core: Use device_property_read instead of of_property_read
mmc: dw_mmc: Use device_property_read instead of of_property_read
iscsi-target: Fix initial login PDU asynchronous socket close OOPs
media: platform: davinci: return -EINVAL for VPFE_CMD_S_CCDC_RAW_PARAMS ioctl
ARM: dts: tango4: Request RGMII RX and TX clock delays
ARM: dts: armada-38x: Fix irq type for pca955
ext4: fix overflow caused by missing cast in ext4_resize_fs()
ext4: fix SEEK_HOLE/SEEK_DATA for blocksize < pagesize
gpiolib: skip unwanted events, don't convert them to opposite edge
iommu/amd: Enable ga_log_intr when enabling guest_mode
powerpc/64: Fix __check_irq_replay missing decrementer interrupt
powerpc/tm: Fix saving of TM SPRs in core dump
timers: Fix overflow in get_next_timer_interrupt
mm/page_alloc: Remove kernel address exposure in free_reserved_area()
KVM: async_pf: make rcu irq exit if not triggered from idle task
ASoC: do not close shared backend dailink
drm/amdgpu: Fix undue fallthroughs in golden registers initialization
ALSA: hda - Fix speaker output from VAIO VPCL14M1R
cpuset: fix a deadlock due to incomplete patching of cpusets_enabled()
mm, mprotect: flush TLB if potentially racing with a parallel reclaim leaving stale TLB entries
mmc: core: Fix access to HS400-ES devices
device property: Make dev_fwnode() public
mmc: sdhci-of-at91: force card detect value for non removable devices
NFSv4: Fix EXCHANGE_ID corrupt verifier issue
brcmfmac: fix memleak due to calling brcmf_sdiod_sgtable_alloc() twice
iwlwifi: dvm: prevent an out of bounds access
workqueue: restore WQ_UNBOUND/max_active==1 to be ordered
libata: array underflow in ata_find_dev()
cgroup: fix error return value from cgroup_subtree_control()
cgroup: create dfl_root files on subsys registration
parisc: Handle vma's whose context is not current in flush_cache_range
ANDROID: binder: don't queue async transactions to thread.
ANDROID: binder: don't enqueue death notifications to thread todo.
ANDROID: binder: call poll_wait() unconditionally.
ANDROID: keychord: Fix for a memory leak in keychord.
ANDROID: keychord: Fix races in keychord_write.
android: configs: move quota-related configs to recommended
ANDROID: sdcardfs: override credential for ioctl to lower fs
ANDROID: xt_qtaguid: handle properly request sockets
Conflicts:
drivers/staging/android/fiq_debugger/fiq_debugger.c
include/linux/sched.h
kernel/locking/spinlock_debug.c
sound/soc/soc-pcm.c
Change-Id: I163a8c98f1737eeb01b9c8a0636a91d552ef349f
Signed-off-by: Kyle Yan <kyan@codeaurora.org>
|
||
|
Greg Kroah-Hartman
|
c491afc9ee |
Merge 4.9.48 into android-4.9-o
Changes in 4.9.48 irqchip: mips-gic: SYNC after enabling GIC region i2c: ismt: Don't duplicate the receive length for block reads i2c: ismt: Return EMSGSIZE for block reads with bogus length crypto: algif_skcipher - only call put_page on referenced and used pages mm, uprobes: fix multiple free of ->uprobes_state.xol_area mm, madvise: ensure poisoned pages are removed from per-cpu lists ceph: fix readpage from fscache cpumask: fix spurious cpumask_of_node() on non-NUMA multi-node configs cpuset: Fix incorrect memory_pressure control file mapping alpha: uapi: Add support for __SANE_USERSPACE_TYPES__ CIFS: Fix maximum SMB2 header size CIFS: remove endian related sparse warning wl1251: add a missing spin_lock_init() lib/mpi: kunmap after finishing accessing buffer xfrm: policy: check policy direction value drm/ttm: Fix accounting error when fail to get pages for pool kvm: arm/arm64: Force reading uncached stage2 PGD epoll: fix race between ep_poll_callback(POLLFREE) and ep_free()/ep_remove() Linux 4.9.48 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Greg Kroah-Hartman
|
85e1c0178a |
Merge 4.9.48 into android-4.9
Changes in 4.9.48 irqchip: mips-gic: SYNC after enabling GIC region i2c: ismt: Don't duplicate the receive length for block reads i2c: ismt: Return EMSGSIZE for block reads with bogus length crypto: algif_skcipher - only call put_page on referenced and used pages mm, uprobes: fix multiple free of ->uprobes_state.xol_area mm, madvise: ensure poisoned pages are removed from per-cpu lists ceph: fix readpage from fscache cpumask: fix spurious cpumask_of_node() on non-NUMA multi-node configs cpuset: Fix incorrect memory_pressure control file mapping alpha: uapi: Add support for __SANE_USERSPACE_TYPES__ CIFS: Fix maximum SMB2 header size CIFS: remove endian related sparse warning wl1251: add a missing spin_lock_init() lib/mpi: kunmap after finishing accessing buffer xfrm: policy: check policy direction value drm/ttm: Fix accounting error when fail to get pages for pool kvm: arm/arm64: Force reading uncached stage2 PGD epoll: fix race between ep_poll_callback(POLLFREE) and ep_free()/ep_remove() Linux 4.9.48 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Eric Biggers
|
17c564f629 |
mm, uprobes: fix multiple free of ->uprobes_state.xol_area
commit 355627f518978b5167256d27492fe0b343aaf2f2 upstream. Commit |
||
|
Linux Build Service Account
|
8299e7ae7d | Merge "perf: protect group_leader from races that cause ctx double-free" | ||
|
Greg Kroah-Hartman
|
2832a12b3f |
Merge 4.9.46 into android-4.9-o
Changes in 4.9.46
sparc64: remove unnecessary log message
af_key: do not use GFP_KERNEL in atomic contexts
dccp: purge write queue in dccp_destroy_sock()
dccp: defer ccid_hc_tx_delete() at dismantle time
ipv4: fix NULL dereference in free_fib_info_rcu()
net_sched/sfq: update hierarchical backlog when drop packet
net_sched: remove warning from qdisc_hash_add
bpf: fix bpf_trace_printk on 32 bit archs
openvswitch: fix skb_panic due to the incorrect actions attrlen
ptr_ring: use kmalloc_array()
ipv4: better IP_MAX_MTU enforcement
nfp: fix infinite loop on umapping cleanup
sctp: fully initialize the IPv6 address in sctp_v6_to_addr()
tipc: fix use-after-free
ipv6: reset fn->rr_ptr when replacing route
ipv6: repair fib6 tree in failure case
tcp: when rearming RTO, if RTO time is in past then fire RTO ASAP
net/mlx4_core: Enable 4K UAR if SRIOV module parameter is not enabled
irda: do not leak initialized list.dev to userspace
net: sched: fix NULL pointer dereference when action calls some targets
net_sched: fix order of queue length updates in qdisc_replace()
bpf, verifier: add additional patterns to evaluate_reg_imm_alu
bpf: adjust verifier heuristics
bpf, verifier: fix alu ops against map_value{, _adj} register types
bpf: fix mixed signed/unsigned derived min/max value bounds
bpf/verifier: fix min/max handling in BPF_SUB
Input: trackpoint - add new trackpoint firmware ID
Input: elan_i2c - add ELAN0602 ACPI ID to support Lenovo Yoga310
Input: ALPS - fix two-finger scroll breakage in right side on ALPS touchpad
KVM: s390: sthyi: fix sthyi inline assembly
KVM: s390: sthyi: fix specification exception detection
KVM: x86: block guest protection keys unless the host has them enabled
ALSA: usb-audio: Add delay quirk for H650e/Jabra 550a USB headsets
ALSA: core: Fix unexpected error at replacing user TLV
ALSA: hda - Add stereo mic quirk for Lenovo G50-70 (17aa:3978)
ALSA: firewire: fix NULL pointer dereference when releasing uninitialized data of iso-resource
ARCv2: PAE40: Explicitly set MSB counterpart of SLC region ops addresses
mm, shmem: fix handling /sys/kernel/mm/transparent_hugepage/shmem_enabled
i2c: designware: Fix system suspend
mm/madvise.c: fix freeing of locked page with MADV_FREE
fork: fix incorrect fput of ->exe_file causing use-after-free
mm/memblock.c: reversed logic in memblock_discard()
drm: Release driver tracking before making the object available again
drm/atomic: If the atomic check fails, return its value first
drm: rcar-du: Fix crash in encoder failure error path
drm: rcar-du: Fix display timing controller parameter
drm: rcar-du: Fix H/V sync signal polarity configuration
tracing: Call clear_boot_tracer() at lateinit_sync
tracing: Fix kmemleak in tracing_map_array_free()
tracing: Fix freeing of filter in create_filter() when set_str is false
kbuild: linker script do not match C names unless LD_DEAD_CODE_DATA_ELIMINATION is configured
cifs: Fix df output for users with quota limits
cifs: return ENAMETOOLONG for overlong names in cifs_open()/cifs_lookup()
nfsd: Limit end of page list when decoding NFSv4 WRITE
ftrace: Check for null ret_stack on profile function graph entry function
perf/core: Fix group {cpu,task} validation
perf probe: Fix --funcs to show correct symbols for offline module
perf/x86/intel/rapl: Make package handling more robust
timers: Fix excessive granularity of new timers after a nohz idle
x86/mm: Fix use-after-free of ldt_struct
net: sunrpc: svcsock: fix NULL-pointer exception
Revert "leds: handle suspend/resume in heartbeat trigger"
netfilter: nat: fix src map lookup
Bluetooth: hidp: fix possible might sleep error in hidp_session_thread
Bluetooth: cmtp: fix possible might sleep error in cmtp_session
Bluetooth: bnep: fix possible might sleep error in bnep_session
Revert "android: binder: Sanity check at binder ioctl"
binder: use group leader instead of open thread
binder: Use wake up hint for synchronous transactions.
ANDROID: binder: fix proc->tsk check.
iio: imu: adis16480: Fix acceleration scale factor for adis16480
iio: hid-sensor-trigger: Fix the race with user space powering up sensors
staging: rtl8188eu: add RNX-N150NUB support
Clarify (and fix) MAX_LFS_FILESIZE macros
ntb_transport: fix qp count bug
ntb_transport: fix bug calculating num_qps_mw
NTB: ntb_test: fix bug printing ntb_perf results
ntb: no sleep in ntb_async_tx_submit
ntb: ntb_test: ensure the link is up before trying to configure the mws
ntb: transport shouldn't disable link due to bogus values in SPADs
ACPI: ioapic: Clear on-stack resource before using it
ACPI / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal
ACPI: EC: Fix regression related to wrong ECDT initialization order
powerpc/mm: Ensure cpumask update is ordered
Linux 4.9.46
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Greg Kroah-Hartman
|
a3840b1234 |
Merge 4.9.46 into android-4.9
Changes in 4.9.46
sparc64: remove unnecessary log message
af_key: do not use GFP_KERNEL in atomic contexts
dccp: purge write queue in dccp_destroy_sock()
dccp: defer ccid_hc_tx_delete() at dismantle time
ipv4: fix NULL dereference in free_fib_info_rcu()
net_sched/sfq: update hierarchical backlog when drop packet
net_sched: remove warning from qdisc_hash_add
bpf: fix bpf_trace_printk on 32 bit archs
openvswitch: fix skb_panic due to the incorrect actions attrlen
ptr_ring: use kmalloc_array()
ipv4: better IP_MAX_MTU enforcement
nfp: fix infinite loop on umapping cleanup
sctp: fully initialize the IPv6 address in sctp_v6_to_addr()
tipc: fix use-after-free
ipv6: reset fn->rr_ptr when replacing route
ipv6: repair fib6 tree in failure case
tcp: when rearming RTO, if RTO time is in past then fire RTO ASAP
net/mlx4_core: Enable 4K UAR if SRIOV module parameter is not enabled
irda: do not leak initialized list.dev to userspace
net: sched: fix NULL pointer dereference when action calls some targets
net_sched: fix order of queue length updates in qdisc_replace()
bpf, verifier: add additional patterns to evaluate_reg_imm_alu
bpf: adjust verifier heuristics
bpf, verifier: fix alu ops against map_value{, _adj} register types
bpf: fix mixed signed/unsigned derived min/max value bounds
bpf/verifier: fix min/max handling in BPF_SUB
Input: trackpoint - add new trackpoint firmware ID
Input: elan_i2c - add ELAN0602 ACPI ID to support Lenovo Yoga310
Input: ALPS - fix two-finger scroll breakage in right side on ALPS touchpad
KVM: s390: sthyi: fix sthyi inline assembly
KVM: s390: sthyi: fix specification exception detection
KVM: x86: block guest protection keys unless the host has them enabled
ALSA: usb-audio: Add delay quirk for H650e/Jabra 550a USB headsets
ALSA: core: Fix unexpected error at replacing user TLV
ALSA: hda - Add stereo mic quirk for Lenovo G50-70 (17aa:3978)
ALSA: firewire: fix NULL pointer dereference when releasing uninitialized data of iso-resource
ARCv2: PAE40: Explicitly set MSB counterpart of SLC region ops addresses
mm, shmem: fix handling /sys/kernel/mm/transparent_hugepage/shmem_enabled
i2c: designware: Fix system suspend
mm/madvise.c: fix freeing of locked page with MADV_FREE
fork: fix incorrect fput of ->exe_file causing use-after-free
mm/memblock.c: reversed logic in memblock_discard()
drm: Release driver tracking before making the object available again
drm/atomic: If the atomic check fails, return its value first
drm: rcar-du: Fix crash in encoder failure error path
drm: rcar-du: Fix display timing controller parameter
drm: rcar-du: Fix H/V sync signal polarity configuration
tracing: Call clear_boot_tracer() at lateinit_sync
tracing: Fix kmemleak in tracing_map_array_free()
tracing: Fix freeing of filter in create_filter() when set_str is false
kbuild: linker script do not match C names unless LD_DEAD_CODE_DATA_ELIMINATION is configured
cifs: Fix df output for users with quota limits
cifs: return ENAMETOOLONG for overlong names in cifs_open()/cifs_lookup()
nfsd: Limit end of page list when decoding NFSv4 WRITE
ftrace: Check for null ret_stack on profile function graph entry function
perf/core: Fix group {cpu,task} validation
perf probe: Fix --funcs to show correct symbols for offline module
perf/x86/intel/rapl: Make package handling more robust
timers: Fix excessive granularity of new timers after a nohz idle
x86/mm: Fix use-after-free of ldt_struct
net: sunrpc: svcsock: fix NULL-pointer exception
Revert "leds: handle suspend/resume in heartbeat trigger"
netfilter: nat: fix src map lookup
Bluetooth: hidp: fix possible might sleep error in hidp_session_thread
Bluetooth: cmtp: fix possible might sleep error in cmtp_session
Bluetooth: bnep: fix possible might sleep error in bnep_session
Revert "android: binder: Sanity check at binder ioctl"
binder: use group leader instead of open thread
binder: Use wake up hint for synchronous transactions.
ANDROID: binder: fix proc->tsk check.
iio: imu: adis16480: Fix acceleration scale factor for adis16480
iio: hid-sensor-trigger: Fix the race with user space powering up sensors
staging: rtl8188eu: add RNX-N150NUB support
Clarify (and fix) MAX_LFS_FILESIZE macros
ntb_transport: fix qp count bug
ntb_transport: fix bug calculating num_qps_mw
NTB: ntb_test: fix bug printing ntb_perf results
ntb: no sleep in ntb_async_tx_submit
ntb: ntb_test: ensure the link is up before trying to configure the mws
ntb: transport shouldn't disable link due to bogus values in SPADs
ACPI: ioapic: Clear on-stack resource before using it
ACPI / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal
ACPI: EC: Fix regression related to wrong ECDT initialization order
powerpc/mm: Ensure cpumask update is ordered
Linux 4.9.46
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Mark Rutland
|
bde6608dd6 |
perf/core: Fix group {cpu,task} validation
commit 64aee2a965cf2954a038b5522f11d2cd2f0f8f3e upstream.
Regardless of which events form a group, it does not make sense for the
events to target different tasks and/or CPUs, as this leaves the group
inconsistent and impossible to schedule. The core perf code assumes that
these are consistent across (successfully intialised) groups.
Core perf code only verifies this when moving SW events into a HW
context. Thus, we can violate this requirement for pure SW groups and
pure HW groups, unless the relevant PMU driver happens to perform this
verification itself. These mismatched groups subsequently wreak havoc
elsewhere.
For example, we handle watchpoints as SW events, and reserve watchpoint
HW on a per-CPU basis at pmu::event_init() time to ensure that any event
that is initialised is guaranteed to have a slot at pmu::add() time.
However, the core code only checks the group leader's cpu filter (via
event_filter_match()), and can thus install follower events onto CPUs
violating thier (mismatched) CPU filters, potentially installing them
into a CPU without sufficient reserved slots.
This can be triggered with the below test case, resulting in warnings
from arch backends.
#define _GNU_SOURCE
#include <linux/hw_breakpoint.h>
#include <linux/perf_event.h>
#include <sched.h>
#include <stdio.h>
#include <sys/prctl.h>
#include <sys/syscall.h>
#include <unistd.h>
static int perf_event_open(struct perf_event_attr *attr, pid_t pid, int cpu,
int group_fd, unsigned long flags)
{
return syscall(__NR_perf_event_open, attr, pid, cpu, group_fd, flags);
}
char watched_char;
struct perf_event_attr wp_attr = {
.type = PERF_TYPE_BREAKPOINT,
.bp_type = HW_BREAKPOINT_RW,
.bp_addr = (unsigned long)&watched_char,
.bp_len = 1,
.size = sizeof(wp_attr),
};
int main(int argc, char *argv[])
{
int leader, ret;
cpu_set_t cpus;
/*
* Force use of CPU0 to ensure our CPU0-bound events get scheduled.
*/
CPU_ZERO(&cpus);
CPU_SET(0, &cpus);
ret = sched_setaffinity(0, sizeof(cpus), &cpus);
if (ret) {
printf("Unable to set cpu affinity\n");
return 1;
}
/* open leader event, bound to this task, CPU0 only */
leader = perf_event_open(&wp_attr, 0, 0, -1, 0);
if (leader < 0) {
printf("Couldn't open leader: %d\n", leader);
return 1;
}
/*
* Open a follower event that is bound to the same task, but a
* different CPU. This means that the group should never be possible to
* schedule.
*/
ret = perf_event_open(&wp_attr, 0, 1, leader, 0);
if (ret < 0) {
printf("Couldn't open mismatched follower: %d\n", ret);
return 1;
} else {
printf("Opened leader/follower with mismastched CPUs\n");
}
/*
* Open as many independent events as we can, all bound to the same
* task, CPU0 only.
*/
do {
ret = perf_event_open(&wp_attr, 0, 0, -1, 0);
} while (ret >= 0);
/*
* Force enable/disble all events to trigger the erronoeous
* installation of the follower event.
*/
printf("Opened all events. Toggling..\n");
for (;;) {
prctl(PR_TASK_PERF_EVENTS_DISABLE, 0, 0, 0, 0);
prctl(PR_TASK_PERF_EVENTS_ENABLE, 0, 0, 0, 0);
}
return 0;
}
Fix this by validating this requirement regardless of whether we're
moving events.
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Zhou Chengming <zhouchengming1@huawei.com>
Link: http://lkml.kernel.org/r/1498142498-15758-1-git-send-email-mark.rutland@arm.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
John Dias
|
daf4560d30 |
perf: protect group_leader from races that cause ctx double-free
When moving a group_leader perf event from a software-context to a hardware-context, there's a race in checking and updating that context. The existing locking solution doesn't work; note that it tries to grab a lock inside the group_leader's context object, which you can only get at by going through a pointer that should be protected from these races. To avoid that problem, and to produce a simple solution, we can just use a lock per group_leader to protect all checks on the group_leader's context. The new lock is grabbed and released when no context locks are held. Bug: 30955111 Bug: 31095224 Change-Id: If37124c100ca6f4aa962559fba3bd5dbbec8e052 Git-repo: https://android.googlesource.com/kernel/msm Git-commit: 5b87e00be9ca28ea32cab49b92c0386e4a91f730 Signed-off-by: Dennis Cagle <d-cagle@codeaurora.org> |
||
|
John Dias
|
79124600b4 |
perf: don't leave group_entry on sibling list (use-after-free)
When perf_group_detach is called on a group leader, it should empty its sibling list. Otherwise, when a sibling is later deallocated, list_del_event() removes the sibling's group_entry from its current list, which can be the now-deallocated group leader's sibling list (use-after-free bug). Bug: 32402548 Change-Id: I99f6bc97c8518df1cb0035814368012ba72ab1f1 Signed-off-by: John Dias <joaodias@google.com> Git-repo: https://android.googlesource.com/kernel/msm Git-commit: 6b6cfb2362f09553b46b3b7e5684b16b6e53e373 Signed-off-by: Dennis Cagle <d-cagle@codeaurora.org> |
||
|
Patrick Fay
|
f7fa81669e |
Perf: core: create/delete shared kernel events
Frequently drivers want to monitor some event like L2 misses and cycles+instructions. If more than 1 driver wants to monitor the same event and the event attributes are the same then we can create just one instance of the event and let drivers share the event. Add shared event create and delete routines. Change-Id: Ided097bdbb832527f4c8c9ab32d361cc1caba1f0 Signed-off-by: Patrick Fay <pfay@codeaurora.org> |
||
|
Kyle Yan
|
3dfb68c8ba |
Merge remote-tracking branch '4.9/tmp-9ae2c67' into 4.9
* 4.9/tmp-9ae2c67:
Linux 4.9.40
alarmtimer: don't rate limit one-shot timers
tracing: Fix kmemleak in instance_rmdir
PM / Domains: defer dev_pm_domain_set() until genpd->attach_dev succeeds if present
reiserfs: Don't clear SGID when inheriting ACLs
spmi: Include OF based modalias in device uevent
of: device: Export of_device_{get_modalias, uvent_modalias} to modules
acpi/nfit: Fix memory corruption/Unregister mce decoder on failure
ovl: fix random return value on mount
hfsplus: Don't clear SGID when inheriting ACLs
mlx5: Avoid that mlx5_ib_sg_to_klms() overflows the klms[] array
drm/mst: Avoid processing partially received up/down message transactions
drm/mst: Avoid dereferencing a NULL mstb in drm_dp_mst_handle_up_req()
drm/mst: Fix error handling during MST sideband message reception
RDMA/core: Initialize port_num in qp_attr
ceph: fix race in concurrent readdir
staging: lustre: ko2iblnd: check copy_from_iter/copy_to_iter return code
staging: sm750fb: avoid conflicting vesafb
staging: comedi: ni_mio_common: fix AO timer off-by-one regression
staging: rtl8188eu: add TL-WN722N v2 support
Revert "perf/core: Drop kernel samples even though :u is specified"
perf annotate: Fix broken arrow at row 0 connecting jmp instruction to its target
iser-target: Avoid isert_conn->cm_id dereference in isert_login_recv_done
target: Fix COMPARE_AND_WRITE caw_sem leak during se_cmd quiesce
udf: Fix deadlock between writeback and udf_setsize()
NFS: only invalidate dentrys that are clearly invalid.
sunrpc: use constant time memory comparison for mac
IB/core: Namespace is mandatory input for address resolution
IB/iser: Fix connection teardown race condition
Input: i8042 - fix crash at boot time
MIPS: Fix a typo: s/preset/present/ in r2-to-r6 emulation error message
MIPS: Send SIGILL for R6 branches in `__compute_return_epc_for_insn'
MIPS: Send SIGILL for linked branches in `__compute_return_epc_for_insn'
MIPS: Rename `sigill_r6' to `sigill_r2r6' in `__compute_return_epc_for_insn'
MIPS: Send SIGILL for BPOSGE32 in `__compute_return_epc_for_insn'
MIPS: math-emu: Prevent wrong ISA mode instruction emulation
MIPS: Fix unaligned PC interpretation in `compute_return_epc'
MIPS: Actually decode JALX in `__compute_return_epc_for_insn'
MIPS: Save static registers before sysmips
MIPS: Fix MIPS I ISA /proc/cpuinfo reporting
x86/ioapic: Pass the correct data to unmask_ioapic_irq()
x86/acpi: Prevent out of bound access caused by broken ACPI tables
Revert "ACPI / EC: Enable event freeze mode..." to fix a regression
ACPI / EC: Drop EC noirq hooks to fix a regression
ubifs: Don't leak kernel memory to the MTD
MIPS: Negate error syscall return in trace
MIPS: Fix mips_atomic_set() with EVA
MIPS: Fix mips_atomic_set() retry condition
ftrace: Fix uninitialized variable in match_records()
nvme-rdma: remove race conditions from IB signalling
vfio: New external user group/file match
vfio: Fix group release deadlock
ovl: drop CAP_SYS_RESOURCE from saved mounter's credentials
drm/ttm: Fix use-after-free in ttm_bo_clean_mm
f2fs: Don't clear SGID when inheriting ACLs
f2fs: sanity check size of nat and sit cache
xfs: Don't clear SGID when inheriting ACLs
ipmi:ssif: Add missing unlock in error branch
ipmi: use rcu lock around call to intf->handlers->sender()
drm/radeon: Fix eDP for single-display iMac10,1 (v2)
drm/radeon/ci: disable mclk switching for high refresh rates (v2)
drm/amd/amdgpu: Return error if initiating read out of range on vram
s390/syscalls: Fix out of bounds arguments access
Raid5 should update rdev->sectors after reshape
ext2: Don't clear SGID when inheriting ACLs
libnvdimm: fix badblock range handling of ARS range
libnvdimm, btt: fix btt_rw_page not returning errors
cx88: Fix regression in initial video standard setting
x86/xen: allow userspace access during hypercalls
md: don't use flush_signals in userspace processes
usb: renesas_usbhs: gadget: disable all eps when the driver stops
usb: renesas_usbhs: fix usbhsc_resume() for !USBHSF_RUNTIME_PWCTRL
USB: cdc-acm: add device-id for quirky printer
usb: storage: return on error to avoid a null pointer dereference
mxl111sf: Fix driver to use heap allocate buffers for USB messages
xhci: Bad Ethernet performance plugged in ASM1042A host
xhci: Fix NULL pointer dereference when cleaning up streams for removed host
xhci: fix 20000ms port resume timeout
ipvs: SNAT packet replies only for NATed connections
PCI/PM: Restore the status of PCI devices across hibernation
PCI: rockchip: Use normal register bank for config accessors
PCI: Work around poweroff & suspend-to-RAM issue on Macbook Pro 11
af_key: Fix sadb_x_ipsecrequest parsing
powerpc/mm/radix: Properly clear process table entry
powerpc/asm: Mark cr0 as clobbered in mftb()
powerpc: Fix emulation of mfocrf in emulate_step()
powerpc: Fix emulation of mcrf in emulate_step()
powerpc/64: Fix atomic64_inc_not_zero() to return an int
powerpc/pseries: Fix passing of pp0 in updatepp() and updateboltedpp()
xen/scsiback: Fix a TMR related use-after-free
iscsi-target: Add login_keys_workaround attribute for non RFC initiators
scsi: Add STARGET_CREATED_REMOVE state to scsi_target_state
scsi: ses: do not add a device to an enclosure if enclosure_add_links() fails.
PM / Domains: Fix unsafe iteration over modified list of domains
PM / Domains: Fix unsafe iteration over modified list of domain providers
PM / Domains: Fix unsafe iteration over modified list of device links
ASoC: compress: Derive substream from stream based on direction
igb: Explicitly select page 0 at initialization
btrfs: Don't clear SGID when inheriting ACLs
wlcore: fix 64K page support
Bluetooth: use constant time memory comparison for secret values
perf intel-pt: Clear FUP flag on error
perf intel-pt: Use FUP always when scanning for an IP
perf intel-pt: Ensure never to set 'last_ip' when packet 'count' is zero
perf intel-pt: Fix last_ip usage
perf intel-pt: Ensure IP is zero when state is INTEL_PT_STATE_NO_IP
perf intel-pt: Fix missing stack clear
perf intel-pt: Improve sample timestamp
perf intel-pt: Move decoder error setting into one condition
NFC: Add sockaddr length checks before accessing sa_family in bind handlers
nfc: Fix the sockaddr length sanitization in llcp_sock_connect
nfc: Ensure presence of required attributes in the activate_target handler
NFC: nfcmrvl: fix firmware-management initialisation
NFC: nfcmrvl: use nfc-device for firmware download
NFC: nfcmrvl: do not use device-managed resources
NFC: nfcmrvl_uart: add missing tty-device sanity check
NFC: fix broken device allocation
ath9k: fix an invalid pointer dereference in ath9k_rng_stop()
ath9k: fix tx99 bus error
ath9k: fix tx99 use after free
thermal: cpu_cooling: Avoid accessing potentially freed structures
thermal: max77620: fix device-node reference imbalance
s5p-jpeg: don't return a random width/height
dm mpath: cleanup -Wbool-operation warning in choose_pgpath()
ir-core: fix gcc-7 warning on bool arithmetic
disable new gcc-7.1.1 warnings for now
Use %zu to print resid (size_t).
ANDROID: keychord: Fix a slab out-of-bounds read.
UPSTREAM: af_key: Fix sadb_x_ipsecrequest parsing
ANDROID: lowmemorykiller: Add tgid to kill message
Revert "ANDROID: proc: smaps: Allow smaps access for CAP_SYS_RESOURCE"
4.9.39
kvm: vmx: allow host to access guest MSR_IA32_BNDCFGS
kvm: vmx: Check value written to IA32_BNDCFGS
kvm: x86: Guest BNDCFGS requires guest MPX support
kvm: vmx: Do not disable intercepts for BNDCFGS
tracing: Use SOFTIRQ_OFFSET for softirq dectection for more accurate results
PM / QoS: return -EINVAL for bogus strings
PM / wakeirq: Convert to SRCU
sched/topology: Fix overlapping sched_group_mask
sched/topology: Optimize build_group_mask()
sched/topology: Fix building of overlapping sched-groups
sched/fair, cpumask: Export for_each_cpu_wrap()
Revert "sched/core: Optimize SCHED_SMT"
crypto: caam - fix signals handling
crypto: caam - properly set IV after {en,de}crypt
crypto: sha1-ssse3 - Disable avx2
crypto: atmel - only treat EBUSY as transient if backlog
crypto: talitos - Extend max key length for SHA384/512-HMAC and AEAD
mm: fix overflow check in expand_upwards()
selftests/capabilities: Fix the test_execve test
mnt: Make propagate_umount less slow for overlapping mount propagation trees
mnt: In propgate_umount handle visiting mounts in any order
mnt: In umount propagation reparent in a separate pass
nvmem: core: fix leaks on registration errors
rcu: Add memory barriers for NOCB leader wakeup
vt: fix unchecked __put_user() in tioclinux ioctls
ARM64: dts: marvell: armada37xx: Fix timer interrupt specifiers
exec: Limit arg stack to at most 75% of _STK_LIM
s390: reduce ELF_ET_DYN_BASE
powerpc: move ELF_ET_DYN_BASE to 4GB / 4MB
arm64: move ELF_ET_DYN_BASE to 4GB / 4MB
arm: move ELF_ET_DYN_BASE to 4MB
binfmt_elf: use ELF_ET_DYN_BASE only for PIE
checkpatch: silence perl 5.26.0 unescaped left brace warnings
fs/dcache.c: fix spin lockup issue on nlru->lock
mm/list_lru.c: fix list_lru_count_node() to be race free
kernel/extable.c: mark core_kernel_text notrace
thp, mm: fix crash due race in MADV_FREE handling
tools/lib/lockdep: Reduce MAX_LOCK_DEPTH to avoid overflowing lock_chain/: Depth
parisc/mm: Ensure IRQs are off in switch_mm()
parisc: DMA API: return error instead of BUG_ON for dma ops on non dma devs
parisc: use compat_sys_keyctl()
parisc: Report SIGSEGV instead of SIGBUS when running out of stack
irqchip/gic-v3: Fix out-of-bound access in gic_set_affinity
cfg80211: Check if NAN service ID is of expected size
cfg80211: Check if PMKID attribute is of expected size
cfg80211: Validate frequencies nested in NL80211_ATTR_SCAN_FREQUENCIES
cfg80211: Define nla_policy for NL80211_ATTR_LOCAL_MESH_POWER_MODE
sfc: don't read beyond unicast address list
brcmfmac: Fix glom_skb leak in brcmf_sdiod_recv_chain
brcmfmac: Fix a memory leak in error handling path in 'brcmf_cfg80211_attach'
brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()
rds: tcp: use sock_create_lite() to create the accept socket
vrf: fix bug_on triggered by rx when destroying a vrf
net: ipv6: Compare lwstate in detecting duplicate nexthops
net: core: Fix slab-out-of-bounds in netdev_stats_to_stats64
vxlan: fix hlist corruption
ipv6: dad: don't remove dynamic addresses if link is down
net/mlx5e: Fix TX carrier errors report in get stats ndo
liquidio: fix bug in soft reset failure detection
net/mlx5: Cancel delayed recovery work when unloading the driver
net: handle NAPI_GRO_FREE_STOLEN_HEAD case also in napi_frags_finish()
bpf: prevent leaking pointer via xadd on unpriviledged
rocker: move dereference before free
bridge: mdb: fix leak on complete_info ptr on fail path
net: prevent sign extension in dev_get_stats()
tcp: reset sk_rx_dst in tcp_disconnect()
net: dp83640: Avoid NULL pointer dereference.
ipv6: avoid unregistering inet6_dev for loopback
net/phy: micrel: configure intterupts after autoneg workaround
net: sched: Fix one possible panic when no destroy callback
net_sched: fix error recovery at qdisc creation
xen-netfront: Rework the fix for Rx stall during OOM and network stress
ANDROID: android-verity: mark dev as rw for linear target
ANDROID: sdcardfs: Remove unnecessary lock
ANDROID: binder: don't check prio permissions on restore.
Add BINDER_GET_NODE_DEBUG_INFO ioctl
ANDROID: binder: add RT inheritance flag to node.
ANDROID: binder: improve priority inheritance.
ANDROID: binder: add min sched_policy to node.
ANDROID: binder: add support for RT prio inheritance.
ANDROID: binder: push new transactions to waiting threads.
ANDROID: binder: remove proc waitqueue
Conflicts:
drivers/staging/android/lowmemorykiller.c
Change-Id: I2954e47d7e4fc74cf9bb5033fc151537958b78af
Signed-off-by: Kyle Yan <kyan@codeaurora.org>
|
||
|
Greg Kroah-Hartman
|
9ae2c670d8 |
Merge 4.9.40 into android-4.9
Changes in 4.9.40
disable new gcc-7.1.1 warnings for now
ir-core: fix gcc-7 warning on bool arithmetic
dm mpath: cleanup -Wbool-operation warning in choose_pgpath()
s5p-jpeg: don't return a random width/height
thermal: max77620: fix device-node reference imbalance
thermal: cpu_cooling: Avoid accessing potentially freed structures
ath9k: fix tx99 use after free
ath9k: fix tx99 bus error
ath9k: fix an invalid pointer dereference in ath9k_rng_stop()
NFC: fix broken device allocation
NFC: nfcmrvl_uart: add missing tty-device sanity check
NFC: nfcmrvl: do not use device-managed resources
NFC: nfcmrvl: use nfc-device for firmware download
NFC: nfcmrvl: fix firmware-management initialisation
nfc: Ensure presence of required attributes in the activate_target handler
nfc: Fix the sockaddr length sanitization in llcp_sock_connect
NFC: Add sockaddr length checks before accessing sa_family in bind handlers
perf intel-pt: Move decoder error setting into one condition
perf intel-pt: Improve sample timestamp
perf intel-pt: Fix missing stack clear
perf intel-pt: Ensure IP is zero when state is INTEL_PT_STATE_NO_IP
perf intel-pt: Fix last_ip usage
perf intel-pt: Ensure never to set 'last_ip' when packet 'count' is zero
perf intel-pt: Use FUP always when scanning for an IP
perf intel-pt: Clear FUP flag on error
Bluetooth: use constant time memory comparison for secret values
wlcore: fix 64K page support
btrfs: Don't clear SGID when inheriting ACLs
igb: Explicitly select page 0 at initialization
ASoC: compress: Derive substream from stream based on direction
PM / Domains: Fix unsafe iteration over modified list of device links
PM / Domains: Fix unsafe iteration over modified list of domain providers
PM / Domains: Fix unsafe iteration over modified list of domains
scsi: ses: do not add a device to an enclosure if enclosure_add_links() fails.
scsi: Add STARGET_CREATED_REMOVE state to scsi_target_state
iscsi-target: Add login_keys_workaround attribute for non RFC initiators
xen/scsiback: Fix a TMR related use-after-free
powerpc/pseries: Fix passing of pp0 in updatepp() and updateboltedpp()
powerpc/64: Fix atomic64_inc_not_zero() to return an int
powerpc: Fix emulation of mcrf in emulate_step()
powerpc: Fix emulation of mfocrf in emulate_step()
powerpc/asm: Mark cr0 as clobbered in mftb()
powerpc/mm/radix: Properly clear process table entry
af_key: Fix sadb_x_ipsecrequest parsing
PCI: Work around poweroff & suspend-to-RAM issue on Macbook Pro 11
PCI: rockchip: Use normal register bank for config accessors
PCI/PM: Restore the status of PCI devices across hibernation
ipvs: SNAT packet replies only for NATed connections
xhci: fix 20000ms port resume timeout
xhci: Fix NULL pointer dereference when cleaning up streams for removed host
xhci: Bad Ethernet performance plugged in ASM1042A host
mxl111sf: Fix driver to use heap allocate buffers for USB messages
usb: storage: return on error to avoid a null pointer dereference
USB: cdc-acm: add device-id for quirky printer
usb: renesas_usbhs: fix usbhsc_resume() for !USBHSF_RUNTIME_PWCTRL
usb: renesas_usbhs: gadget: disable all eps when the driver stops
md: don't use flush_signals in userspace processes
x86/xen: allow userspace access during hypercalls
cx88: Fix regression in initial video standard setting
libnvdimm, btt: fix btt_rw_page not returning errors
libnvdimm: fix badblock range handling of ARS range
ext2: Don't clear SGID when inheriting ACLs
Raid5 should update rdev->sectors after reshape
s390/syscalls: Fix out of bounds arguments access
drm/amd/amdgpu: Return error if initiating read out of range on vram
drm/radeon/ci: disable mclk switching for high refresh rates (v2)
drm/radeon: Fix eDP for single-display iMac10,1 (v2)
ipmi: use rcu lock around call to intf->handlers->sender()
ipmi:ssif: Add missing unlock in error branch
xfs: Don't clear SGID when inheriting ACLs
f2fs: sanity check size of nat and sit cache
f2fs: Don't clear SGID when inheriting ACLs
drm/ttm: Fix use-after-free in ttm_bo_clean_mm
ovl: drop CAP_SYS_RESOURCE from saved mounter's credentials
vfio: Fix group release deadlock
vfio: New external user group/file match
nvme-rdma: remove race conditions from IB signalling
ftrace: Fix uninitialized variable in match_records()
MIPS: Fix mips_atomic_set() retry condition
MIPS: Fix mips_atomic_set() with EVA
MIPS: Negate error syscall return in trace
ubifs: Don't leak kernel memory to the MTD
ACPI / EC: Drop EC noirq hooks to fix a regression
Revert "ACPI / EC: Enable event freeze mode..." to fix a regression
x86/acpi: Prevent out of bound access caused by broken ACPI tables
x86/ioapic: Pass the correct data to unmask_ioapic_irq()
MIPS: Fix MIPS I ISA /proc/cpuinfo reporting
MIPS: Save static registers before sysmips
MIPS: Actually decode JALX in `__compute_return_epc_for_insn'
MIPS: Fix unaligned PC interpretation in `compute_return_epc'
MIPS: math-emu: Prevent wrong ISA mode instruction emulation
MIPS: Send SIGILL for BPOSGE32 in `__compute_return_epc_for_insn'
MIPS: Rename `sigill_r6' to `sigill_r2r6' in `__compute_return_epc_for_insn'
MIPS: Send SIGILL for linked branches in `__compute_return_epc_for_insn'
MIPS: Send SIGILL for R6 branches in `__compute_return_epc_for_insn'
MIPS: Fix a typo: s/preset/present/ in r2-to-r6 emulation error message
Input: i8042 - fix crash at boot time
IB/iser: Fix connection teardown race condition
IB/core: Namespace is mandatory input for address resolution
sunrpc: use constant time memory comparison for mac
NFS: only invalidate dentrys that are clearly invalid.
udf: Fix deadlock between writeback and udf_setsize()
target: Fix COMPARE_AND_WRITE caw_sem leak during se_cmd quiesce
iser-target: Avoid isert_conn->cm_id dereference in isert_login_recv_done
perf annotate: Fix broken arrow at row 0 connecting jmp instruction to its target
Revert "perf/core: Drop kernel samples even though :u is specified"
staging: rtl8188eu: add TL-WN722N v2 support
staging: comedi: ni_mio_common: fix AO timer off-by-one regression
staging: sm750fb: avoid conflicting vesafb
staging: lustre: ko2iblnd: check copy_from_iter/copy_to_iter return code
ceph: fix race in concurrent readdir
RDMA/core: Initialize port_num in qp_attr
drm/mst: Fix error handling during MST sideband message reception
drm/mst: Avoid dereferencing a NULL mstb in drm_dp_mst_handle_up_req()
drm/mst: Avoid processing partially received up/down message transactions
mlx5: Avoid that mlx5_ib_sg_to_klms() overflows the klms[] array
hfsplus: Don't clear SGID when inheriting ACLs
ovl: fix random return value on mount
acpi/nfit: Fix memory corruption/Unregister mce decoder on failure
of: device: Export of_device_{get_modalias, uvent_modalias} to modules
spmi: Include OF based modalias in device uevent
reiserfs: Don't clear SGID when inheriting ACLs
PM / Domains: defer dev_pm_domain_set() until genpd->attach_dev succeeds if present
tracing: Fix kmemleak in instance_rmdir
alarmtimer: don't rate limit one-shot timers
Linux 4.9.40
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Ingo Molnar
|
a76a032300 |
Revert "perf/core: Drop kernel samples even though :u is specified"
commit 6a8a75f3235724c5941a33e287b2f98966ad14c5 upstream. This reverts commit cc1582c231ea041fbc68861dfaf957eaf902b829. This commit introduced a regression that broke rr-project, which uses sampling events to receive a signal on overflow (but does not care about the contents of the sample). These signals are critical to the correct operation of rr. There's been some back and forth about how to fix it - but to not keep applications in limbo queue up a revert. Reported-by: Kyle Huey <me@kylehuey.com> Acked-by: Kyle Huey <me@kylehuey.com> Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl> Cc: Jin Yao <yao.jin@linux.intel.com> Cc: Vince Weaver <vincent.weaver@maine.edu> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Will Deacon <will.deacon@arm.com> Cc: Arnaldo Carvalho de Melo <acme@redhat.com> Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com> Cc: Stephane Eranian <eranian@google.com> Cc: Namhyung Kim <namhyung@kernel.org> Cc: Jiri Olsa <jolsa@redhat.com> Link: http://lkml.kernel.org/r/20170628105600.GC5981@leverpostej Signed-off-by: Ingo Molnar <mingo@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Kyle Yan
|
6c3873f1eb |
Merge remote-tracking branch '4.9/tmp-184ce81' into msm-4.9
* 4.9/tmp-184ce81: Linux 4.9.36 KVM: nVMX: Fix exception injection KVM: x86: zero base3 of unusable segments KVM: x86/vPMU: fix undefined shift in intel_pmu_refresh() KVM: x86: fix emulation of RSM and IRET instructions arm64: fix NULL dereference in have_cpu_die() mtd: nand: brcmnand: Check flash #WP pin status before nand erase/program i2c: brcmstb: Fix START and STOP conditions brcmfmac: avoid writing channel out of allocated array infiniband: hns: avoid gcc-7.0.1 warning for uninitialized data objtool: Fix another GCC jump table detection issue clk: scpi: don't add cpufreq device if the scpi dvfs node is disabled cpufreq: s3c2416: double free on driver init error path iommu/amd: Fix interrupt remapping when disable guest_mode iommu/amd: Fix incorrect error handling in amd_iommu_bind_pasid() iommu/dma: Don't reserve PCI I/O windows iommu: Handle default domain attach failure iommu/vt-d: Don't over-free page table directories ocfs2: o2hb: revert hb threshold to keep compatible x86/mm: Fix flush_tlb_page() on Xen x86/mpx: Correctly report do_mpx_bt_fault() failures to user-space x86/boot/KASLR: Fix kexec crash due to 'virt_addr' calculation bug tools arch: Sync arch/x86/lib/memcpy_64.S with the kernel ARM: 8685/1: ensure memblock-limit is pmd-aligned ARM64/ACPI: Fix BAD_MADT_GICC_ENTRY() macro implementation ARM: dts: OMAP3: Fix MFG ID EEPROM ARM: OMAP2+: omap_device: Sync omap_device and pm_runtime after probe defer regulator: tps65086: Fix DT node referencing in of_parse_cb regulator: tps65086: Fix expected switch DT node names spi: fix device-node leaks spi: When no dma_chan map buffers with spi_master's parent sched/loadavg: Avoid loadavg spikes caused by delayed NO_HZ accounting watchdog: bcm281xx: Fix use of uninitialized spinlock. netfilter: use skb_to_full_sk in ip_route_me_harder xfrm: Oops on error in pfkey_msg2xfrm_state() xfrm: NULL dereference on allocation failure xfrm: fix stack access out of bounds with CONFIG_XFRM_SUB_POLICY mm/vmalloc.c: huge-vmap: fail gracefully on unexpected huge vmap mappings ravb: Fix use-after-free on `ifconfig eth0 down` ip6_tunnel, ip6_gre: fix setting of DSCP on encapsulated packets sctp: check af before verify address in sctp_addr_id2transport net/mlx4_core: Eliminate warning messages for SRQ_LIMIT under SRIOV perf probe: Fix to probe on gcc generated functions in modules tipc: allocate user memory with GFP_KERNEL flag net: phy: dp83867: allow RGMII_TXID/RGMII_RXID interface types perf probe: Fix to show correct locations for events on modules be2net: fix MAC addr setting on privileged BE3 VFs be2net: don't delete MAC on close on unprivileged BE3 VFs be2net: fix status check in be_cmd_pmac_add() usb: dwc2: gadget: Fix GUSBCFG.USBTRDTIM value s390/ctl_reg: make __ctl_load a full memory barrier swiotlb: ensure that page-sized mappings are page-aligned coredump: Ensure proper size of sparse core files aio: fix lock dep warning perf/x86: Reject non sampling events with precise_ip perf/core: Fix sys_perf_event_open() vs. hotplug x86/mpx: Use compatible types in comparison to fix sparse error x86/tsc: Add the Intel Denverton Processor to native_calibrate_tsc() mac80211: initialize SMPS field in HT capabilities pmem: return EIO on read_pmem() failure drm/amd/powerplay: refine vce dpm update code on Cz. drm/amd/powerplay: fix vce cg logic error on CZ/St. drm/radeon/si: load special ucode for certain MC configs net: thunderx: acpi: fix LMAC initialization arm64: assembler: make adr_l work in modules under KASLR spi: davinci: use dma_mapping_error() scsi: lpfc: avoid double free of resource identifiers HID: i2c-hid: Add sleep between POWER ON and RESET perf/x86/intel: Use ULL constant to prevent undefined shift behaviour mac80211: recalculate min channel width on VHT opmode changes net: phy: marvell: fix Marvell 88E1512 used in SGMII mode pinctrl: intel: Set pin direction properly perf/x86/intel/uncore: Fix hardcoded socket 0 assumption in the Haswell init code drm/etnaviv: trick drm_mm into giving out a low IOVA Documentation: devicetree: change the mediatek ethernet compatible string kernel/panic.c: add missing \n ibmveth: Add a proper check for the availability of the checksum features vxlan: do not age static remote mac entries ip6_tunnel: must reload ipv6h in ip6ip6_tnl_xmit() virtio_net: fix PAGE_SIZE > 64k mlxsw: spectrum_router: Correctly reallocate adjacency entries vfio/spapr: fail tce_iommu_attach_group() when iommu_data is null drm/amdgpu: check ring being ready before using net: dsa: Check return value of phy_connect_direct() amd-xgbe: Check xgbe_init() return code platform/x86: ideapad-laptop: handle ACPI event 1 iwlwifi: fix kernel crash when unregistering thermal zone scsi: virtio_scsi: Reject commands when virtqueue is broken xen-netfront: Fix Rx stall during network stress and OOM swiotlb-xen: update dev_addr after swapping pages virtio_console: fix a crash in config_work_handler Btrfs: fix truncate down when no_holes feature is enabled Btrfs: Fix deadlock between direct IO and fast fsync gianfar: Do not reuse pages from emergency reserve objtool: Fix IRET's opcode bpf: don't trigger OOM killer under pressure with map alloc bnxt_en: Fix "uninitialized variable" bug in TPA code path. xen-netback: protect resource cleaning on XenBus disconnect xen-netback: fix memory leaks on XenBus disconnect net: ethtool: Initialize buffer when querying device channel settings powerpc/eeh: Enable IO path on permanent error net: korina: Fix NAPI versus resources freeing perf/x86/intel: Handle exclusive threadid correctly on CPU hotplug net: phy: dp83848: add DP83620 PHY support drm/amdgpu: add support for new hainan variants drm/amdgpu: fix program vce instance logic error. qla2xxx: Fix erroneous invalid handle message qla2xxx: Terminate exchange if corrupted scsi: lpfc: Set elsiocb contexts to NULL after freeing it stmmac: add missing of_node_put scsi: sd: Fix wrong DPOFUA disable in sd_read_cache_type KVM: x86: fix fixing of hypercalls xen/blkback: don't free be structure too early ARM64: dts: meson-gxbb-odroidc2: fix GbE tx link breakage dt: bindings: net: use boolean dt properties for eee broken modes net: phy: use boolean dt properties for eee broken modes net: phy: fix sign type error in genphy_config_eee_advert dt-bindings: net: add EEE capability constants net: phy: add an option to disable EEE advertisement net: ethtool: add support for 2500BaseT and 5000BaseT link modes sparc64: Zero pages on allocation for mondo and error queues. sparc64: Handle PIO & MEM non-resumable errors. mm: numa: avoid waiting on freed migrated pages l2tp: take a reference on sessions used in genetlink handlers l2tp: hold session while sending creation notifications l2tp: fix duplicate session creation l2tp: ensure session can't get removed during pppol2tp_session_ioctl() l2tp: fix race in l2tp_recv_common() usb: gadget: f_fs: Fix possibe deadlock x86/mm: Fix boot crash caused by incorrect loop count calculation in sync_global_pgds() dm thin: do not queue freed thin mapping for next stage processing drm/vmwgfx: Free hash table allocated by cmdbuf managed res mgr gpiolib: fix filtering out unwanted events NFSv4.1: Fix a race in nfs4_proc_layoutget ALSA: hda - set input_path bitmap to zero after moving it to new place ALSA: hda - Fix endless loop of codec configure MIPS: Fix IRQ tracing & lockdep when rescheduling MIPS: pm-cps: Drop manual cache-line alignment of ready_count MIPS: Avoid accidental raw backtrace MIPS: head: Reorder instructions missing a delay slot mm, swap_cgroup: reschedule when neeed in swap_cgroup_swapoff() drm/ast: Handle configuration without P2A bridge xen/blkback: don't use xen_blkif_get() in xen-blkback kthread NFSv4.x/callback: Create the callback service through svc_create_pooled NFSv4: fix a reference leak caused WARNING messages netfilter: synproxy: fix conntrackd interaction netfilter: xt_TCPMSS: add more sanity tests on tcph->doff rtnetlink: add IFLA_GROUP to ifla_policy ipv6: Do not leak throw route references sfc: provide dummy definitions of vswitch functions net: 8021q: Fix one possible panic caused by BUG_ON in free_netdev decnet: always not take dst->__refcnt when inserting dst into hash table net/mlx5e: Fix timestamping capabilities reporting net/mlx5: Wait for FW readiness before initializing command interface net/mlx5e: Avoid doing a cleanup call if the profile doesn't have it sctp: return next obj by passing pos + 1 into sctp_transport_get_idx ipv6: fix calling in6_ifa_hold incorrectly for dad work igmp: add a missing spin_lock_init() igmp: acquire pmc lock for ip_mc_clear_src() proc: snmp6: Use correct type in memset net/mlx5e: Fix wrong indications in DIM due to counter wraparound net/mlx5e: Added BW check for DIM decision mechanism net: tipc: Fix a sleep-in-atomic bug in tipc_msg_reverse net: caif: Fix a sleep-in-atomic bug in cfpkt_create_pfx sctp: disable BH in sctp_for_each_endpoint Fix an intermittent pr_emerg warning about lo becoming free. af_unix: Add sockaddr length checks before accessing sa_family in bind and connect handlers net: vrf: Make add_fib_rules per network namespace flag net: Zero ifla_vf_info in rtnl_fill_vfinfo() decnet: dn_rtmsg: Improve input length sanitization in dnrmg_receive_user_skb net: don't call strlen on non-terminated string in dev_set_alias() ipv6: release dst on error in ip6_dst_lookup_tail UPSTREAM: selinux: enable genfscon labeling for tracefs Change-Id: I85271d5ce79a499d0398f7d3cb32bc2d43fe7dc5 Signed-off-by: Kyle Yan <kyan@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
184ce810ce |
Merge 4.9.36 into android-4.9
Changes in 4.9.36 ipv6: release dst on error in ip6_dst_lookup_tail net: don't call strlen on non-terminated string in dev_set_alias() decnet: dn_rtmsg: Improve input length sanitization in dnrmg_receive_user_skb net: Zero ifla_vf_info in rtnl_fill_vfinfo() net: vrf: Make add_fib_rules per network namespace flag af_unix: Add sockaddr length checks before accessing sa_family in bind and connect handlers Fix an intermittent pr_emerg warning about lo becoming free. sctp: disable BH in sctp_for_each_endpoint net: caif: Fix a sleep-in-atomic bug in cfpkt_create_pfx net: tipc: Fix a sleep-in-atomic bug in tipc_msg_reverse net/mlx5e: Added BW check for DIM decision mechanism net/mlx5e: Fix wrong indications in DIM due to counter wraparound proc: snmp6: Use correct type in memset igmp: acquire pmc lock for ip_mc_clear_src() igmp: add a missing spin_lock_init() ipv6: fix calling in6_ifa_hold incorrectly for dad work sctp: return next obj by passing pos + 1 into sctp_transport_get_idx net/mlx5e: Avoid doing a cleanup call if the profile doesn't have it net/mlx5: Wait for FW readiness before initializing command interface net/mlx5e: Fix timestamping capabilities reporting decnet: always not take dst->__refcnt when inserting dst into hash table net: 8021q: Fix one possible panic caused by BUG_ON in free_netdev sfc: provide dummy definitions of vswitch functions ipv6: Do not leak throw route references rtnetlink: add IFLA_GROUP to ifla_policy netfilter: xt_TCPMSS: add more sanity tests on tcph->doff netfilter: synproxy: fix conntrackd interaction NFSv4: fix a reference leak caused WARNING messages NFSv4.x/callback: Create the callback service through svc_create_pooled xen/blkback: don't use xen_blkif_get() in xen-blkback kthread drm/ast: Handle configuration without P2A bridge mm, swap_cgroup: reschedule when neeed in swap_cgroup_swapoff() MIPS: head: Reorder instructions missing a delay slot MIPS: Avoid accidental raw backtrace MIPS: pm-cps: Drop manual cache-line alignment of ready_count MIPS: Fix IRQ tracing & lockdep when rescheduling ALSA: hda - Fix endless loop of codec configure ALSA: hda - set input_path bitmap to zero after moving it to new place NFSv4.1: Fix a race in nfs4_proc_layoutget gpiolib: fix filtering out unwanted events drm/vmwgfx: Free hash table allocated by cmdbuf managed res mgr dm thin: do not queue freed thin mapping for next stage processing x86/mm: Fix boot crash caused by incorrect loop count calculation in sync_global_pgds() usb: gadget: f_fs: Fix possibe deadlock l2tp: fix race in l2tp_recv_common() l2tp: ensure session can't get removed during pppol2tp_session_ioctl() l2tp: fix duplicate session creation l2tp: hold session while sending creation notifications l2tp: take a reference on sessions used in genetlink handlers mm: numa: avoid waiting on freed migrated pages sparc64: Handle PIO & MEM non-resumable errors. sparc64: Zero pages on allocation for mondo and error queues. net: ethtool: add support for 2500BaseT and 5000BaseT link modes net: phy: add an option to disable EEE advertisement dt-bindings: net: add EEE capability constants net: phy: fix sign type error in genphy_config_eee_advert net: phy: use boolean dt properties for eee broken modes dt: bindings: net: use boolean dt properties for eee broken modes ARM64: dts: meson-gxbb-odroidc2: fix GbE tx link breakage xen/blkback: don't free be structure too early KVM: x86: fix fixing of hypercalls scsi: sd: Fix wrong DPOFUA disable in sd_read_cache_type stmmac: add missing of_node_put scsi: lpfc: Set elsiocb contexts to NULL after freeing it qla2xxx: Terminate exchange if corrupted qla2xxx: Fix erroneous invalid handle message drm/amdgpu: fix program vce instance logic error. drm/amdgpu: add support for new hainan variants net: phy: dp83848: add DP83620 PHY support perf/x86/intel: Handle exclusive threadid correctly on CPU hotplug net: korina: Fix NAPI versus resources freeing powerpc/eeh: Enable IO path on permanent error net: ethtool: Initialize buffer when querying device channel settings xen-netback: fix memory leaks on XenBus disconnect xen-netback: protect resource cleaning on XenBus disconnect bnxt_en: Fix "uninitialized variable" bug in TPA code path. bpf: don't trigger OOM killer under pressure with map alloc objtool: Fix IRET's opcode gianfar: Do not reuse pages from emergency reserve Btrfs: Fix deadlock between direct IO and fast fsync Btrfs: fix truncate down when no_holes feature is enabled virtio_console: fix a crash in config_work_handler swiotlb-xen: update dev_addr after swapping pages xen-netfront: Fix Rx stall during network stress and OOM scsi: virtio_scsi: Reject commands when virtqueue is broken iwlwifi: fix kernel crash when unregistering thermal zone platform/x86: ideapad-laptop: handle ACPI event 1 amd-xgbe: Check xgbe_init() return code net: dsa: Check return value of phy_connect_direct() drm/amdgpu: check ring being ready before using vfio/spapr: fail tce_iommu_attach_group() when iommu_data is null mlxsw: spectrum_router: Correctly reallocate adjacency entries virtio_net: fix PAGE_SIZE > 64k ip6_tunnel: must reload ipv6h in ip6ip6_tnl_xmit() vxlan: do not age static remote mac entries ibmveth: Add a proper check for the availability of the checksum features kernel/panic.c: add missing \n Documentation: devicetree: change the mediatek ethernet compatible string drm/etnaviv: trick drm_mm into giving out a low IOVA perf/x86/intel/uncore: Fix hardcoded socket 0 assumption in the Haswell init code pinctrl: intel: Set pin direction properly net: phy: marvell: fix Marvell 88E1512 used in SGMII mode mac80211: recalculate min channel width on VHT opmode changes perf/x86/intel: Use ULL constant to prevent undefined shift behaviour HID: i2c-hid: Add sleep between POWER ON and RESET scsi: lpfc: avoid double free of resource identifiers spi: davinci: use dma_mapping_error() arm64: assembler: make adr_l work in modules under KASLR net: thunderx: acpi: fix LMAC initialization drm/radeon/si: load special ucode for certain MC configs drm/amd/powerplay: fix vce cg logic error on CZ/St. drm/amd/powerplay: refine vce dpm update code on Cz. pmem: return EIO on read_pmem() failure mac80211: initialize SMPS field in HT capabilities x86/tsc: Add the Intel Denverton Processor to native_calibrate_tsc() x86/mpx: Use compatible types in comparison to fix sparse error perf/core: Fix sys_perf_event_open() vs. hotplug perf/x86: Reject non sampling events with precise_ip aio: fix lock dep warning coredump: Ensure proper size of sparse core files swiotlb: ensure that page-sized mappings are page-aligned s390/ctl_reg: make __ctl_load a full memory barrier usb: dwc2: gadget: Fix GUSBCFG.USBTRDTIM value be2net: fix status check in be_cmd_pmac_add() be2net: don't delete MAC on close on unprivileged BE3 VFs be2net: fix MAC addr setting on privileged BE3 VFs perf probe: Fix to show correct locations for events on modules net: phy: dp83867: allow RGMII_TXID/RGMII_RXID interface types tipc: allocate user memory with GFP_KERNEL flag perf probe: Fix to probe on gcc generated functions in modules net/mlx4_core: Eliminate warning messages for SRQ_LIMIT under SRIOV sctp: check af before verify address in sctp_addr_id2transport ip6_tunnel, ip6_gre: fix setting of DSCP on encapsulated packets ravb: Fix use-after-free on `ifconfig eth0 down` mm/vmalloc.c: huge-vmap: fail gracefully on unexpected huge vmap mappings xfrm: fix stack access out of bounds with CONFIG_XFRM_SUB_POLICY xfrm: NULL dereference on allocation failure xfrm: Oops on error in pfkey_msg2xfrm_state() netfilter: use skb_to_full_sk in ip_route_me_harder watchdog: bcm281xx: Fix use of uninitialized spinlock. sched/loadavg: Avoid loadavg spikes caused by delayed NO_HZ accounting spi: When no dma_chan map buffers with spi_master's parent spi: fix device-node leaks regulator: tps65086: Fix expected switch DT node names regulator: tps65086: Fix DT node referencing in of_parse_cb ARM: OMAP2+: omap_device: Sync omap_device and pm_runtime after probe defer ARM: dts: OMAP3: Fix MFG ID EEPROM ARM64/ACPI: Fix BAD_MADT_GICC_ENTRY() macro implementation ARM: 8685/1: ensure memblock-limit is pmd-aligned tools arch: Sync arch/x86/lib/memcpy_64.S with the kernel x86/boot/KASLR: Fix kexec crash due to 'virt_addr' calculation bug x86/mpx: Correctly report do_mpx_bt_fault() failures to user-space x86/mm: Fix flush_tlb_page() on Xen ocfs2: o2hb: revert hb threshold to keep compatible iommu/vt-d: Don't over-free page table directories iommu: Handle default domain attach failure iommu/dma: Don't reserve PCI I/O windows iommu/amd: Fix incorrect error handling in amd_iommu_bind_pasid() iommu/amd: Fix interrupt remapping when disable guest_mode cpufreq: s3c2416: double free on driver init error path clk: scpi: don't add cpufreq device if the scpi dvfs node is disabled objtool: Fix another GCC jump table detection issue infiniband: hns: avoid gcc-7.0.1 warning for uninitialized data brcmfmac: avoid writing channel out of allocated array i2c: brcmstb: Fix START and STOP conditions mtd: nand: brcmnand: Check flash #WP pin status before nand erase/program arm64: fix NULL dereference in have_cpu_die() KVM: x86: fix emulation of RSM and IRET instructions KVM: x86/vPMU: fix undefined shift in intel_pmu_refresh() KVM: x86: zero base3 of unusable segments KVM: nVMX: Fix exception injection Linux 4.9.36 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Peter Zijlstra
|
1c68633329 |
perf/core: Fix sys_perf_event_open() vs. hotplug
[ Upstream commit 63cae12bce9861cec309798d34701cf3da20bc71 ]
There is problem with installing an event in a task that is 'stuck' on
an offline CPU.
Blocked tasks are not dis-assosciated from offlined CPUs, after all, a
blocked task doesn't run and doesn't require a CPU etc.. Only on
wakeup do we ammend the situation and place the task on a available
CPU.
If we hit such a task with perf_install_in_context() we'll loop until
either that task wakes up or the CPU comes back online, if the task
waking depends on the event being installed, we're stuck.
While looking into this issue, I also spotted another problem, if we
hit a task with perf_install_in_context() that is in the middle of
being migrated, that is we observe the old CPU before sending the IPI,
but run the IPI (on the old CPU) while the task is already running on
the new CPU, things also go sideways.
Rework things to rely on task_curr() -- outside of rq->lock -- which
is rather tricky. Imagine the following scenario where we're trying to
install the first event into our task 't':
CPU0 CPU1 CPU2
(current == t)
t->perf_event_ctxp[] = ctx;
smp_mb();
cpu = task_cpu(t);
switch(t, n);
migrate(t, 2);
switch(p, t);
ctx = t->perf_event_ctxp[]; // must not be NULL
smp_function_call(cpu, ..);
generic_exec_single()
func();
spin_lock(ctx->lock);
if (task_curr(t)) // false
add_event_to_ctx();
spin_unlock(ctx->lock);
perf_event_context_sched_in();
spin_lock(ctx->lock);
// sees event
So its CPU0's store of t->perf_event_ctxp[] that must not go 'missing'.
Because if CPU2's load of that variable were to observe NULL, it would
not try to schedule the ctx and we'd have a task running without its
counter, which would be 'bad'.
As long as we observe !NULL, we'll acquire ctx->lock. If we acquire it
first and not see the event yet, then CPU0 must observe task_curr()
and retry. If the install happens first, then we must see the event on
sched-in and all is well.
I think we can translate the first part (until the 'must not be NULL')
of the scenario to a litmus test like:
C C-peterz
{
}
P0(int *x, int *y)
{
int r1;
WRITE_ONCE(*x, 1);
smp_mb();
r1 = READ_ONCE(*y);
}
P1(int *y, int *z)
{
WRITE_ONCE(*y, 1);
smp_store_release(z, 1);
}
P2(int *x, int *z)
{
int r1;
int r2;
r1 = smp_load_acquire(z);
smp_mb();
r2 = READ_ONCE(*x);
}
exists
(0:r1=0 /\ 2:r1=1 /\ 2:r2=0)
Where:
x is perf_event_ctxp[],
y is our tasks's CPU, and
z is our task being placed on the rq of CPU2.
The P0 smp_mb() is the one added by this patch, ordering the store to
perf_event_ctxp[] from find_get_context() and the load of task_cpu()
in task_function_call().
The smp_store_release/smp_load_acquire model the RCpc locking of the
rq->lock and the smp_mb() of P2 is the context switch switching from
whatever CPU2 was running to our task 't'.
This litmus test evaluates into:
Test C-peterz Allowed
States 7
0:r1=0; 2:r1=0; 2:r2=0;
0:r1=0; 2:r1=0; 2:r2=1;
0:r1=0; 2:r1=1; 2:r2=1;
0:r1=1; 2:r1=0; 2:r2=0;
0:r1=1; 2:r1=0; 2:r2=1;
0:r1=1; 2:r1=1; 2:r2=0;
0:r1=1; 2:r1=1; 2:r2=1;
No
Witnesses
Positive: 0 Negative: 7
Condition exists (0:r1=0 /\ 2:r1=1 /\ 2:r2=0)
Observation C-peterz Never 0 7
Hash=e427f41d9146b2a5445101d3e2fcaa34
And the strong and weak model agree.
Reported-by: Mark Rutland <mark.rutland@arm.com>
Tested-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Cc: Stephane Eranian <eranian@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vince Weaver <vincent.weaver@maine.edu>
Cc: Will Deacon <will.deacon@arm.com>
Cc: jeremy.linton@arm.com
Link: http://lkml.kernel.org/r/20161209135900.GU3174@twins.programming.kicks-ass.net
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Kyle Yan
|
355cae8b93 |
Merge remote-tracking branch '4.9/tmp-da3493c' into 4.9
* 4.9/tmp-da3493c: Linux 4.9.32 netfilter: nft_set_rbtree: handle element re-addition after deletion cpufreq: schedutil: Fix per-CPU structure initialization in sugov_start() cpufreq: schedutil: move cached_raw_freq to struct sugov_policy drm/i915/vbt: split out defaults that are set when there is no VBT drm/i915/vbt: don't propagate errors from intel_bios_init() usercopy: Adjust tests to deal with SMAP/PAN ARM: 8637/1: Adjust memory boundaries after reservations ARM: 8636/1: Cleanup sanity_check_meminfo arm64: entry: improve data abort handling of tagged pointers arm64: hw_breakpoint: fix watchpoint matching for tagged pointers arm64: traps: fix userspace cache maintenance emulation on a tagged pointer serial: sh-sci: Fix panic when serial console and DMA are enabled drivers: char: mem: Fix wraparound check to allow mappings up to the end cpu/hotplug: Drop the device lock on error ASoC: Fix use-after-free at card unregistration ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT ALSA: timer: Fix race between read and ioctl drm/nouveau/tmr: fully separate alarm execution/pending lists drm/vmwgfx: Make sure backup_handle is always valid drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl() drm/vmwgfx: Handle vmalloc() failure in vmw_local_fifo_reserve() perf/core: Drop kernel samples even though :u is specified powerpc/kernel: Initialize load_tm on task creation powerpc/kernel: Fix FP and vector register restoration powerpc/hotplug-mem: Fix missing endian conversion of aa_index powerpc/numa: Fix percpu allocations to be NUMA aware powerpc/sysdev/simple_gpio: Fix oops in gpio save_regs function scsi: qla2xxx: Fix mailbox pointer error in fwdump capture scsi: qla2xxx: Set bit 15 for DIAG_ECHO_TEST MBC scsi: qla2xxx: Modify T262 FW dump template to specify same start/end to debug customer issues scsi: qla2xxx: don't disable a not previously enabled PCI device KVM: arm/arm64: Handle possible NULL stage2 pud when ageing pages btrfs: fix memory leak in update_space_info failure path btrfs: use correct types for page indices in btrfs_page_exists_in_range cxl: Avoid double free_irq() for psl,slice interrupts cxl: Fix error path on bad ioctl ufs_getfrag_block(): we only grab ->truncate_mutex on block creation path ufs_extend_tail(): fix the braino in calling conventions of ufs_new_fragments() ufs: set correct ->s_maxsize ufs: restore maintaining ->i_blocks fix ufs_isblockset() ufs: restore proper tail allocation fs: add i_blocksize() cpuset: consider dying css as offline Input: elantech - add Fujitsu Lifebook E546/E557 to force crc_enabled cgroup: Prevent kill_css() from being called more than once ahci: Acer SA5-271 SSD Not Detected Fix drm/msm: Expose our reservation object when exporting a dmabuf. target: Re-add check to reject control WRITEs with overflow data cpufreq: cpufreq_register_driver() should return -ENODEV if init fails mei: make sysfs modalias format similar as uevent modalias iio: proximity: as3935: fix iio_trigger_poll issue iio: proximity: as3935: fix AS3935_INT mask iio: light: ltr501 Fix interchanged als/ps register field iio: adc: bcm_iproc_adc: swap primary and secondary isr handler's staging/lustre/lov: remove set_fs() call from lov_getstripe() usb: chipidea: debug: check before accessing ci_role usb: chipidea: udc: fix NULL pointer dereference if udc_start failed usb: gadget: f_mass_storage: Serialize wake and sleep execution drm: Fix oops + Xserver hang when unplugging USB drm devices ext4: fix fdatasync(2) after extent manipulation operations ext4: fix data corruption with EXT4_GET_BLOCKS_ZERO ext4: keep existing extra fields when inode expands ext4: fix SEEK_HOLE xen/privcmd: Support correctly 64KB page granularity when mapping memory cfq-iosched: fix the delay of cfq_group's vdisktime under iops mode dmaengine: mv_xor_v2: set DMA mask to 40 bits dmaengine: mv_xor_v2: remove interrupt coalescing dmaengine: mv_xor_v2: fix tx_submit() implementation dmaengine: mv_xor_v2: enable XOR engine after its configuration dmaengine: mv_xor_v2: do not use descriptors not acked by async_tx dmaengine: mv_xor_v2: properly handle wrapping in the array of HW descriptors dmaengine: mv_xor_v2: handle mv_xor_v2_prep_sw_desc() error properly dmaengine: ep93xx: Don't drain the transfers in terminate_all() dmaengine: ep93xx: Always start from BASE0 dmaengine: usb-dmac: Fix DMAOR AE bit definition KVM: arm/arm64: vgic-v2: Do not use Active+Pending state for a HW interrupt KVM: arm/arm64: vgic-v3: Do not use Active+Pending state for a HW interrupt KVM: async_pf: avoid async pf injection when in guest mode arm: KVM: Allow unaligned accesses at HYP arm64: KVM: Allow unaligned accesses at EL2 arm64: KVM: Preserve RES1 bits in SCTLR_EL2 KVM: cpuid: Fix read/write out-of-bounds vulnerability in cpuid emulation kvm: async_pf: fix rcu_irq_enter() with irqs enabled efi: Don't issue error message when booted under Xen nfsd: Fix up the "supattr_exclcreat" attributes nfsd4: fix null dereference on replay drm/amdgpu/ci: disable mclk switching for high refresh rates (v2) crypto: gcm - wait for crypto op not signal safe crypto: drbg - wait for crypto op not signal safe KEYS: encrypted: avoid encrypting/decrypting stack buffers KEYS: fix freeing uninitialized memory in key_update() KEYS: fix dereferencing NULL payload with nonzero length crypto: asymmetric_keys - handle EBUSY due to backlog correctly ptrace: Properly initialize ptracer_cred on fork serial: ifx6x60: fix use-after-free on module unload arch/sparc: support NR_CPUS = 4096 sparc64: delete old wrap code sparc64: new context wrap sparc64: add per-cpu mm of secondary contexts sparc64: redefine first version sparc64: combine activate_mm and switch_mm sparc64: reset mm cpumask after wrap sparc: Machine description indices can vary sparc64: mm: fix copy_tsb to correctly copy huge page TSBs sparc64: Add __multi3 for gcc 7.x and later. net: bridge: start hello timer only if device is up net: stmmac: fix completely hung TX when using TSO net: ethoc: enable NAPI before poll may be scheduled net/ipv6: Fix CALIPSO causing GPF with datagram support net: ping: do not abuse udp_poll() ipv6: Fix leak in ipv6_gso_segment(). vxlan: fix use-after-free on deletion tcp: disallow cwnd undo when switching congestion control cxgb4: avoid enabling napi twice to the same queue ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt() vxlan: eliminate cached dst leak bnx2x: Fix Multi-Cos UPSTREAM: drm/msm/mdp5: use __drm_atomic_helper_plane_duplicate_state() ANDROID: sdcardfs: d_splice_alias can return error values Conflicts: kernel/sched/cpufreq_schedutil.c Change-Id: I6e03b1d21fe48d7f2b767f46addf417d17404dcc Signed-off-by: Kyle Yan <kyan@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
da3493c028 |
Merge 4.9.32 into android-4.9
Changes in 4.9.32 bnx2x: Fix Multi-Cos vxlan: eliminate cached dst leak ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt() cxgb4: avoid enabling napi twice to the same queue tcp: disallow cwnd undo when switching congestion control vxlan: fix use-after-free on deletion ipv6: Fix leak in ipv6_gso_segment(). net: ping: do not abuse udp_poll() net/ipv6: Fix CALIPSO causing GPF with datagram support net: ethoc: enable NAPI before poll may be scheduled net: stmmac: fix completely hung TX when using TSO net: bridge: start hello timer only if device is up sparc64: Add __multi3 for gcc 7.x and later. sparc64: mm: fix copy_tsb to correctly copy huge page TSBs sparc: Machine description indices can vary sparc64: reset mm cpumask after wrap sparc64: combine activate_mm and switch_mm sparc64: redefine first version sparc64: add per-cpu mm of secondary contexts sparc64: new context wrap sparc64: delete old wrap code arch/sparc: support NR_CPUS = 4096 serial: ifx6x60: fix use-after-free on module unload ptrace: Properly initialize ptracer_cred on fork crypto: asymmetric_keys - handle EBUSY due to backlog correctly KEYS: fix dereferencing NULL payload with nonzero length KEYS: fix freeing uninitialized memory in key_update() KEYS: encrypted: avoid encrypting/decrypting stack buffers crypto: drbg - wait for crypto op not signal safe crypto: gcm - wait for crypto op not signal safe drm/amdgpu/ci: disable mclk switching for high refresh rates (v2) nfsd4: fix null dereference on replay nfsd: Fix up the "supattr_exclcreat" attributes efi: Don't issue error message when booted under Xen kvm: async_pf: fix rcu_irq_enter() with irqs enabled KVM: cpuid: Fix read/write out-of-bounds vulnerability in cpuid emulation arm64: KVM: Preserve RES1 bits in SCTLR_EL2 arm64: KVM: Allow unaligned accesses at EL2 arm: KVM: Allow unaligned accesses at HYP KVM: async_pf: avoid async pf injection when in guest mode KVM: arm/arm64: vgic-v3: Do not use Active+Pending state for a HW interrupt KVM: arm/arm64: vgic-v2: Do not use Active+Pending state for a HW interrupt dmaengine: usb-dmac: Fix DMAOR AE bit definition dmaengine: ep93xx: Always start from BASE0 dmaengine: ep93xx: Don't drain the transfers in terminate_all() dmaengine: mv_xor_v2: handle mv_xor_v2_prep_sw_desc() error properly dmaengine: mv_xor_v2: properly handle wrapping in the array of HW descriptors dmaengine: mv_xor_v2: do not use descriptors not acked by async_tx dmaengine: mv_xor_v2: enable XOR engine after its configuration dmaengine: mv_xor_v2: fix tx_submit() implementation dmaengine: mv_xor_v2: remove interrupt coalescing dmaengine: mv_xor_v2: set DMA mask to 40 bits cfq-iosched: fix the delay of cfq_group's vdisktime under iops mode xen/privcmd: Support correctly 64KB page granularity when mapping memory ext4: fix SEEK_HOLE ext4: keep existing extra fields when inode expands ext4: fix data corruption with EXT4_GET_BLOCKS_ZERO ext4: fix fdatasync(2) after extent manipulation operations drm: Fix oops + Xserver hang when unplugging USB drm devices usb: gadget: f_mass_storage: Serialize wake and sleep execution usb: chipidea: udc: fix NULL pointer dereference if udc_start failed usb: chipidea: debug: check before accessing ci_role staging/lustre/lov: remove set_fs() call from lov_getstripe() iio: adc: bcm_iproc_adc: swap primary and secondary isr handler's iio: light: ltr501 Fix interchanged als/ps register field iio: proximity: as3935: fix AS3935_INT mask iio: proximity: as3935: fix iio_trigger_poll issue mei: make sysfs modalias format similar as uevent modalias cpufreq: cpufreq_register_driver() should return -ENODEV if init fails target: Re-add check to reject control WRITEs with overflow data drm/msm: Expose our reservation object when exporting a dmabuf. ahci: Acer SA5-271 SSD Not Detected Fix cgroup: Prevent kill_css() from being called more than once Input: elantech - add Fujitsu Lifebook E546/E557 to force crc_enabled cpuset: consider dying css as offline fs: add i_blocksize() ufs: restore proper tail allocation fix ufs_isblockset() ufs: restore maintaining ->i_blocks ufs: set correct ->s_maxsize ufs_extend_tail(): fix the braino in calling conventions of ufs_new_fragments() ufs_getfrag_block(): we only grab ->truncate_mutex on block creation path cxl: Fix error path on bad ioctl cxl: Avoid double free_irq() for psl,slice interrupts btrfs: use correct types for page indices in btrfs_page_exists_in_range btrfs: fix memory leak in update_space_info failure path KVM: arm/arm64: Handle possible NULL stage2 pud when ageing pages scsi: qla2xxx: don't disable a not previously enabled PCI device scsi: qla2xxx: Modify T262 FW dump template to specify same start/end to debug customer issues scsi: qla2xxx: Set bit 15 for DIAG_ECHO_TEST MBC scsi: qla2xxx: Fix mailbox pointer error in fwdump capture powerpc/sysdev/simple_gpio: Fix oops in gpio save_regs function powerpc/numa: Fix percpu allocations to be NUMA aware powerpc/hotplug-mem: Fix missing endian conversion of aa_index powerpc/kernel: Fix FP and vector register restoration powerpc/kernel: Initialize load_tm on task creation perf/core: Drop kernel samples even though :u is specified drm/vmwgfx: Handle vmalloc() failure in vmw_local_fifo_reserve() drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl() drm/vmwgfx: Make sure backup_handle is always valid drm/nouveau/tmr: fully separate alarm execution/pending lists ALSA: timer: Fix race between read and ioctl ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT ASoC: Fix use-after-free at card unregistration cpu/hotplug: Drop the device lock on error drivers: char: mem: Fix wraparound check to allow mappings up to the end serial: sh-sci: Fix panic when serial console and DMA are enabled arm64: traps: fix userspace cache maintenance emulation on a tagged pointer arm64: hw_breakpoint: fix watchpoint matching for tagged pointers arm64: entry: improve data abort handling of tagged pointers ARM: 8636/1: Cleanup sanity_check_meminfo ARM: 8637/1: Adjust memory boundaries after reservations usercopy: Adjust tests to deal with SMAP/PAN drm/i915/vbt: don't propagate errors from intel_bios_init() drm/i915/vbt: split out defaults that are set when there is no VBT cpufreq: schedutil: move cached_raw_freq to struct sugov_policy cpufreq: schedutil: Fix per-CPU structure initialization in sugov_start() netfilter: nft_set_rbtree: handle element re-addition after deletion Linux 4.9.32 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Jin Yao
|
3743c0e127 |
perf/core: Drop kernel samples even though :u is specified
commit cc1582c231ea041fbc68861dfaf957eaf902b829 upstream.
When doing sampling, for example:
perf record -e cycles:u ...
On workloads that do a lot of kernel entry/exits we see kernel
samples, even though :u is specified. This is due to skid existing.
This might be a security issue because it can leak kernel addresses even
though kernel sampling support is disabled.
The patch drops the kernel samples if exclude_kernel is specified.
For example, test on Haswell desktop:
perf record -e cycles:u <mgen>
perf report --stdio
Before patch applied:
99.77% mgen mgen [.] buf_read
0.20% mgen mgen [.] rand_buf_init
0.01% mgen [kernel.vmlinux] [k] apic_timer_interrupt
0.00% mgen mgen [.] last_free_elem
0.00% mgen libc-2.23.so [.] __random_r
0.00% mgen libc-2.23.so [.] _int_malloc
0.00% mgen mgen [.] rand_array_init
0.00% mgen [kernel.vmlinux] [k] page_fault
0.00% mgen libc-2.23.so [.] __random
0.00% mgen libc-2.23.so [.] __strcasestr
0.00% mgen ld-2.23.so [.] strcmp
0.00% mgen ld-2.23.so [.] _dl_start
0.00% mgen libc-2.23.so [.] sched_setaffinity@@GLIBC_2.3.4
0.00% mgen ld-2.23.so [.] _start
We can see kernel symbols apic_timer_interrupt and page_fault.
After patch applied:
99.79% mgen mgen [.] buf_read
0.19% mgen mgen [.] rand_buf_init
0.00% mgen libc-2.23.so [.] __random_r
0.00% mgen mgen [.] rand_array_init
0.00% mgen mgen [.] last_free_elem
0.00% mgen libc-2.23.so [.] vfprintf
0.00% mgen libc-2.23.so [.] rand
0.00% mgen libc-2.23.so [.] __random
0.00% mgen libc-2.23.so [.] _int_malloc
0.00% mgen libc-2.23.so [.] _IO_doallocbuf
0.00% mgen ld-2.23.so [.] do_lookup_x
0.00% mgen ld-2.23.so [.] open_verify.constprop.7
0.00% mgen ld-2.23.so [.] _dl_important_hwcaps
0.00% mgen libc-2.23.so [.] sched_setaffinity@@GLIBC_2.3.4
0.00% mgen ld-2.23.so [.] _start
There are only userspace symbols.
Signed-off-by: Jin Yao <yao.jin@linux.intel.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Namhyung Kim <namhyung@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephane Eranian <eranian@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vince Weaver <vincent.weaver@maine.edu>
Cc: acme@kernel.org
Cc: jolsa@kernel.org
Cc: kan.liang@intel.com
Cc: mark.rutland@arm.com
Cc: will.deacon@arm.com
Cc: yao.jin@intel.com
Link: http://lkml.kernel.org/r/1495706947-3744-1-git-send-email-yao.jin@linux.intel.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Patrick Fay
|
9768e7af40 |
Perf: arm: disable perf_event_read during hotplug
core.c should not allow perf_event_read access during hotplug. DCVS may try to read events during hotplug startup or shutdown. Set a flag to not allow access during hotplug. Change-Id: I3c5f1f532d451a096d2d3ee976e0a15fca826e8b Signed-off-by: Patrick Fay <pfay@codeaurora.org> |
||
|
Linux Build Service Account
|
4088e8485d | Merge "perf/core: Compile out perf_cpu_hp_init when CONFIG_HOTPLUG is not set" into msm-4.9 | ||
|
Runmin Wang
|
b23f6d0662 |
perf/core: Compile out perf_cpu_hp_init when CONFIG_HOTPLUG is not set
Fix the compliation error when CONFIG_HOTPLUG is not defined. Change-Id: I0df48971429932f68181d615cabe16d68892ded2 Signed-off-by: Runmin Wang <runminw@codeaurora.org> |
||
|
Patrick Fay
|
5b65b16f3b |
perf: Add support for exclude_idle attribute
Enable the perf exclude_idle event attribute to avoid waking
possilby sleeping CPUS. The counter values are updated when CPU
enters idle. If the CPU is idle when perf reads the current
event value (of an exclude idle event) then the value from
when the CPU went idle is returned.
This commit supercedes the commits below. The context for the
commits below changed too much to enable cherry-picking.
commit 573979dee2a7 ("perf: Add support for exclude_idle attribute")
commit 54f6e4ae87be ("perf: Enable updating exclude_idle events
at idle")
commit 960dbb1751f3 ("perf: Skip permission checks on kernel owned
perf events")
Change-Id: Ib554c9fe106963ec1b42e72aeaf84fc73201bbb7
Signed-off-by: Patrick Fay <pfay@codeaurora.org>
|
||
|
Patrick Fay
|
b02d7648fb |
perf: enable perf to continue across hotplug
Currently perf hardware, software and tracepoint events are
deleted when a cpu is hotplugged out. This change restarts
the events after hotplug. In arm_pmu.c most of the code
for handline power collapse is reused for hotplug.
This change supercedes commit 1f0f95c5fe9e ("perf: add hotplug
support so that perf continues after hotplug") and uses the
new hotplug notification method.
Change-Id: Ia9de1c150558125e2da5f2c4354c268ce4b1154a
Signed-off-by: Patrick Fay <pfay@codeaurora.org>
|
||
|
Kyle Yan
|
4891f6a567 |
Merge remote-tracking branch '4.9/tmp-6bf53d4' into msm-4.9
* 4.9/tmp-6bf53d4: FROMLIST: net: ipv6: Add sysctl for minimum prefix len acceptable in RIOs Linux 4.9.18 ext4: fix fencepost in s_first_meta_bg validation drm/amdgpu/si: add dpm quirk for Oland cgroup/pids: remove spurious suspicious RCU usage warning percpu: acquire pcpu_lock when updating pcpu_nr_empty_pop_pages gfs2: Avoid alignment hole in struct lm_lockname isdn/gigaset: fix NULL-deref at probe target: Fix VERIFY_16 handling in sbc_parse_cdb scsi: libiscsi: add lock around task lists to fix list corruption regression scsi: lpfc: Add shutdown method for kexec target/pscsi: Fix TYPE_TAPE + TYPE_MEDIMUM_CHANGER export md/raid1/10: fix potential deadlock powerpc/boot: Fix zImage TOC alignment cpufreq: Fix and clean up show_cpuinfo_cur_freq() NFS prevent double free in async nfs4_exchange_id xprtrdma: Squelch kbuild sparse complaint perf/core: Fix event inheritance on fork() perf/core: Fix use-after-free in perf_release() parisc: Fix system shutdown halt parisc: Optimize flush_kernel_vmap_range and invalidate_kernel_vmap_range qla2xxx: Fix request queue corruption. qla2xxx: Fix memory leak for abts processing give up on gcc ilog2() constant optimizations drm/vc4: Use runtime autosuspend to avoid thrashing V3D power state. drm/vc4: Fix termination of the initial scan for branch targets. ANDROID: sdcardfs: Fix style issues in macros ANDROID: sdcardfs: Use seq_puts over seq_printf ANDROID: sdcardfs: Use to kstrout ANDROID: sdcardfs: Use pr_[...] instead of printk ANDROID: sdcardfs: remove unneeded null check ANDROID: sdcardfs: Fix style issues with comments ANDROID: sdcardfs: Fix formatting ANDROID: sdcardfs: correct order of descriptors ANDROID: fix the deadlock in xt_qtaguid when enable DDEBUG Change-Id: Iab1dd539faba7429e4cb76cc6bf9c325479b5f47 Signed-off-by: Kyle Yan <kyan@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
6bf53d4143 |
Merge 4.9.18 into android-4.9
Changes in 4.9.18: drm/vc4: Fix termination of the initial scan for branch targets. drm/vc4: Use runtime autosuspend to avoid thrashing V3D power state. give up on gcc ilog2() constant optimizations qla2xxx: Fix memory leak for abts processing qla2xxx: Fix request queue corruption. parisc: Optimize flush_kernel_vmap_range and invalidate_kernel_vmap_range parisc: Fix system shutdown halt perf/core: Fix use-after-free in perf_release() perf/core: Fix event inheritance on fork() xprtrdma: Squelch kbuild sparse complaint NFS prevent double free in async nfs4_exchange_id cpufreq: Fix and clean up show_cpuinfo_cur_freq() powerpc/boot: Fix zImage TOC alignment md/raid1/10: fix potential deadlock target/pscsi: Fix TYPE_TAPE + TYPE_MEDIMUM_CHANGER export scsi: lpfc: Add shutdown method for kexec scsi: libiscsi: add lock around task lists to fix list corruption regression target: Fix VERIFY_16 handling in sbc_parse_cdb isdn/gigaset: fix NULL-deref at probe gfs2: Avoid alignment hole in struct lm_lockname percpu: acquire pcpu_lock when updating pcpu_nr_empty_pop_pages cgroup/pids: remove spurious suspicious RCU usage warning drm/amdgpu/si: add dpm quirk for Oland ext4: fix fencepost in s_first_meta_bg validation Linux 4.9.18 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Peter Zijlstra
|
69efd8e212 |
perf/core: Fix event inheritance on fork()
commit e7cc4865f0f31698ef2f7aac01a50e78968985b7 upstream.
While hunting for clues to a use-after-free, Oleg spotted that
perf_event_init_context() can loose an error value with the result
that fork() can succeed even though we did not fully inherit the perf
event context.
Spotted-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Frederic Weisbecker <fweisbec@gmail.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephane Eranian <eranian@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vince Weaver <vincent.weaver@maine.edu>
Cc: oleg@redhat.com
Fixes:
|
||
|
Peter Zijlstra
|
c04a938229 |
perf/core: Fix use-after-free in perf_release()
commit e552a8389aa409e257b7dcba74f67f128f979ccc upstream.
Dmitry reported syzcaller tripped a use-after-free in perf_release().
After much puzzlement Oleg spotted the below scenario:
Task1 Task2
fork()
perf_event_init_task()
/* ... */
goto bad_fork_$foo;
/* ... */
perf_event_free_task()
mutex_lock(ctx->lock)
perf_free_event(B)
perf_event_release_kernel(A)
mutex_lock(A->child_mutex)
list_for_each_entry(child, ...) {
/* child == B */
ctx = B->ctx;
get_ctx(ctx);
mutex_unlock(A->child_mutex);
mutex_lock(A->child_mutex)
list_del_init(B->child_list)
mutex_unlock(A->child_mutex)
/* ... */
mutex_unlock(ctx->lock);
put_ctx() /* >0 */
free_task();
mutex_lock(ctx->lock);
mutex_lock(A->child_mutex);
/* ... */
mutex_unlock(A->child_mutex);
mutex_unlock(ctx->lock)
put_ctx() /* 0 */
ctx->task && !TOMBSTONE
put_task_struct() /* UAF */
This patch closes the hole by making perf_event_free_task() destroy the
task <-> ctx relation such that perf_event_release_kernel() will no longer
observe the now dead task.
Spotted-by: Oleg Nesterov <oleg@redhat.com>
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephane Eranian <eranian@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vince Weaver <vincent.weaver@maine.edu>
Cc: fweisbec@gmail.com
Cc: oleg@redhat.com
Fixes:
|
||
|
Kyle Yan
|
e682dcb145 |
Merge remote-tracking branch '4.9/tmp-0455ac9' into 4.9
* 4.9/tmp-0455ac9:
Linux 4.9.12
videodev2.h: go back to limited range Y'CbCr for SRGB and, ADOBERGB
bcache: Make gc wakeup sane, remove set_task_state()
ntb_transport: Pick an unused queue
ntb: ntb_perf missing dmaengine_unmap_put
NTB: ntb_transport: fix debugfs_remove_recursive
timekeeping: Use deferred printk() in debug code
printk: use rcuidle console tracepoint
PCI/PME: Restore pcie_pme_driver.remove
Revert "i2c: designware: detect when dynamic tar update is possible"
ARM: 8658/1: uaccess: fix zeroing of 64-bit get_user()
futex: Move futex_init() to core_initcall
drm/dp/mst: fix kernel oops when turning off secondary monitor
drm/radeon: Use mode h/vdisplay fields to hide out of bounds HW cursor
Input: elan_i2c - add ELAN0605 to the ACPI table
Fix missing sanity check in /dev/sg
scsi: don't BUG_ON() empty DMA transfers
powerpc/64: Disable use of radix under a hypervisor
mmc: core: fix multi-bit bus width without high-speed mode
fuse: fix uninitialized flags in pipe_buffer
fuse: fix use after free issue in fuse_dev_do_read()
siano: make it work again with CONFIG_VMAP_STACK
vfs: fix uninitialized flags in splice_to_pipe()
Linux 4.9.11
x86/fpu/xstate: Fix xcomp_bv in XSAVES header
tcp: don't annotate mark on control socket from tcp_v6_send_response()
net/mlx5: Don't unlock fte while still using it
tcp: fix mark propagation with fwmark_reflect enabled
igmp, mld: Fix memory leak in igmpv3/mld_del_delrec()
mld: do not remove mld souce list info when set link down
l2tp: do not use udp_ioctl()
net: dsa: Do not destroy invalid network devices
ping: fix a null pointer dereference
packet: round up linear to header len
net: introduce device min_header_len
sit: fix a double free on error path
lwtunnel: valid encap attr check should return 0 when lwtunnel is disabled
sctp: avoid BUG_ON on sctp_wait_for_sndbuf
mlx4: Invoke softirqs after napi_reschedule
catc: Use heap buffer for memory size test
catc: Combine failure cleanup code in catc_probe()
rtl8150: Use heap buffers for all register access
pegasus: Use heap buffers for all register access
macvtap: read vnet_hdr_size once
tun: read vnet_hdr_sz once
tcp: avoid infinite loop in tcp_splice_read()
ipv6: tcp: add a missing tcp_v6_restore_cb()
ip6_gre: fix ip6gre_err() invalid reads
netlabel: out of bound access in cipso_v4_validate()
ipv4: keep skb->dst around in presence of IP options
net: use a work queue to defer net_disable_timestamp() work
stmmac: Discard masked flags in interrupt status register
tcp: fix 0 divide in __tcp_select_window()
ipv6: pointer math error in ip6_tnl_parse_tlv_enc_lim()
ipv6: fix ip6_tnl_parse_tlv_enc_lim()
net/sched: matchall: Fix configuration race
net/mlx5e: Fix update of hash function/key via ethtool
can: Fix kernel panic at security_sock_rcv_skb
UPSTREAM: arm64: Disable PAN on uaccess_enable()
UPSTREAM: arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN
UPSTREAM: arm64: xen: Enable user access before a privcmd hvc call
UPSTREAM: arm64: Handle faults caused by inadvertent user access with PAN enabled
BACKPORT: arm64: Disable TTBR0_EL1 during normal kernel execution
BACKPORT: arm64: Introduce uaccess_{disable,enable} functionality based on TTBR0_EL1
UPSTREAM: arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro
UPSTREAM: arm64: Factor out PAN enabling/disabling into separate uaccess_* macros
UPSTREAM: cpufreq: schedutil: Add iowait boosting
UPSTREAM: cpufreq / sched: ignore SMT when determining max cpu capacity
BACKPORT: cpufreq / sched: Pass flags to cpufreq_update_util()
UPSTREAM: cpufreq: schedutil: map raw required frequency to driver frequency
UPSTREAM: cpufreq: governor: Create cpufreq_policy_apply_limits()
BACKPORT: cpufreq: governor: Get rid of governor events
UPSTREAM: cpufreq: schedutil: Improve prints messages with pr_fmt
BACKPORT: cpufreq: Call cpufreq_disable_fast_switch() in sugov_exit()
UPSTREAM: cpufreq: schedutil: Make default depend on CONFIG_SMP
UPSTREAM: cpufreq: schedutil: Make it depend on CONFIG_SMP
BACKPORT: cpufreq: schedutil: New governor based on scheduler utilization data
Linux 4.9.10
perf/core: Fix crash in perf_event_read()
perf diff: Fix segfault on 'perf diff -o N' option
perf diff: Fix -o/--order option behavior (again)
stacktrace, lockdep: Fix address, newline ugliness
IB/rxe: Fix mem_check_range integer overflow
IB/rxe: Fix resid update
x86/CPU/AMD: Fix Zen SMT topology
x86/CPU/AMD: Bring back Compute Unit ID
x86/mm/ptdump: Fix soft lockup in page table walker
Revert "ALSA: line6: Only determine control port properties if needed"
ALSA: seq: Don't handle loop timeout at snd_seq_pool_done()
ALSA: seq: Fix race at creating a queue
ALSA: hda - adding a new NV HDMI/DP codec ID in the driver
xen-netfront: Delete rx_refill_timer in xennet_disconnect_backend()
powerpc/powernv: Fix CPU hotplug to handle waking on HVI
powerpc/mm/radix: Update ERAT flushes when invalidating TLB
btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls
scsi: qla2xxx: Avoid that issuing a LIP triggers a kernel crash
scsi: mpt3sas: disable ASPM for MPI2 controllers
scsi: aacraid: Fix INTx/MSI-x issue with older controllers
scsi: zfcp: fix use-after-free by not tracing WKA port open/close on failed send
Drivers: hv: vmbus: finally fix hv_need_to_signal_on_read()
Drivers: hv: vmbus: On the read path cleanup the logic to interrupt the host
Drivers: hv: vmbus: On write cleanup the logic to interrupt the host
Drivers: hv: vmbus: Base host signaling strictly on the ring state
net/mlx5e: Modify TIRs hash only when it's needed
mac80211: Fix adding of mesh vendor IEs
nl80211: Fix mesh HT operation check
drm/i915: Always convert incoming exec offsets to non-canonical
ARM: 8642/1: LPAE: catch pending imprecise abort on unmask
ARM: dts: imx6dl: fix GPIO4 range
target: Fix COMPARE_AND_WRITE ref leak for non GOOD status
target: Fix multi-session dynamic se_node_acl double free OOPs
target: Fix early transport_generic_handle_tmr abort scenario
target: Use correct SCSI status during EXTENDED_COPY exception
target: Don't BUG_ON during NodeACL dynamic -> explicit conversion
drm/atomic: Fix double free in drm_atomic_state_default_clear
drm/i915/bxt: Add MST support when do DPLL calculation
drm/i915: fix use-after-free in page_flip_completed()
ARM: 8643/3: arm/ptrace: Preserve previous registers for short regset write
hns: avoid stack overflow with CONFIG_KASAN
ibmvscsis: Add SGL limit
mm/slub.c: fix random_seq offset destruction
cpumask: use nr_cpumask_bits for parsing functions
rtlwifi: rtl8192ce: Fix loading of incorrect firmware
Revert "x86/ioapic: Restore IO-APIC irq_chip retrigger callback"
selinux: fix off-by-one in setprocattr
Input: uinput - fix crash when mixing old and new init style
ARC: [arcompact] brown paper bag bug in unaligned access delay slot fixup
crypto: ccp - Fix double add when creating new DMA command
crypto: ccp - Fix DMA operations when IOMMU is enabled
crypto: qat - zero esram only for DH85x devices
crypto: qat - fix bar discovery for c62x
crypto: chcr - Check device is allocated before use
crypto: algif_aead - Fix kernel panic on list_del
dm rq: cope with DM device destruction while in dm_old_request_fn()
libnvdimm, pfn: fix memmap reservation size versus 4K alignment
libnvdimm, namespace: do not delete namespace-id 0
acpi, nfit: fix acpi_nfit_flush_probe() crash
cpufreq: intel_pstate: Disable energy efficiency optimization
ANDROID: ext4 crypto: Disables zeroing on truncation when there's no key
ANDROID: Refactor fs readpage/write tracepoints.
Conflicts:
arch/arm64/Kconfig
arch/arm64/include/asm/assembler.h
arch/arm64/include/asm/mmu_context.h
arch/arm64/include/asm/uaccess.h
arch/arm64/kernel/entry.S
arch/arm64/lib/clear_user.S
arch/arm64/lib/copy_from_user.S
arch/arm64/lib/copy_in_user.S
arch/arm64/lib/copy_to_user.S
arch/arm64/xen/hypercall.S
drivers/cpufreq/Kconfig
Change-Id: Ibd6d488060e080e2abaa34b0f038b4a3a3cfa44d
Signed-off-by: Kyle Yan <kyan@codeaurora.org>
|
||
|
Channagoud Kadabi
|
8810e5fa00 |
Merge remote-tracking branch 'origin/tmp-dcb6110' into 4.8
* origin/tmp-dcb6110:
ANDROID: goldfish_sync: 32 max cmds to save stack
ANDROID: sched/walt: use div_u64 instead of do_div
Linux 4.9.9
drm/i915/execlists: Reset RING registers upon resume
fs: break out of iomap_file_buffered_write on fatal signals
iw_cxgb4: set correct FetchBurstMax for QPs
x86/irq: Make irq activate operations symmetric
irqdomain: Avoid activating interrupts more than once
iio: health: max30100: fixed parenthesis around FIFO count check
iio: dht11: Use usleep_range instead of msleep for start signal
iio: health: afe4403: retrieve a valid iio_dev in suspend/resume
iio: health: afe4404: retrieve a valid iio_dev in suspend/resume
iio: adc: palmas_gpadc: retrieve a valid iio_dev in suspend/resume
staging: greybus: timesync: validate platform state callback
USB: serial: option: add device ID for HP lt2523 (Novatel E371)
usb: gadget: f_fs: Assorted buffer overflow checks.
usb: musb: Fix host mode error -71 regression
USB: Add quirk for WORLDE easykey.25 MIDI keyboard
USB: serial: pl2303: add ATEN device ID
USB: serial: qcserial: add Dell DW5570 QDL
KVM: x86: do not save guest-unsupported XSAVE state
dmaengine: cppi41: Fix oops in cppi41_runtime_resume
dmaengine: cppi41: Fix runtime PM timeouts with USB mass storage
perf/x86/intel/uncore: Clean up hotplug conversion fallout
HID: wacom: Fix poor prox handling in 'wacom_pl_irq'
HID: hid-lg: Fix immediate disconnection of Logitech Rumblepad 2
HID: usbhid: Quirk a AMI virtual mouse and keyboard with ALWAYS_POLL
iwlwifi: mvm: avoid crash on restart w/o reserved queues
iwlwifi: fix double hyphen in MODULE_FIRMWARE for 8000
pinctrl: intel: merrifield: Add missed check in mrfld_config_set()
pinctrl: baytrail: Debounce register is one per community
Revert "vring: Force use of DMA API for ARM-based systems with legacy devices"
Revert "bcma: init serial console directly from ChipCommon code"
percpu-refcount: fix reference leak during percpu-atomic transition
regulator: axp20x: AXP806: Fix dcdcb being set instead of dcdce
vhost: fix initialization for vq->is_le
mmc: sdhci: Ignore unexpected CARD_INT interrupts
cgroup: don't online subsystems before cgroup_name/path() are operational
can: bcm: fix hrtimer/tasklet termination in bcm op removal
tracing: Fix hwlat kthread migration
mm, fs: check for fatal signals in do_generic_file_read()
base/memory, hotplug: fix a kernel oops in show_valid_zones()
mm/memory_hotplug.c: check start_pfn in test_pages_in_a_zone()
cifs: initialize file_info_lock
zswap: disable changing params if init fails
svcrpc: fix oops in absence of krb5 module
NFSD: Fix a null reference case in find_or_create_lock_stateid()
powerpc/mm: Use the correct pointer when setting a 2MB pte
powerpc: Fix build failure with clang due to BUILD_BUG_ON()
powerpc: Add missing error check to prom_find_boot_cpu()
powerpc/eeh: Fix wrong flag passed to eeh_unfreeze_pe()
libata: Fix ATA request sense
libata: apply MAX_SEC_1024 to all CX1-JB*-HP devices
ata: sata_mv:- Handle return value of devm_ioremap.
perf/core: Fix PERF_RECORD_MMAP2 prot/flags for anonymous memory
perf/core: Fix use-after-free bug
crypto: arm64/aes-blk - honour iv_out requirement in CBC and CTR modes
crypto: api - Clear CRYPTO_ALG_DEAD bit before registering an alg
drm/nouveau/nv1a,nv1f/disp: fix memory clock rate retrieval
drm/nouveau/disp/gt215: Fix HDA ELD handling (thus, HDMI audio) on gt215
drm/amdgpu/si: fix crash on headless asics
pinctrl: baytrail: Add missing spinlock usage in byt_gpio_irq_handler
HID: cp2112: fix gpio-callback error handling
HID: cp2112: fix sleep-while-atomic
xtensa: fix noMMU build on cores with MMU
efi/fdt: Avoid FDT manipulation after ExitBootServices()
x86/efi: Always map the first physical page into the EFI pagetables
ext4: validate s_first_meta_bg at mount time
PCI/ASPM: Handle PCI-to-PCIe bridges as roots of PCIe hierarchies
ANDROID: sched: Add Kconfig option DEFAULT_USE_ENERGY_AWARE to set ENERGY_AWARE feature flag
ANDROID: goldfish_sync: Fix sync_file_obj is NULL but dereferenced problem
ANDROID: goldfish_sync: Isolate single module to fix compilation
ANDROID: goldfish_sync: update defconfig for 4.9-compatible version
ANDROID: goldfish_sync: upgrade to new fence sync api
Linux 4.9.8
xfs: fix bmv_count confusion w/ shared extents
xfs: clear _XBF_PAGES from buffers when readahead page
xfs: extsize hints are not unlikely in xfs_bmap_btalloc
xfs: remove racy hasattr check from attr ops
xfs: verify dirblocklog correctly
xfs: fix COW writeback race
xfs: fix xfs_mode_to_ftype() prototype
xfs: don't wrap ID in xfs_dq_get_next_id
xfs: sanity check inode di_mode
xfs: sanity check inode mode when creating new dentry
xfs: replace xfs_mode_to_ftype table with switch statement
xfs: add missing include dependencies to xfs_dir2.h
xfs: sanity check directory inode di_size
xfs: make the ASSERT() condition likely
xfs: don't print warnings when xfs_log_force fails
xfs: don't rely on ->total in xfs_alloc_space_available
xfs: adjust allocation length in xfs_alloc_space_available
xfs: fix bogus minleft manipulations
xfs: bump up reserved blocks in xfs_alloc_set_aside
net: dsa: Bring back device detaching in dsa_slave_suspend()
lwtunnel: Fix oops on state free after encap module unload
net: Specify the owning module for lwtunnel ops
qmi_wwan/cdc_ether: add device ID for HP lt2523 (Novatel E371) WWAN card
af_unix: move unix_mknod() out of bindlock
r8152: don't execute runtime suspend if the tx is not empty
net: mpls: Fix multipath selection for LSR use case
bridge: netlink: call br_changelink() during br_dev_newlink()
net/mlx5e: Do not recycle pages from emergency reserve
tcp: initialize max window for a new fastopen socket
ipv6: addrconf: Avoid addrconf_disable_change() using RCU read-side lock
lwtunnel: fix autoload of lwt modules
net: phy: bcm63xx: Utilize correct config_intr function
net: fix harmonize_features() vs NETIF_F_HIGHDMA
vxlan: fix byte order of vxlan-gpe port number
virtio-net: restore VIRTIO_HDR_F_DATA_VALID on receiving
virtio: don't set VIRTIO_NET_HDR_F_DATA_VALID on xmit
net sched actions: fix refcnt when GETing of action after bind
ax25: Fix segfault after sock connection timeout
ip6_tunnel: Account for tunnel header in tunnel MTU
ravb: do not use zero-length alignment DMA descriptor
mlx4: do not call napi_schedule() without care
openvswitch: maintain correct checksum state in conntrack actions
tcp: fix tcp_fastopen unaligned access complaints on sparc
net: systemport: Decouple flow control from __bcm_sysport_tx_reclaim
net: ipv4: fix table id in getroute response
net: lwtunnel: Handle lwtunnel_fill_encap failure
mlxsw: pci: Fix EQE structure definition
mlxsw: switchx2: Fix memory leak at skb reallocation
mlxsw: spectrum: Fix memory leak at skb reallocation
netvsc: add rcu_read locking to netvsc callback
r8152: fix the sw rx checksum is unavailable
FROMLIST: 9p: fix a potential acl leak
ANDROID: sched/walt: use do_div instead of division operator
ANDROID: sched: fix wrong truncation of walt_avg
ANDROID: arm: Fix #if/#ifdef typo in topology.c
ANDROID: arm: Fix build error "conflicting types for 'scale_cpu_capacity'"
ANDROID: net: ipv6: remove unused variable ifindex in
ANDROID: DEBUG: cpufreq: fix cpu_capacity tracing build for non-smp systems
ANDROID: arm: topology: Define TC2 energy and provide it to the scheduler
ANDROID: binder: fix format specifier for type binder_size_t
Linux 4.9.7
drm/i915: Remove WaDisableLSQCROPERFforOCL KBL workaround.
perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race
mm, memcg: do not retry precharge charges
platform/x86: intel_mid_powerbtn: Set IRQ_ONESHOT
platform/x86: mlx-platform: free first dev on error
virtio_mmio: Set DMA masks appropriately
memory_hotplug: make zone_can_shift() return a boolean value
pinctrl: baytrail: Rectify debounce support
pinctrl: uniphier: fix Ethernet (RMII) pin-mux setting for LD20
pinctrl: broxton: Use correct PADCFGLOCK offset
s5k4ecgx: select CRC32 helper
IB/rxe: Prevent from completer to operate on non valid QP
IB/rxe: Fix rxe dev insertion to rxe_dev_list
IB/umem: Release pid in error and ODP flow
drm/i915: Check for NULL atomic state in intel_crtc_disable_noatomic()
drm/i915: Fix calculation of rotated x and y offsets for planar formats
drm/i915: Don't init hpd polling for vlv and chv from runtime_suspend()
drm/i915: Don't leak edid in intel_crt_detect_ddc()
drm/i915: prevent crash with .disable_display parameter
drm/i915: Clear ret before unbinding in i915_gem_evict_something()
v4l: tvp5150: Don't override output pinmuxing at stream on/off time
v4l: tvp5150: Fix comment regarding output pin muxing
v4l: tvp5150: Reset device at probe time, not in get/set format handlers
pctv452e: move buffer to heap, no mutex
iw_cxgb4: free EQ queue memory on last deref
SUNRPC: cleanup ida information when removing sunrpc module
NFSv4.0: always send mode in SETATTR after EXCLUSIVE4
NFSv4.1: Fix a deadlock in layoutget
nfs: Don't increment lock sequence ID after NFS4ERR_MOVED
parisc: Don't use BITS_PER_LONG in userspace-exported swab.h header
ARC: [arcompact] handle unaligned access delay slot corner case
ARC: udelay: fix inline assembler by adding LP_COUNT to clobber list
can: ti_hecc: add missing prepare and unprepare of the clock
can: c_can_pci: fix null-pointer-deref in c_can_start() - set device pointer
IB/srp: fix invalid indirect_sg_entries parameter value
IB/srp: fix mr allocation when the device supports sg gaps
IB/iser: Fix sg_tablesize calculation
IB/cxgb3: fix misspelling in header guard
s390/ptrace: Preserve previous registers for short regset write
s390/mm: Fix cmma unused transfer from pgste into pte
RDMA/cma: Fix unknown symbol when CONFIG_IPV6 is not enabled
Btrfs: remove ->{get, set}_acl() from btrfs_dir_ro_inode_operations
Btrfs: disable xattr operations on subvolume directories
Btrfs: remove old tree_root case in btrfs_read_locked_inode()
ISDN: eicon: silence misleading array-bounds warning
xfs: prevent quotacheck from overloading inode lru
sysctl: fix proc_doulongvec_ms_jiffies_minmax()
userns: Make ucounts lock irq-safe
vring: Force use of DMA API for ARM-based systems with legacy devices
mm, page_alloc: fix premature OOM when racing with cpuset mems update
mm, page_alloc: move cpuset seqcount checking to slowpath
mm, page_alloc: fix fast-path race with cpuset update or removal
mm, page_alloc: fix check for NULL preferred_zone
mm/mempolicy.c: do not put mempolicy before using its nodemask
mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp
drm/atomic: clear out fence when duplicating state
Revert "drm/radeon: always apply pci shutdown callbacks"
drm/vc4: fix a bounds check
drm/vc4: Return -EINVAL on the overflow checks failing.
drm/vc4: Fix an integer overflow in temporary allocation layout.
drm/vc4: Fix memory leak of the CRTC state.
drm/i915: Ignore bogus plane coordinates on SKL when the plane is not visible
drm: Fix broken VT switch with video=1366x768 option
drm: Schedule the output_poll_work with 1s delay if we have delayed event
tile/ptrace: Preserve previous registers for short regset write
fbdev: color map copying bounds checking
ANDROID: sched/walt: Drop arch-specific timer access
ANDROID: sched/walt: include missing header for arm_timer_read_counter()
ANDROID: fs: Export vfs_rmdir2
ANDROID: fs: Export free_fs_struct and set_fs_pwd
ANDROID: cpufreq: interactive: Use idle-end notifiers
FROMLIST: cpufreq: Add android's 'interactive' governor
ANDROID: cpufreq: conservative: fix duplicate 'static' error
ANDROID: sdcardfs: eliminate the offset argument to ->direct_IO
ANDROID: sdcardfs: make it use new .rename i_op
ANDROID: sdcardfs: Propagate dentry down to inode_change_ok()
ANDROID: sdcardfs: get rid of 'parent' argument of ->d_compare()
ANDROID: sdcardfs: add parent pointer into dentry name hash
ANDROID: sdcardfs: use wrappers to access i_mutex
ANDROID: mnt: remount should propagate to slaves of slaves
ANDROID: sdcardfs: Fix locking issue with permision fix up
ANDROID: sdcardfs: Switch ->d_inode to d_inode()
ANDROID: sdcardfs: Change magic value
ANDROID: sdcardfs: Use per mount permissions
ANDROID: sdcardfs: Add gid and mask to private mount data
ANDROID: sdcardfs: User new permission2 functions
ANDROID: vfs: Add permission2 for filesystems with per mount permissions
ANDROID: vfs: Add setattr2 for filesystems with per mount permissions
ANDROID: vfs: Allow filesystems to access their private mount data
ANDROID: mnt: Add filesystem private data to mount points
ANDROID: sdcardfs: Move directory unlock before touch
ANDROID: sdcardfs: fix external storage exporting incorrect uid
ANDROID: sdcardfs: Added top to sdcardfs_inode_info
ANDROID: sdcardfs: Switch package list to RCU
ANDROID: sdcardfs: Fix locking for permission fix up
ANDROID: sdcardfs: Check for other cases on path lookup
ANDROID: sdcardfs: override umask on mkdir and create
ANDROID: sched/debug: Add energy procfs interface
ANDROID: cpufreq: sched: Fix kernel crash on accessing sysfs file
ANDROID: FIXUP: sched/tune: add fixes missing from a previous patch
ANDROID: sched: tune: Fix lacking spinlock initialization
ANDROID: cgroup: Remove leftover instances of allow_attach
ANDROID: FIXUP: sched: scheduler-driven cpu frequency selection
ANDROID: sched/rt: Add Kconfig option to enable panicking for RT throttling
ANDROID: sched/rt: print RT tasks when RT throttling is activated
ANDROID: sched/fair: Favor higher cpus only for boosted tasks
ANDROID: sched/fair: call OPP update when going idle after migration
ANDROID: sched/cpufreq_sched: fix thermal capping events
ANDROID: sched/fair: Picking cpus with low OPPs for tasks that prefer idle CPUs
ANDROID: FIXUP: sched/tune: do initialization as a postcore_initicall
ANDROID: DEBUG: sched: add tracepoint for RD overutilized
ANDROID: sched/tune: Introducing a new schedtune attribute prefer_idle
ANDROID: sched: use util instead of capacity to select busy cpu
ANDROID: arch_timer: add error handling when the MPM global timer is cleared
ANDROID: FIXUP: sched: Fix double-release of spinlock in move_queued_task
ANDROID: FIXUP: sched/fair: Fix hang during suspend in sched_group_energy
ANDROID: FIXUP: sched: fix SchedFreq integration for both PELT and WALT
ANDROID: sched: EAS: Avoid causing spikes to max-freq unnecessarily
ANDROID: FIXUP: sched: fix set_cfs_cpu_capacity when WALT is in use
ANDROID: sched/walt: Accounting for number of irqs pending on each core
ANDROID: sched: Introduce Window Assisted Load Tracking (WALT)
ANDROID: sched/tune: fix PB and PC cuts indexes definition
ANDROID: sched/fair: optimize idle cpu selection for boosted tasks
ANDROID: FIXUP: sched/tune: fix accounting for runnable tasks
ANDROID: sched/tune: use a single initialisation function
ANDROID: FIXUP: sched/tune: fix payoff calculation for boost region
ANDROID: sched/tune: Add support for negative boost values
ANDROID: FIX: sched/tune: move schedtune_nornalize_energy into fair.c
ANDROID: FIX: sched/tune: update usage of boosted task utilisation on CPU selection
ANDROID: sched/fair: add tunable to set initial task load
ANDROID: sched/fair: add tunable to force selection at cpu granularity
ANDROID: sched: EAS: take cstate into account when selecting idle core
ANDROID: sched/cpufreq_sched: Consolidated update
ANDROID: FIXUP: sched: fix build for non-SMP target
ANDROID: DEBUG: sched/tune: add tracepoint on P-E space filtering
ANDROID: DEBUG: sched/tune: add tracepoint for energy_diff() values
ANDROID: DEBUG: sched/tune: add tracepoint for task boost signal
CHROMIUM: sched: update the average of nr_running
ANDROID: DEBUG: schedtune: add tracepoint for schedtune_tasks_update() values
ANDROID: DEBUG: schedtune: add tracepoint for CPU boost signal
ANDROID: DEBUG: schedtune: add tracepoint for SchedTune configuration update
ANDROID: DEBUG: sched,cpufreq: add cpu_capacity change tracepoint
ANDROID: DEBUG: sched: add tracepoint for CPU load/util signals
ANDROID: DEBUG: sched: add tracepoint for task load/util signals
ANDROID: DEBUG: sched: add tracepoint for cpu/freq scale invariance
ANDROID: sched/fair: filter energy_diff() based on energy_payoff value
ANDROID: sched/tune: add support to compute normalized energy
ANDROID: sched/fair: keep track of energy/capacity variations
ANDROID: sched/fair: add boosted task utilization
ANDROID: sched/{fair,tune}: track RUNNABLE tasks impact on per CPU boost value
ANDROID: sched/tune: compute and keep track of per CPU boost value
ANDROID: sched/tune: add initial support for CGroups based boosting
ANDROID: sched/fair: add boosted CPU usage
ANDROID: sched/fair: add function to convert boost value into "margin"
ANDROID: sched/tune: add sysctl interface to define a boost value
ANDROID: sched/tune: add detailed documentation
ANDROID: fixup! sched: scheduler-driven cpu frequency selection
ANDROID: sched: remove call of sched_avg_update from sched_rt_avg_update
ANDROID: sched/cpufreq_sched: add trace events
ANDROID: sched/fair: jump to max OPP when crossing UP threshold
ANDROID: sched/fair: cpufreq_sched triggers for load balancing
ANDROID: sched/{core,fair}: trigger OPP change request on fork()
ANDROID: sched/fair: add triggers for OPP change requests
ANDROID: sched: scheduler-driven cpu frequency selection
ANDROID: cpufreq: introduce cpufreq_driver_is_slow
ANDROID: sched: Add group_misfit_task load-balance type
ANDROID: sched: Add per-cpu max capacity to sched_group_capacity
ANDROID: sched: Do eas idle balance regardless of the rq avg idle value
ANDROID: arm64: Enable max freq invariant scheduler load-tracking and capacity support
ANDROID: arm: Enable max freq invariant scheduler load-tracking and capacity support
ANDROID: sched: Update max cpu capacity in case of max frequency constraints
ANDROID: cpufreq: Max freq invariant scheduler load-tracking and cpu capacity support
ANDROID: sched: Disable energy-unfriendly nohz kicks
ANDROID: sched: Consider a not over-utilized energy-aware system as balanced
ANDROID: sched: Energy-aware wake-up task placement
ANDROID: sched: Determine the current sched_group idle-state
ANDROID: sched, cpuidle: Track cpuidle state index in the scheduler
ANDROID: sched: Add over-utilization/tipping point indicator
ANDROID: sched: Estimate energy impact of scheduling decisions
ANDROID: sched: Extend sched_group_energy to test load-balancing decisions
ANDROID: sched: Calculate energy consumption of sched_group
ANDROID: sched: Highest energy aware balancing sched_domain level pointer
ANDROID: sched: Relocated cpu_util() and change return type
ANDROID: sched: Compute cpu capacity available at current frequency
ANDROID: sched: Support for extracting EAS energy costs from DT
ANDROID: arm64, topology: Updates to use DT bindings for EAS costing data
ANDROID: arm64: Cpu invariant scheduler load-tracking and capacity support
ANDROID: arm: Cpu invariant scheduler load-tracking and capacity support
ANDROID: sched: Introduce SD_SHARE_CAP_STATES sched_domain flag
ANDROID: sched: Initialize energy data structures
ANDROID: sched: Make energy awareness a sched feature
ANDROID: sched: Documentation for scheduler energy cost model
ANDROID: sched: Prevent unnecessary active balance of single task in sched group
ANDROID: sched: Enable idle balance to pull single task towards cpu with higher capacity
ANDROID: sched: Consider spare cpu capacity at task wake-up
ANDROID: sched: Add cpu capacity awareness to wakeup balancing
ANDROID: arm: Update arch_scale_cpu_capacity() to reflect change to define
ANDROID: arm64: Enable frequency invariant scheduler load-tracking support
ANDROID: arm: Enable frequency invariant scheduler load-tracking support
ANDROID: cpufreq: Frequency invariant scheduler load-tracking support
ANDROID: [CPUFREQ] Don't export governors for default governor
ANDROID: kernel/configs: recommended: CONFIG_ARM64_SW_TTBR0_PAN=y
ANDROID: kernel/configs: base: Enable QUOTA related configs
ANDROID: kernel/configs: recommended: Enable MEMORY_STATE_TIME
FROMLIST: config: android-base: enable hardened usercopy and kernel ASLR
FROMLIST: config: android-recommended: disable aio support
ANDROID: kernel/configs: recommended: enable fstack-protector-strong
ANDROID: kernel/configs: base: enable UID_CPUTIME
ANDROID: kernel/configs: base: restrict access to perf events
ANDROID: configs: base: enable configfs gadget functions
ANDROID: configs: merge AOSP config fragments
ANDROID: Implement memory_state_time, used by qcom,cpubw
ANDROID: dm: rebase for 4.9
ANDROID: usb: otg-wakelock: Remove wakelock.h dependencies
ANDROID: gpio_matrix: Remove wakelock.h dependencies
ANDROID: fiq_debugger: Remove wakelock.h dependencies
UPSTREAM: net: socket: don't set sk_uid to garbage value in ->setattr()
ANDROID: trace: net: use %pK for kernel pointers
UPSTREAM: net: ipv4: Don't crash if passing a null sk to ip_rt_update_pmtu.
UPSTREAM: net: inet: Support UID-based routing in IP protocols.
UPSTREAM: net: core: add UID to flows, rules, and routes
UPSTREAM: net: core: Add a UID field to struct sock.
ANDROID: fs: FS tracepoints to track IO.
ANDROID: MMC/UFS IO Latency Histograms.
CHROMIUM: fix warning when releasing active sync point
ANDROID: goldfish_pipe: fix allmodconfig build
ANDROID: goldfish: goldfish_pipe: fix locking errors
ANDROID: goldfish_pipe: fix call_kern.cocci warnings
ANDROID: goldfish_pipe: An implementation of more parallel pipe
ANDROID: goldfish_pipe: bugfixes and performance improvements.
ANDROID: goldfish: disable GOLDFISH_SYNC
ANDROID: goldfish: enable CONFIG_INET_DIAG_DESTROY
ANDROID: build: fix build config kernel_dir
ANDROID: dm verity: add minimum prefetch size
ANDROID: build: add build server configs for goldfish
UPSTREAM: trace: Update documentation for mono, mono_raw and boot clock
UPSTREAM: trace: Add an option for boot clock as trace clock
UPSTREAM: timekeeping: Add a fast and NMI safe boot clock
ANDROID: video: goldfishfb: fix platform_no_drv_owner.cocci warnings
ANDROID: arm64: rename ranchu defconfig to ranchu64
ANDROID: arch: x86: disable pic for Android toolchain
ANDROID: goldfish: Add goldfish sync driver
ANDROID: goldfish: add ranchu defconfigs
ANDROID: goldfish_audio: Clear audio read buffer status after each read
ANDROID: goldfish_events: no extra EV_SYN; register goldfish
ANDROID: goldfish_fb: Set pixclock = 0
ANDROID: goldfish: Enable ACPI-based enumeration for goldfish audio
ANDROID: goldfish: Enable ACPI-based enumeration for goldfish framebuffer
ANDROID: video: goldfishfb: add devicetree bindings
ANDROID: usb: gadget: function: cleanup: Add blank line after declaration
ANDROID: usb: gadget: f_mtp: simplify ptp NULL pointer check
ANDROID: usb: gadget: audio_source: fix comparison of distinct pointer types
ANDROID: binder: support for file-descriptor arrays.
ANDROID: binder: support for scatter-gather.
ANDROID: binder: add extra size to allocator.
ANDROID: binder: refactor binder_transact()
ANDROID: binder: support multiple /dev instances.
ANDROID: binder: deal with contexts in debugfs.
ANDROID: binder: support multiple context managers.
ANDROID: binder: split flat_binder_object.
ANDROID: [RFC]cgroup: Change from CAP_SYS_NICE to CAP_SYS_RESOURCE for cgroup migration permissions
CHROMIUM: cgroups: relax permissions on moving tasks between cgroups
ANDROID: dm: android-verity: Remove fec_header location constraint
ANDROID: fiq_debugger: Pass task parameter to unwind_frame()
ANDROID: input: keyreset: switch to orderly_reboot
ANDROID: cpuset: Make cpusets restore on hotplug
ANDROID: Don't show empty tag stats for unprivileged uids
ANDROID: dm: android-verity: Allow android-verity to be compiled as an independent module
ANDROID: dm-verity: adopt changes made to dm callbacks
ANDROID: dm verity fec: pack the fec_header structure
ANDROID: dm: android-verity: Verify header before fetching table
ANDROID: dm: allow adb disable-verity only in userdebug
ANDROID: dm: mount as linear target if eng build
ANDROID: dm: use default verity public key
ANDROID: dm: fix signature verification flag
ANDROID: dm: use name_to_dev_t
ANDROID: dm: rename dm-linear methods for dm-android-verity
ANDROID: dm: Minor cleanup
ANDROID: dm: Mounting root as linear device when verity disabled
ANDROID: dm-android-verity: Rebase on top of 4.1
ANDROID: dm: Add android verity target
ANDROID: dm: fix dm_substitute_devices()
ANDROID: dm: Rebase on top of 4.9
CHROMIUM: dm: boot time specification of dm=
ANDROID: usb: gadget: f_accessory: remove duplicate endpoint alloc
ANDROID: sdcardfs: fix itnull.cocci warnings
ANDROID: sdcardfs: Truncate packages_gid.list on overflow
ANDROID: netfilter: xt_quota2: make quota2_log work well
ANDROID: cpu: send KOBJ_ONLINE event when enabling cpus
ANDROID: dm verity fec: initialize recursion level
ANDROID: dm verity fec: add missing release from fec_ktype
ANDROID: dm verity fec: limit error correction recursion
FROMLIST: security,perf: Allow further restriction of perf_event_open
ANDROID: ARM64: Ignore Image-dtb from git point of view
ANDROID: arm64: add option to build Image-dtb
ANDROID: usb: gadget: f_midi: set fi->f to NULL when free f_midi function
ANDROID: xt_qtaguid: Fix panic caused by processing non-full socket.
ANDROID: fiq_debugger: Add fiq_debugger.disable option
FROMLIST: wlcore: Disable filtering in AP role
ANDROID: fiq_debugger: Add option to apply uart overlay by FIQ_DEBUGGER_UART_OVERLAY
ANDROID: usb: dual-role: make stub functions inline
ANDROID: quick selinux support for tracefs
ANDROID: xt_qtaguid: Fix panic caused by synack processing
ANDROID: fuse: Add support for d_canonical_path
ANDROID: vfs: change d_canonical_path to take two paths
ANDROID: netfilter: xt_qtaguid: seq_printf fixes
ANDROID: mmc: Add CONFIG_MMC_SIMULATE_MAX_SPEED
ANDROID: dm verity fec: add sysfs attribute fec/corrected
ANDROID: mm: Export do_munmap
ANDROID: sdcardfs: remove unneeded __init and __exit
ANDROID: sdcardfs: Remove unused code
ANDROID: fs: Export d_absolute_path
ANDROID: sdcardfs: remove effectless config option
ANDROID: inotify: Fix erroneous update of bit count
ANDROID: fs: sdcardfs: Declare LOOKUP_CASE_INSENSITIVE unconditionally
ANDROID: trace: cpufreq: fix typo in min/max cpufreq
ANDROID: sdcardfs: Add support for d_canonical_path
ANDROID: vfs: add d_canonical_path for stacked filesystem support
ANDROID: sdcardfs: Bring up to date with Android M permissions:
ANDROID: Changed type-casting in packagelist management
ANDROID: Port of sdcardfs to 4.4
ANDROID: Included sdcardfs source code for kernel 3.0
ANDROID: usb: gadget: Add support for MTP OS desc
CHROMIUM: usb: gadget: f_accessory: add .raw_request callback
CHROMIUM: usb: gadget: audio_source: add .free_func callback
CHROMIUM: usb: gadget: f_mtp: fix usb_ss_ep_comp_descriptor
CHROMIUM: usb: gadget: f_mtp: Add SuperSpeed support
ANDROID: dm-crypt: run in a WQ_HIGHPRI workqueue
ANDROID: power: Provide dummy log_suspend_abort_reason() if SUSPEND is disabled
ANDROID: PM / suspend: Add dependency on RTC_LIB
ANDROID: net: pppolac/pppopns: Replace msg.msg_iov with iov_iter_kvec()
ANDROID: mmc: sdio: Disable retuning in sdio_reset_comm()
ANDROID: kernel/watchdog: fix unused variable warning
ANDROID: usb: gadget: f_mtp: don't use le16 for u8 field
ANDROID: lowmemorykiller: fix declaration order warnings
ANDROID: mmc: move to a SCHED_FIFO thread
ANDROID: skip building drivers as modules
ANDROID: wakeup: Add the guard condition for len in pm_get_active_wakeup_sources
ANDROID: goldfish: pipe: fix platform_no_drv_owner.cocci warnings
ANDROID: epoll: use freezable blocking call
ANDROID: Fix for in kernel emergency remount when loop mounts are used
ANDROID: kbuild: Makefile.clean: make Kbuild and Makefile optional
ANDROID: kbuild: make it possible to specify the module output dir
ANDROID: ext4: Add support for FIDTRIM, a best-effort ioctl for deep discard trim
ANDROID: hardlockup: detect hard lockups without NMIs using secondary cpus
ANDROID: rtc-palmas: correct for bcd year
ANDROID: w1: ds2482: Manage SLPZ pin sleep state
ANDROID: fuse: Freeze client on suspend when request sent to userspace
ANDROID: serial_core: Add wake_peer uart operation
ANDROID: mm: add a field to store names for private anonymous memory
ANDROID: pstore/ram: Add ramoops_console_write_buf api
ANDROID: pstore: Update Documentation/android.txt
ANDROID: initramfs: Add skip_initramfs command line option
ANDROID: of: Fix build warnings
ANDROID: of: fix CONFIG_CMDLINE_EXTEND
ANDROID: ARM64: copy CONFIG_CMDLINE_EXTEND from ARM
ANDROID: of: Support CONFIG_CMDLINE_EXTEND config option
ANDROID: ARM: decompressor: Flush tlb before swiching domain 0 to client mode
ANDROID: ARM64: add option to build Image.gz/dtb combo
ANDROID: ARM: convert build of appended dtb zImage to list of dtbs
ANDROID: ARM: add config option to build zImage/dtb combo
ANDROID: ARM: Fix dtb list when DTB_IMAGE_NAMES is empty
ANDROID: arm64: pass return address to dma_common_contiguous_remap
ANDROID: arch: arm64: force -fno-pic
ANDROID: arm64: process: dump memory around registers when displaying regs
ANDROID: arm64: check for upper PAGE_SHIFT bits in pfn_valid()
ANDROID: ARM: fault: assume no context when IRQs are disabled during data abort.
ANDROID: ARM: Fix "Make low-level printk work" to use a separate config option
ANDROID: ARM: add option to flush console before reboot
ANDROID: ARM: Make low-level printk work
ANDROID: Optionally flush entire dcache from v6_dma_flush_range
ANDROID: process: Add display of memory around registers when displaying regs.
ANDROID: security: Add proper checks for Android specific capability checks
ANDROID: uid_cputime: skip power reporting per uid for now
ANDROID: uid_cputime: Check for the range while removing range of UIDs.
ANDROID: uid_cputime: Iterates over all the threads instead of processes.
ANDROID: uid_cputime: fix cputime overflow
ANDROID: uid_cputime: Avoids double accounting of process stime, utime and cpu_power in task exit.
ANDROID: uid_cputime: Extends the cputime functionality to report power per uid
ANDROID: proc: uid_cputime: fix show_uid_stat permission
ANDROID: proc: uid_cputime: create uids from kuids
ANDROID: proc: uid: Adds accounting for the cputimes per uid.
ANDROID: fixup! proc: make oom adjustment files user read-only
ANDROID: proc: make oom adjustment files user read-only
ANDROID: proc: smaps: Allow smaps access for CAP_SYS_RESOURCE
ANDROID: wakeup_reason: use vsnprintf instead of snsprintf for vargs.
ANDROID: power: wakeup_reason: fix suspend time reporting
ANDROID: wakeup: Add last wake up source logging for suspend abort reason.
ANDROID: Power: Report suspend times from last_suspend_time
ANDROID: Make suspend abort reason logging depend on CONFIG_PM_SLEEP
ANDROID: power: Add check_wakeup_reason() to verify wakeup source irq
ANDROID: power: Adds functionality to log the last suspend abort reason.
ANDROID: power: Avoids bogus error messages for the suspend aborts.
ANDROID: power: Add property CHARGE_COUNTER_EXT and 64-bit precision properties
ANDROID: Power: Changes the permission to read only for sysfs file /sys/kernel/wakeup_reasons/last_resume_reason
ANDROID: power: wakeup_reason: rename irq_count to irqcount
ANDROID: Power: Add guard condition for maximum wakeup reasons
ANDROID: POWER: fix compile warnings in log_wakeup_reason
ANDROID: Power: add an API to log wakeup reasons
ANDROID: PM / Suspend: Print wall time at suspend entry and exit
ANDROID: power: power_supply: add POWER_SUPPLY_PROP_CHARGE_ENABLED
ANDROID: power: power_supply: add POWER_SUPPLY_PROP_USB_OTG
ANDROID: power: power_supply: move POWER_SUPPLY_PROP_USB_HC to type 'int' order
ANDROID: power_supply: Add custom property for USB High Current mode
ANDROID: trace: power: add trace_clock_set_parent
ANDROID: trace: cpufreq: Add tracing for min/max cpufreq
ANDROID: trace: fix compilation for 4.1
ANDROID: trace/events: fix gpu event timestamp formatting
ANDROID: trace: add non-hierarchical function_graph option
ANDROID: trace: Add an option to show tgids in trace output
ANDROID: trace/events: add gpu trace events
ANDROID: sync: add Documentation/sync.txt
ANDROID: ARM: Call idle notifiers
ANDROID: Move x86_64 idle notifiers to generic
ANDROID: cpuidle: governor: menu: don't use loadavg
ANDROID: sched: add sched blocked tracepoint which dumps out context of sleep.
ANDROID: sched: Enable might_sleep before initializing drivers.
ANDROID: fiq_debugger: Build fixes for 4.1
ANDROID: fiq_debugger: Add fiq_watchdog_triggered api
ANDROID: fiq_debugger: Call fiq_debugger_printf through a function pointer from cpu specific code
ANDROID: fiq_debugger: add ARM64 support
ANDROID: fiq_debugger: split arm support into fiq_debugger_arm.c
ANDROID: fiq_debugger: use pt_regs for registers
ANDROID: fiq_debugger: allow compiling without CONFIG_FIQ_GLUE
ANDROID: fiq_debugger: rename debug->fiq_debugger
ANDROID: fiq_debugger: move into drivers/staging/android/fiq_debugger/
ANDROID: ARM: fiq_glue: Add custom fiq return handler api.
ANDROID: ARM: kgdb: ignore breakpoint instructions from user mode
ANDROID: ARM: fiq_debugger: Update tty code for 3.9
ANDROID: ARM: fiq_debugger: Use kmsg_dumper to dump kernel logs
ANDROID: ARM: fiq_debugger: Fix to compile on 3.7
ANDROID: ARM: fiq_debugger: fix uninitialised spin_lock.
ANDROID: ARM: fiq_debugger: lock between tty and console writes
ANDROID: ARM: fiq_debugger: add process context reboot command
ANDROID: ARM: fiq_debugger: fix multiple consoles and make it a preferred console
ANDROID: kdb: support new lines without carriage returns
ANDROID: ARM: fiq_debugger: add support for kgdb
ANDROID: ARM: fiq_debugger: add debug_putc
ANDROID: ARM: fiq_debugger: add support for reboot commands
ANDROID: ARM: fiq_debugger: fix compiling for v3.3
ANDROID: ARM: Add generic fiq serial debugger
ANDROID: ARM: Add fiq_glue
ANDROID: fix false disconnect due to a signal sent to the reading process
ANDROID: usb: gadget: cleanup: fix unused variable and function warnings
ANDROID: usb: gadget: build audio_source function only if SND is enabled
ANDROID: usb: gadget: configfs: handle gadget reset request for android
ANDROID: usb: gadget: create F_midi device
ANDROID: usb: gadget: Add device attribute to determine gadget state
ANDROID: usb: phy: fix dual role sysfs build if kernel modules are supported
ANDROID: usb: phy: Dual role sysfs class definition
ANDROID: usb: gadget: fix NULL ptr derefer while symlinking PTP func
ANDROID: usb:gadget:Add "state" attribute to android_device
ANDROID: usb: gadget: Do not disconnect unregistered dev
ANDROID: usb: gadget: Relocate f_accessory
ANDROID: usb: gadget: Accessory:Migrate to USB_FUNCTION API
ANDROID: usb: gadget: Move gadget functions code
ANDROID: usb:gadget:audio_source: Move to USB_FUNCTION API
ANDROID: usb: gadget: Add function devices to the parent
ANDROID: usb: gadget: f_audio_source:replace deprecated API
ANDROID: usb: gadget: check for accessory device before disconnecting HIDs
ANDROID: usb: gadget: Add Uevent to notify userspace
ANDROID: usb: gadget: configfs: Add usb_function ptr to fi struct
ANDROID: usb: gadget: mtp/ptp: Migrate functions to the USB_FUNCTION interface
Linux 4.9.6
libceph: stop allocating a new cipher on every crypto request
libceph: uninline ceph_crypto_key_destroy()
tools/virtio/ringtest: fix run-on-all.sh for offline cpus
selftest/powerpc: Wrong PMC initialized in pmc56_overflow test
soc: ti: wkup_m3_ipc: Fix error return code in wkup_m3_ipc_probe()
spi: pxa2xx: add missed break
dmaengine: pl330: Fix runtime PM support for terminated transfers
dmaengine: rcar-dmac: unmap slave resource when channel is freed
s5p-mfc: Fix clock management in s5p_mfc_release() function
s5p-cec: mark PM functions as __maybe_unused again
st-hva: fix some error handling in hva_hw_probe()
ite-cir: initialize use_demodulator before using it
gs1662: drop kfree for memory allocated with devm_kzalloc
platform: pxa_camera: add VIDEO_V4L2 dependency
blackfin: check devm_pinctrl_get() for errors
rpmsg: virtio_rpmsg_bus: fix channel creation
mtd: spi-nor: Fix some error codes in cqspi_setup_flash()
mtd: spi-nor: Off by one in cqspi_setup_flash()
PM / devfreq: Fix the bug of devfreq_add_device when governor is NULL
PM / devfreq: exynos-bus: Fix the wrong return value
scsi: mpt3sas: fix hang on ata passthrough commands
scsi: ses: Fix SAS device detection in enclosure
swiotlb: Add swiotlb=noforce debug option
swiotlb: Convert swiotlb_force from int to enum
arm64: Fix swiotlb fallback allocation
arm64: mm: avoid name clash in __page_to_voff()
xprtrdma: Squelch "max send, max recv" messages at connect time
xprtrdma: Make FRWR send queue entry accounting more accurate
libceph: make sure ceph_aes_crypt() IV is aligned
ceph: fix endianness bug in frag_tree_split_cmp
ceph: fix endianness of getattr mask in ceph_d_revalidate
ceph: fix ceph_get_caps() interruption
ceph: fix scheduler warning due to nested blocking
ARM: 8613/1: Fix the uaccess crash on PB11MPCore
ARM: ux500: fix prcmu_is_cpu_in_wfi() calculation
ARM: dts: omap3: Fix Card Detect and Write Protect on Logic PD SOM-LV
ARM: dts: imx6qdl-nitrogen6_max: fix sgtl5000 pinctrl init
ARM: dts: omap2: Add an empty chosen node to top level DTSI
ARM: dts: omap3: Add an empty chosen node to top level DTSI
ARM: dts: am4372: Add an empty chosen node to top level DTSI
ARM: dts: omap5: Add an empty chosen node to top level DTSI
ARM: dts: omap4: Add an empty chosen node to top level DTSI
ARM: dts: am33xx: Add an empty chosen node to top level DTSI
ARM: dts: dm814x: Add an empty chosen node to top level DTSI
ARM: dts: dm816x: Add an empty chosen node to top level DTSI
ARM: dts: dra7: Add an empty chosen node to top level DTSI
libceph: remove now unused ceph_*{en,de}crypt*() functions
libceph: switch ceph_x_decrypt() to ceph_crypt()
libceph: switch ceph_x_encrypt() to ceph_crypt()
libceph: tweak calcu_signature() a little
libceph: rename and align ceph_x_authorizer::reply_buf
libceph: introduce ceph_crypt() for in-place en/decryption
libceph: introduce ceph_x_encrypt_offset()
libceph: old_key in process_one_ticket() is redundant
libceph: ceph_x_encrypt_buflen() takes in_len
Input: ALPS - fix TrackStick support for SS5 hardware
arm64/ptrace: Reject attempts to set incomplete hardware breakpoint fields
arm64/ptrace: Avoid uninitialised struct padding in fpr_set()
arm64/ptrace: Preserve previous registers for short regset write - 3
arm64/ptrace: Preserve previous registers for short regset write - 2
arm64/ptrace: Preserve previous registers for short regset write
arm64: avoid returning from bad_mode
ARM: dts: da850-evm: fix read access to SPI flash
ARM: dts: OMAP5 / DRA7: indicate that SATA port 0 is available.
ceph: fix bad endianness handling in parse_reply_info_extra
ibmvscsis: Fix max transfer length
ibmvscsis: Fix sleeping in interrupt context
ARM: 8634/1: hw_breakpoint: blacklist Scorpion CPUs
svcrdma: avoid duplicate dma unmapping during error recovery
clocksource/exynos_mct: Clear interrupt when cpu is shut down
ubifs: Fix journal replay wrt. xattr nodes
mac80211: implement multicast forwarding on fast-RX path
qla2xxx: Fix crash due to null pointer access
x86/ioapic: Restore IO-APIC irq_chip retrigger callback
powerpc: Ignore reserved field in DCSR and PVR reads and writes
powerpc/ptrace: Preserve previous TM fprs/vsrs on short regset write
powerpc/ptrace: Preserve previous fprs/vsrs on short regset write
powerpc/perf: Fix PM_BRU_CMPL event code for power9
powerpc/icp-opal: Fix missing KVM case and harden replay
KVM: arm/arm64: vgic: Fix deadlock on error handling
KVM: s390: do not expose random data via facility bitmap
mtd: nand: xway: fix build because of module functions
mtd: nand: xway: disable module support
mtd: nand: lpc32xx: fix invalid error handling of a requested irq
ieee802154: atusb: do not use the stack for buffers to make them DMA able
mmc: mxs-mmc: Fix additional cycles after transmission stop
mmc: sdhci-acpi: Only powered up enabled acpi child devices
HID: corsair: fix control-transfer error handling
HID: corsair: fix DMA buffers on stack
PCI: Enumerate switches below PCI-to-PCIe bridges
PCI: designware: Check for iATU unroll only on platforms that use ATU
fuse: fix time_to_jiffies nsec sanity check
fuse: clear FR_PENDING flag when moving requests out of pending queue
ARC: module: Fix !CONFIG_ARC_DW2_UNWIND builds
libnvdimm, namespace: fix pmem namespace leak, delete when size set to zero
svcrpc: don't leak contexts on PROC_DESTROY
sunrpc: don't call sleeping functions from the notifier block callbacks
rcu: Narrow early boot window of illegal synchronous grace periods
rcu: Remove cond_resched() from Tiny synchronize_sched()
x86/PCI: Ignore _CRS on Supermicro X8DTH-i/6/iF/6F
tmpfs: clear S_ISGID when setting posix ACLs
ARM: dts: omap3: Add DTS for Logic PD SOM-LV 37xx Dev Kit
ARM: dts: imx31: fix AVIC base address
ARM: dts: imx31: move CCM device node to AIPS2 bus devices
ARM: dts: imx31: fix clock control module interrupts description
ARM: dts: imx6q-cm-fx6: fix fec pinctrl
ARM: dts: r8a7794: remove Z clock
ARM: dts: r8a7794: Use SYSC "always-on" PM Domain for sound
ARM: dts: bcm283x: fix typo in mailbox address
perf jit: Enable jitdump support without dwarf
perf scripting: Avoid leaking the scripting_context variable
perf callchain: Fixup help/config for no-unwinding
perf diff: Do not overwrite valid build id
perf trace: Check if MAP_32BIT is defined (again)
perf mem: Fix --all-user/--all-kernel options
perf trace: Use the syscall raw_syscalls:sys_enter timestamp
IB/IPoIB: Remove can't use GFP_NOIO warning
IB/mlx4: Check if GRH is available before using it
IB/mlx4: When no DMFS for IPoIB, don't allow NET_IF QPs
IB/mlx4: Fix port query for 56Gb Ethernet links
IB/mlx4: Handle well-known-gid in mad_demux processing
IB/mlx4: Fix out-of-range array index in destroy qp flow
IB/mlx4: Set traffic class in AH
IB/mlx5: Wait for all async command completions to complete
IB/mlx5: Assign SRQ type earlier
IB/mlx5: Fix reported max SGE calculation
IB/mlx5: Avoid system crash when enabling many VFs
IB/rxe: avoid putting a large struct rxe_qp on stack
IB/rxe: Increase max number of completions to 32k
IB/core: Release allocated memory in cache setup failure
Linux 4.9.5
ANDROID: usb: gadget: f_audio_source: Fixed USB Audio Class Interface Descriptor
ANDROID: usb: gadget: f_audio_source: change max ISO packet size
ANDROID: usb: gadget: f_accessory: Enabled Zero Length Packet (ZLP) for acc_write
ANDROID: drivers: usb: gadget: 64-bit related type fixes
ANDROID: usb: gadget: f_accessory: move userspace interface to uapi
ANDROID: usb: gadget: f_mtp: move userspace interface to uapi
ANDROID: USB: remove duplicate out endpoint creation in MTP mode
ANDROID: usb: gadget: Fix android gadget driver build
ANDROID: usb: gadget: Fixes and hacks to make android usb gadget compile on 3.8
ANDROID: usb: otg: otg-wakelock: Fix build for 3.7
ANDROID: usb: gadget: accessory: Fix section mismatch (again)
ANDROID: USB: gadget: f_audio_source: New gadget driver for audio output
ANDROID: USB: gadget: f_accessory: Add support for HID input devices
ANDROID: USB: gadget: Add ACCESSORY_SET_AUDIO_MODE control request and ioctl
ANDROID: usb: gadget: accessory: Fix section mismatch
ANDROID: usb: otg: otg-wakelock: Fix build for 3.4
ANDROID: usb: gadget: adb: Only enable the gadget when adbd is ready
ANDROID: usb: gadget: adb: do not set error flag when dequeuing req
ANDROID: usb: gadget: adb: allow freezing in adb_read
ANDROID: usb: gadget: accessory: Add Android Accessory function
ANDROID: usb: gadget: adb: Add ADB function
ANDROID: usb: gadget: mtp: Add MTP/PTP function
ANDROID: usb: otg: otg-wakelock: fix build for 3.3
ANDROID: usb: otg: Temporarily grab wakelock on charger and disconnect events
ANDROID: USB: OTG: Take wakelock when VBUS present
ANDROID: wlan: Add get_wake_irq functionality
ANDROID: Add flags parameter to get_country_code template
ANDROID: net: wireless: Add get_country_code functionality to platform
ANDROID: network: wireless: Add get_mac_addr functionality to platform
ANDROID: wlan: Create generic wlan platform data header
ANDROID: net: wireless: Decrease scan entry expiration to avoid stall results
ANDROID: bridge: Have tx_bytes count headers like rx_bytes.
ANDROID: rfkill: Introduce CONFIG_RFKILL_PM and use instead of CONFIG_PM to power down
ANDROID: net: ipv6: fix virtual tunneling build
ANDROID: tcp: fix tcp_default_init_rwnd() for 4.1
ANDROID: net: support marking accepting TCP sockets
ANDROID: tcp: add a sysctl to config the tcp_default_init_rwnd
ANDROID: xt_qtaguid: fix a race condition in if_tag_stat_update
ANDROID: netfilter: xt_qtaguid/socket: build fixes for 4.4
ANDROID: netfilter: xt_qtaguid: xt_socket: build fixes
ANDROID: net: xt_qtaguid/xt_socket: fix refcount underflow and crash
ANDROID: xt_qtaguid: use sock_gen_put() instead of xt_socket_put_sk()
ANDROID: xt_qtaguid: Use sk_callback_lock read locks before reading sk->sk_socket
ANDROID: xt_qtaguid: fix broken uid/gid range check
ANDROID: netfilter: Build fixups - kuid/kguid changes & xt_socket_get/put_sk
ANDROID: net: ipv6: autoconf routes into per-device tables
ANDROID: nf: IDLETIMER: Fix broken uid field in the msg
ANDROID: nf: IDLETIMER: Adds the uid field in the msg
ANDROID: netfilter: fix seq_printf type mismatch warning
ANDROID: nf: Remove compilation error caused by e8430cbed3ef15fdb1ac26cfd020e010aa5f1c35
ANDROID: nf: IDLETIMER: time-stamp and suspend/resume handling.
ANDROID: xt_qtaguid: Fix boot panic
ANDROID: net: kuid/kguid build fixes
ANDROID: netfilter: ipv6: fix crash caused by ipv6_find_hdr()
ANDROID: netfilter: xt_qtaguid: 64-bit warning fixes
ANDROID: netfilter: xt_qtaguid: fix memory leak in seq_file handlers
ANDROID: netfilter: xt_qtaguid: fix bad tcp_time_wait sock handling
ANDROID: netfilter: xt_qtaguid: 3.10 fixes
ANDROID: netfilter: xt_quota2: 3.10 fixes.
ANDROID: netfilter: qtaguid: rate limit some of the printks
ANDROID: netfilter: xt_qtaguid: Allow tracking loopback
ANDROID: netfilter: xt_qtaguid: extend iface stat to report protocols
ANDROID: netfilter: xt_qtaguid: remove AID_* dependency for access control
ANDROID: netfilter: qtaguid: Don't BUG_ON if create_if_tag_stat fails
ANDROID: netfilter: xt_qtaguid: fix error exit that would keep a spinlock.
ANDROID: netfilter: xt_qtaguid: report only uid tags to non-privileged processes
ANDROID: netfilter: xt_qtaguid: start tracking iface rx/tx at low level
ANDROID: netfilter: xt_IDLETIMER: Add new netlink msg type
ANDROID: netfilter: xt_qtaguid: fix ipv6 protocol lookup
ANDROID: netfilter: qtaguid: initialize a local var to keep compiler happy.
ANDROID: netfilter: fixup the quota2, and enable.
ANDROID: netfilter: adding the original quota2 from xtables-addons
ANDROID: netfilter: add xt_qtaguid matching module
ANDROID: net: PPPoPNS and PPPoLAC build fixes for 4.4
ANDROID: Hack: net: PPPoPNS and PPPoLAC build fixes for 4.1
ANDROID: net: pppopns: pppolac: fix sendmsg function calls
ANDROID: net: PPPoPNS: Remove length argument from data_ready
ANDROID: net: move PPPoLAC and PPPoPNS headers to uapi
ANDROID: Include if_pppolac.h and if_pppopns.h into header-y target
ANDROID: net: PPPoPNS and PPPoLAC update to use PPP_MRU instead of PPP_MRU
ANDROID: net: Reorder incoming packets in PPPoLAC and PPPoPNS.
ANDROID: net: PPPoPNS and PPPoLAC fixes.
ANDROID: net: add PPP on PPTP Network Server (PPPoPNS) driver.
ANDROID: net: add PPP on L2TP Access Concentrator (PPPoLAC) driver.
ANDROID: sysfs_net_ipv4: Add sysfs-based knobs for controlling TCP window size
ANDROID: net: Only NET_ADMIN is allowed to fully control TUN interfaces.
ANDROID: net: Replace AID_NET_RAW checks with capable(CAP_NET_RAW).
ANDROID: security: Add AID_NET_RAW and AID_NET_ADMIN capability check in cap_capable().
ANDROID: Paranoid network.
ANDROID: Add android_aid.h
ANDROID: fs: block_dump: Don't display inode changes if block_dump < 2
ANDROID: mmc: core: Remove stray CONFIG_EXPERIMENTAL dependencies
ANDROID: mmc: Add "ignore mmc pm notify" functionality
ANDROID: mmc: sdio: Fix sdio_reset_comm for sync
ANDROID: mmc: sdio: fix sdio_reset_comm() voltage selection
ANDROID: mmc: sdio: Fix enable_hs and enable_wide in sdio_reset_comm()
ANDROID: mmc: sdio: Add high speed support to sdio_reset_comm()
ANDROID: mmc: sdio: Claim host in sdio_reset_comm()
ANDROID: mmc: Add new API call 'sdio_reset_comm' for resetting communication with an SDIO device
ANDROID: mmc: Add sdio_readb_ext() function
ANDROID: mmc: Add concept of an 'embedded' SDIO device.
ANDROID: mmc: sd: Add retries in re-detection
ANDROID: mmc: sd: When resuming, try a little harder to init the card
ANDROID: mmc: sd: Add new CONFIG_MMC_PARANOID_SD_INIT for enabling retries during SD detection
ANDROID: mtd: nand: Allow NAND chip ids to be included standalone.
ANDROID: gpio_input: convert from wakelocks to wakeup sources
ANDROID: input: Made keyreset more robust
ANDROID: input: Changed keyreset to act as a wrapper for keycombo.
ANDROID: input: add keycombo, a general key combo driver.
ANDROID: input: misc: keychord: move header to uapi
ANDROID: input: misc: keychord: log when keychord triggered
ANDROID: input: keychord: Add keychord driver
ANDROID: input: Add keyreset driver.
ANDROID: input: misc: gpio_event: remove early suspend
ANDROID: Input: Generic GPIO Input device.
ANDROID: lowmemorykiller: use module_param_cb instead of __module_param_call
ANDROID: lowmemorykiller: trace kill events.
ANDROID: staging: lowmemorykiller: Add config option to support oom_adj values
pinctrl: sh-pfc: Do not unconditionally support PIN_CONFIG_BIAS_DISABLE
arm64: hugetlb: fix the wrong return value for huge_ptep_set_access_flags
arm64: hugetlb: remove the wrong pmd check in find_num_contig()
arm64: hugetlb: fix the wrong address for several functions
powerpc/powernv: Don't warn on PE init if unfreeze is unsupported
powerpc/ibmebus: Fix device reference leaks in sysfs interface
powerpc/ibmebus: Fix further device reference leaks
powerpc/mm: Correct process and partition table max size
bus: vexpress-config: fix device reference leak
blk-mq: Always schedule hctx->next_cpu
power: supply: bq27xxx_battery: Fix register map for BQ27510 and BQ27520
bq24190_charger: Fix PM runtime use for bq24190_battery_set_property
iw_cxgb4: Fix error return code in c4iw_rdev_open()
powercap/intel_rapl: fix and tidy up error handling
ACPI / APEI: Fix NMI notification handling
block: cfq_cpd_alloc() should use @gfp
block: Change extern inline to static inline
ACPI / CPPC: set an error code on probe error path
regulators: helpers: Fix handling of bypass_val_on in get_bypass_regmap
cpufreq: powernv: Disable preemption while checking CPU throttling state
powerpc/64: Simplify adaptation to new ISA v3.00 HPTE format
remoteproc: st: Fix error return code in st_rproc_probe()
remoteproc: qcom_wcnss: Fix circular module dependency
drm: Initialise drm_mm.head_node.allocated
drm/i915: Move the min_pixclk[] handling to the end of readout
drm/panel: simple: Check against num_timings when setting preferred for timing
drm: avoid uninitialized timestamp use in wait_vblank
drm/i915/gen9: Fix PCODE polling during SAGV disabling
i2c: mux: pca954x: fix i2c mux selection caching
NFSv4.1: nfs4_fl_prepare_ds must be careful about reporting success.
NFS: Fix a performance regression in readdir
pNFS: Fix race in pnfs_wait_on_layoutreturn
NFS: fix typo in parameter description
pinctrl: meson: fix gpio request disabling other modes
btrfs: fix error handling when run_delayed_extent_op fails
btrfs: fix locking when we put back a delayed ref that's too new
nvme: apply DELAY_BEFORE_CHK_RDY quirk at probe time too
x86/cpu: Fix bootup crashes by sanitizing the argument of the 'clearcpuid=' command-line option
i2c: piix4: Avoid race conditions with IMC
net/mlx5: Only cancel recovery work when cleaning up device
USB: serial: ch341: fix modem-control and B0 handling
drm/amdgpu: drop verde dpm quirks
drm/amdgpu: update si kicker smc firmware
drm/radeon: drop verde dpm quirks
drm/radeon: update smc firmware selection for SI
drm: Clean up planes in atomic commit helper failure path
drm/i915/gen9: Fix PCODE polling timeout in stable backport
net/af_iucv: don't use paged skbs for TX on HiperSockets
sysctl: Drop reference added by grab_header in proc_sys_readdir
Clearing FIFOs in RS485 emulation mode causes subsequent transmits to break
extcon: return error code on failure
sysrq: attach sysrq handler correctly for 32-bit kernel
orinoco: Use shash instead of ahash for MIC calculations
ibmvscsis: Fix srp_transfer_data fail return code
tty/serial: atmel_serial: BUG: stop DMA from transmitting in stop_tx
tty/serial: atmel: RS485 half duplex w/DMA: enable RX after TX is done
virtio_blk: avoid DMA to stack for the sense buffer
dmaengine: omap-dma: Fix dynamic lch_map allocation
drivers: char: mem: Fix thinkos in kmem address checks
mnt: Protect the mountpoint hashtable with mount_lock
pid: fix lockdep deadlock warning due to ucount_lock
vme: Fix wrong pointer utilization in ca91cx42_slave_get
Revert "tty: serial: 8250: add CON_CONSDEV to flags"
ASoC: hdmi-codec: use unsigned type to structure members with bit-field
btrfs: fix crash when tracepoint arguments are freed by wq callbacks
xhci: fix deadlock at host remove by running watchdog correctly
fix a fencepost error in pipe_advance()
i2c: fix kernel memory disclosure in dev interface
i2c: print correct device invalid address
Input: elants_i2c - avoid divide by 0 errors on bad touchscreen data
USB: serial: ch341: fix open and resume after B0
USB: serial: ch341: fix control-message error handling
USB: serial: ch341: fix open error handling
USB: serial: ch341: fix resume after reset
USB: serial: ch341: fix initial modem-control state
USB: serial: kl5kusb105: fix line-state error handling
usb: musb: fix runtime PM in debugfs
wusbcore: Fix one more crypto-on-the-stack bug
x86/CPU/AMD: Fix Bulldozer topology
x86/bugs: Separate AMD E400 erratum and C1E bug
x86/cpu/AMD: Clean up cpu_llc_id assignment per topology feature
bridge: netfilter: Fix dropping packets that moving through bridge interface
xfs: Timely free truncated dirty pages
gpio: Move freeing of GPIO hogs before numbing of the device
nl80211: fix sched scan netlink socket owner destruction
x86/efi: Don't allocate memmap through memblock after mm_init()
efi/x86: Prune invalid memory map entries and fix boot regression
efi/libstub/arm*: Pass latest memory map to the kernel
KVM: x86: Introduce segmented_write_std
KVM: x86: emulate FXSAVE and FXRSTOR
KVM: x86: add asm_safe wrapper
KVM: x86: add Align16 instruction flag
KVM: x86: fix NULL deref in vcpu_scan_ioapic
KVM: x86: flush pending lapic jump label updates on module unload
jump_labels: API for flushing deferred jump label updates
KVM: eventfd: fix NULL deref irqbypass consumer
KVM: x86: fix emulation of "MOV SS, null selector"
mm/hugetlb.c: fix reservation race when freeing surplus pages
mm/slab.c: fix SLAB freelist randomization duplicate entries
mm: support anonymous stable page
mm, memcg: fix the active list aging for lowmem requests when memcg is enabled
ocfs2: fix crash caused by stale lvb with fsdlm plugin
mm: fix devm_memremap_pages crash, use mem_hotplug_{begin, done}
mm: pmd dirty emulation in page fault handler
dax: fix deadlock with DAX 4k holes
zram: support BDI_CAP_STABLE_WRITES
zram: revalidate disk under init_lock
selftests: do not require bash for the generated test
selftests: do not require bash to run netsocktests testcase
drm/savage: dereferencing an error pointer
drm/vc4: Fix a couple error codes in vc4_cl_lookup_bos()
drm/tegra: dpaux: Fix error handling
regulator: axp20x: Fix axp809 ldo_io registration error on cold boot
regulator: tps65086: Fix 25mV ranges for BUCK regulators
pinctrl: sh-pfc: Add helper to handle bias lookup table
pinctrl: sh-pfc: r8a7795: Use lookup function for bias data
pinctrl: imx: fix imx_pinctrl_desc initialization
Input: i8042 - add Pegatron touchpad to noloop table
Input: xpad - use correct product id for x360w controllers
Linux 4.9.4
rtlwifi: rtl_usb: Fix missing entry in USB driver's private data
rtlwifi: Fix enter/exit power_save
drm/i915/gen9: Fix PCODE polling during CDCLK change notification
ALSA: usb-audio: Add a quirk for Plantronics BT600
spi: mvebu: fix baudrate calculation for armada variant
ARM: omap2+: am437x: rollback to use omap3_gptimer_timer_init()
ARM: 8631/1: clkdev: Detect errors in clk_hw_register_clkdev() for mass registration
ARM: OMAP4+: Fix bad fallthrough for cpuidle
ARM: OMAP5: Fix build for PM code
ARM: OMAP5: Fix mpuss_early_init
bus: arm-ccn: Prevent hotplug callback leak
svcrdma: Clear xpt_bc_xps in xprt_setup_rdma_bc() error exit arm
ARM: qcom_defconfig: Fix MDM9515 LCC and GCC config
ARM: zynq: Reserve correct amount of non-DMA RAM
ARM: pxa: fix pxa25x interrupt init
ARM64: dts: bcm2835: Fix bcm2837 compatible string
ARM64: dts: bcm2837-rpi-3-b: remove incorrect pwr LED
arm64: dts: mt8173: Fix auxadc node
tools/virtio: fix READ_ONCE()
powerpc: Fix build warning on 32-bit PPC
ALSA: firewire-tascam: Fix to handle error from initialization of stream data
HID: hid-cypress: validate length of report
net: vrf: do not allow table id 0
net: ipv4: Fix multipath selection with vrf
net/mlx5e: Remove WARN_ONCE from adaptive moderation code
gro: Disable frag0 optimization on IPv6 ext headers
gro: use min_t() in skb_gro_reset_offset()
gro: Enter slow-path if there is no tailroom
net: add the AF_QIPCRTR entries to family name tables
net: dsa: Ensure validity of dst->ds[0]
r8152: fix rx issue for runtime suspend
r8152: split rtl8152_suspend function
net: dsa: bcm_sf2: Utilize nested MDIO read/write
net: dsa: bcm_sf2: Do not clobber b53_switch_ops
bpf: change back to orig prog on too many passes
net: vrf: Add missing Rx counters
ipv4: Do not allow MAIN to be alias for new LOCAL w/ custom rules
igmp: Make igmp group member RFC 3376 compliant
flow_dissector: Update pptp handling to avoid null pointer deref.
drop_monitor: consider inserted data in genlmsg_end
drop_monitor: add missing call to genlmsg_end
net: ipv4: dst for local input routes should use l3mdev if relevant
net: fix incorrect original ingress device index in PKTINFO
rtnl: stats - add missing netlink message size checks
net/mlx5e: Disable netdev after close
net/mlx5e: Don't sync netdev state when not registered
net/mlx5: Prevent setting multicast macs for VFs
net/mlx5: Mask destination mac value in ethtool steering rules
net/mlx5: Avoid shadowing numa_node
net/mlx5: Cancel recovery work in remove flow
net/mlx5: Check FW limitations on log_max_qp before setting it
net/sched: cls_flower: Fix missing addr_type in classify
net: stmmac: Fix race between stmmac_drv_probe and stmmac_open
net, sched: fix soft lockup in tc_classify
ipv6: handle -EFAULT from skb_copy_bits
inet: fix IP(V6)_RECVORIGDSTADDR for udp sockets
sctp: sctp_transport_lookup_process should rcu_read_unlock when transport is null
net: vrf: Drop conntrack data after pass through VRF device on Tx
net: vrf: Fix NAT within a VRF
Linux 4.9.3
usb: gadget: composite: always set ep->mult to a sensible value
Revert "usb: gadget: composite: always set ep->mult to a sensible value"
Revert "rtlwifi: Fix enter/exit power_save"
tick/broadcast: Prevent NULL pointer dereference
clocksource/dummy_timer: Move hotplug callback after the real timers
xfs: fix max_retries _show and _store functions
xfs: fix crash and data corruption due to removal of busy COW extents
xfs: use the actual AG length when reserving blocks
xfs: fix double-cleanup when CUI recovery fails
xfs: use GPF_NOFS when allocating btree cursors
xfs: ignore leaf attr ichdr.count in verifier during log replay
xfs: don't cap maximum dedupe request length
xfs: don't allow di_size with high bit set
xfs: error out if trying to add attrs and anextents > 0
xfs: don't crash if reading a directory results in an unexpected hole
xfs: complain if we don't get nextents bmap records
xfs: check for bogus values in btree block headers
xfs: forbid AG btrees with level == 0
xfs: handle cow fork in xfs_bmap_trace_exlist
xfs: pass state not whichfork to trace_xfs_extlist
xfs: Move AGI buffer type setting to xfs_read_agi
xfs: pass post-eof speculative prealloc blocks to bmapi
xfs: use new extent lookup helpers xfs_file_iomap_begin_delay
xfs: clean up cow fork reservation and tag inodes correctly
xfs: use new extent lookup helpers in __xfs_reflink_reserve_cow
xfs: track preallocation separately in xfs_bmapi_reserve_delalloc()
xfs: remove prev argument to xfs_bmapi_reserve_delalloc
xfs: always succeed when deduping zero bytes
xfs: factor rmap btree size into the indlen calculations
xfs: new inode extent list lookup helpers
xfs: fix unbalanced inode reclaim flush locking
xfs: check minimum block size for CRC filesystems
xfs: provide helper for counting extents from if_bytes
xfs: don't BUG() on mixed direct and mapped I/O
xfs: don't skip cow forks w/ delalloc blocks in cowblocks scan
xfs: check return value of _trans_reserve_quota_nblks
xfs: don't call xfs_sb_quota_from_disk twice
tpm_tis: Check return values from get_burstcount.
drm/i915/gen9: fix the WM memory bandwidth WA for Y tiling cases
drm/i915/gen9: unconditionally apply the memory bandwidth WA
drm/i915: disable PSR by default on HSW/BDW
drm/radeon: Always store CRTC relative radeon_crtc->cursor_x/y values
s390/pci: fix dma address calculation in map_sg
s390/topology: always use s390 specific sched_domain_topology_level
powerpc/pci/rpadlpar: Fix device reference leaks
PCI: Enable access to non-standard VPD for Chelsio devices (cxgb3)
PCI: Support INTx masking on ConnectX-4 with firmware x.14.1100+
PCI: Convert Mellanox broken INTx quirks to be for listed devices only
PCI: Convert broken INTx masking quirks from HEADER to FINAL
PCI: Add Mellanox device IDs
PCI: rockchip: Correct the use of FTS mask
PCI: rockchip: Fix negotiated lanes calculation
staging: media: davinci_vpfe: unlock on error in vpfe_reqbufs()
f2fs: hide a maybe-uninitialized warning
f2fs: remove percpu_count due to performance regression
md: fix refcount problem on mddev when stopping array.
md: MD_RECOVERY_NEEDED is set for mddev->recovery
crypto: arm64/aes-ce - fix for big endian
crypto: arm64/aes-xts-ce: fix for big endian
crypto: arm64/sha1-ce - fix for big endian
crypto: arm64/aes-neon - fix for big endian
crypto: arm64/aes-ccm-ce: fix for big endian
crypto: arm/aes-ce - fix for big endian
crypto: arm64/ghash-ce - fix for big endian
crypto: arm64/sha2-ce - fix for big endian
s390/crypto: unlock on error in prng_tdes_read()
mm, compaction: fix NR_ISOLATED_* stats for pfn based migration
mm: khugepaged: fix radix tree node leak in shmem collapse error path
mm: khugepaged: close use-after-free race during shmem collapsing
docs-rst: fix LaTeX \DURole renewcommand with Sphinx 1.3+
mm/hugetlb.c: use the right pte val for compare in hugetlb_cow
rpmsg: qcom_smd: Correct return value for O_NONBLOCK
mmc: mmc_test: Uninitialized return value
genirq/affinity: Fix node generation from cpumask
PM / wakeirq: Fix dedicated wakeirq for drivers not using autosuspend
irqchip/bcm7038-l1: Implement irq_cpu_offline() callback
PCI/MSI: Check for NULL affinity mask in pci_irq_get_affinity()
ima: fix memory leak in ima_release_policy
relay: check array offset before using it
sbp-target: Fix second argument of percpu_ida_alloc()
target/iscsi: Fix double free in lio_target_tiqn_addtpg()
scsi: mvsas: fix command_active typo
scsi: g_NCR5380: Fix release_region in error handling
ASoC: samsung: i2s: Fixup last IRQ unsafe spin lock call
ASoC: Intel: Skylake: Fix a shift wrapping bug
ASoC: cht_bsw_rt5645: Fix leftover kmalloc
ASoC: lpass-platform: initialize dma channel number
iommu/vt-d: Flush old iommu caches for kdump when the device gets context mapped
iommu/vt-d: Fix pasid table size encoding
iommu/amd: Fix the left value check of cmd buffer
iommu/amd: Missing error code in amd_iommu_init_device()
clk: renesas: mstp: Support 8-bit registers for r7s72100
clk: imx31: fix rewritten input argument of mx31_clocks_init()
clk: sunxi-ng: sun8i-h3: Set CLK_SET_RATE_PARENT for audio module clocks
clk: sunxi-ng: sun8i-a23: Set CLK_SET_RATE_PARENT for audio module clocks
clk: ti: dra7: fix "failed to lookup clock node gmac_gmii_ref_clk_div" boot message
clk: clk-wm831x: fix a logic error
clk: qcom: ipq806x: Fix board clk rates
Input: synaptics-rmi4 - unlock on error
hwmon: (lm90) fix temp1_max_alarm attribute
hwmon: (g762) Fix overflows and crash seen when writing limit attributes
hwmon: (nct7802) Fix overflows seen when writing into limit attributes
hwmon: (ds620) Fix overflows seen when writing temperature limits
hwmon: (amc6821) sign extension temperature
hwmon: (scpi) Fix module autoload
platform/x86: fujitsu-laptop: use brightness_set_blocking for LED-setting callbacks
x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
x86/prctl/uapi: Remove #ifdef for CHECKPOINT_RESTORE
debugfs: improve DEFINE_DEBUGFS_ATTRIBUTE for !CONFIG_DEBUG_FS
clk: renesas: cpg-mssr: Fix inverted debug check
efi/efivar_ssdt_load: Don't return success on allocation failure
cris: Only build flash rescue image if CONFIG_ETRAX_AXISFLASHMAP is selected
ath10k: use the right length of "background"
mfd: tps65217: Fix page fault on unloading modules
ath10k: fix failure to send NULL func frame for 10.4
nl80211: Use different attrs for BSSID and random MAC addr in scan req
mac80211: fix tid_agg_rx NULL dereference
drm/i915: tune down the fast link training vs boot fail
drm/i915/dp: add lane_count check in intel_dp_check_link_status
usb: dwc3: gadget: always unmap EP0 requests
usb: dwc3: ep0: explicitly call dwc3_ep0_prepare_one_trb()
usb: dwc3: ep0: add dwc3_ep0_prepare_one_trb()
iio: accel: st_accel: fix LIS3LV02 reading and scaling
staging: iio: ad7606: fix improper setting of oversampling pins
mei: move write cb to completion on credentials failures
mei: bus: fix mei_cldev_enable KDoc
mei: fix parameter rename KDoc
USB: serial: io_ti: bind to interface after fw download
dibusb: fix possible memory leak in dibusb_rc_query()
ARM: dts: sun7i: bananapi-m1-plus: Enable USB PHY for USB host support
arm64: dts: hip06: Correct hardware pin number of usb node
USB: phy: am335x-control: fix device and of_node leaks
ARM: dts: r8a7794: Correct hsusb parent clock
usb: gadget: fix request length error for isoc transfer
usb: gadget: Fix second argument of percpu_ida_alloc()
USB: serial: kl5kusb105: abort on open exception path
ALSA: usb-audio: Fix bogus error return in snd_usb_create_stream()
usb: musb: blackfin: add bfin_fifo_offset in bfin_ops
usb: gadget: udc: core: fix return code of usb_gadget_probe_driver()
usb: hub: Move hub_port_disable() to fix warning if PM is disabled
usb: musb: Fix trying to free already-free IRQ 4
usb: dwc3: gadget: Fix full speed mode
usb: dwc3: pci: Fix dr_mode misspelling
usb: dwc3: pci: add Intel Gemini Lake PCI ID
xhci: Fix race related to abort operation
xhci: Use delayed_work instead of timer for command timeout
usb: xhci-mem: use passed in GFP flags instead of GFP_KERNEL
USB: serial: mos7720: fix parallel probe
USB: serial: mos7720: fix parport use-after-free on probe errors
USB: serial: mos7720: fix use-after-free on probe errors
USB: serial: mos7720: fix NULL-deref at open
USB: serial: mos7840: fix NULL-deref at open
USB: serial: kobil_sct: fix NULL-deref in write
USB: serial: cyberjack: fix NULL-deref at open
USB: serial: oti6858: fix NULL-deref at open
USB: serial: io_edgeport: fix NULL-deref at open
USB: serial: ti_usb_3410_5052: fix NULL-deref at open
USB: serial: garmin_gps: fix memory leak on failed URB submit
USB: serial: iuu_phoenix: fix NULL-deref at open
USB: serial: io_ti: fix I/O after disconnect
USB: serial: io_ti: fix another NULL-deref at open
USB: serial: io_ti: fix NULL-deref at open
USB: serial: spcp8x5: fix NULL-deref at open
USB: serial: keyspan_pda: verify endpoints at probe
USB: serial: pl2303: fix NULL-deref at open
USB: serial: quatech2: fix sleep-while-atomic in close
USB: serial: omninet: fix NULL-derefs at open and disconnect
usb: return error code when platform_get_irq fails
usb: xhci: hold lock over xhci_abort_cmd_ring()
xhci: Handle command completion and timeout race
usb: host: xhci: Fix possible wild pointer when handling abort command
usb: xhci: fix return value of xhci_setup_device()
xhci: free xhci virtual devices with leaf nodes first
usb: xhci: apply XHCI_PME_STUCK_QUIRK to Intel Apollo Lake
usb: xhci: fix possible wild pointer
usb: dwc3: core: avoid Overflow events
usb: gadget: composite: Test get_alt() presence instead of set_alt()
USB: dummy-hcd: fix bug in stop_activity (handle ep0)
USB: fix problems with duplicate endpoint addresses
USB: gadgetfs: fix checks of wTotalLength in config descriptors
USB: gadgetfs: fix use-after-free bug
USB: gadgetfs: fix unbounded memory allocation bug
usb: gadgetfs: restrict upper bound on device configuration size
usb: storage: unusual_uas: Add JMicron JMS56x to unusual device
usb: musb: dsps: implement clear_ep_rxintr() callback
usb: musb: core: add clear_ep_rxintr() to musb_platform_ops
KVM: MIPS: Flush KVM entry code from icache globally
KVM: MIPS: Don't clobber CP0_Status.UX
KVM: x86: reset MMU on KVM_SET_VCPU_EVENTS
drm/i915: Initialize overlay->last_flip properly
drm/i915: Force VDD off on the new power seqeuencer before starting to use it
drm/i915: Fix oops in overlay due to frontbuffer tracking
drm/i915: Fix oopses in the overlay code due to i915_gem_active stuff
gcc-plugins: update gcc-common.h for gcc-7
asm-prototypes: Clear any CPP defines before declaring the functions
mac80211: initialize fast-xmit 'info' later
pinctrl/amd: Set the level based on ACPI tables
ARM: davinci: da850: don't add emac clock to lookup table twice
HID: sensor-hub: Move the memset to sensor_hub_get_feature()
parisc: Mark cr16 clocksource unstable on SMP systems
parisc: Add line-break when printing segfault info
fscrypt: fix renaming and linking special files
ALSA: usb-audio: Fix irq/process data synchronization
ALSA: hda - Apply asus-mode8 fixup to ASUS X71SL
ALSA: hda - Fix up GPIO for ASUS ROG Ranger
staging: octeon: Call SET_NETDEV_DEV()
iio: bmi160: Fix time needed to sleep after command execution
iio: max44000: correct value in illuminance_integration_time_available
iio: common: st_sensors: fix channel data parsing
Linux 4.9.2
drm/i915: Fix setting of boost freq tunable
drm/i915: skip the first 4k of stolen memory on everything >= gen8
drm/i915: Initialize dev_priv->atomic_cdclk_freq at init time
drm/i915: Fix cdclk vs. dev_cdclk mess when not recomputing things
drm/i915/dsi: Do not clear DPOUNIT_CLOCK_GATE_DISABLE from vlv_init_display_clock_gating
drm/i915/dsi: Fix chv_exec_gpio disabling the GPIOs it is setting
net: mvpp2: fix dma unmapping of TX buffers for fragments
sg_write()/bsg_write() is not fit to be called under KERNEL_DS
kconfig/nconf: Fix hang when editing symbol with a long prompt
target/user: Fix use-after-free of tcmu_cmds if they are expired
libnvdimm, pfn: fix align attribute
of, numa: Return NUMA_NO_NODE from disable of_node_to_nid() if nid not possible.
powerpc/boot: Request no dynamic linker for boot wrapper
powerpc/ps3: Fix system hang with GCC 5 builds
powerpc/64e: Convert cmpi to cmpwi in head_64.S
SUNRPC: fix refcounting problems with auth_gss messages.
pNFS: Fix a deadlock between read resends and layoutreturn
pNFS: Clear NFS_LAYOUT_RETURN_REQUESTED when invalidating the layout stateid
pNFS: Don't clear the layout stateid if a layout return is outstanding
pNFS: On error, do not send LAYOUTGET until the LAYOUTRETURN has completed
nfs_write_end(): fix handling of short copies
libceph: verify authorize reply on connect
PCI: Check for PME in targeted sleep state
i40iw: Use correct src address in memcpy to rdma stats counters
bad_inode: add missing i_op initializers
Input: drv260x - fix input device's parent assignment
v4l: tvp5150: Add missing break in set control handler
media: solo6x10: fix lockup by avoiding delayed register write
s5p-mfc: fix failure path of s5p_mfc_alloc_memdev()
mn88473: fix chip id check on probe
mn88472: fix chip id check on probe
IB/cma: Fix a race condition in iboe_addr_get_sgid()
IB/rxe: Fix a memory leak in rxe_qp_cleanup()
IB/multicast: Check ib_find_pkey() return value
IPoIB: Avoid reading an uninitialized member variable
IB/mad: Fix an array index check
fgraph: Handle a case where a tracer ignores set_graph_notrace
x86/smpboot: Make logical package management more robust
platform/x86: asus-nb-wmi.c: Add X45U quirk
ftrace/x86_32: Set ftrace_stub to weak to prevent gcc from using short jumps to it
vsock/virtio: fix src/dst cid format
fsnotify: Fix possible use-after-free in inode iteration on umount
kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)
KVM: PPC: Book3S HV: Don't lose hardware R/C bit updates in H_PROTECT
KVM: PPC: Book3S HV: Save/restore XER in checkpointed register state
scsi: aacraid: remove wildcard for series 9 controllers
md/raid5: limit request size according to implementation limits
sc16is7xx: Drop bogus use of IRQF_ONESHOT
latent_entropy: fix ARM build error on earlier gcc
arm64: KVM: pmu: Reset PMSELR_EL0.SEL to a sane value before entering the guest
s390/kexec: use node 0 when re-adding crash kernel memory
s390/vmlogrdr: fix IUCV buffer allocation
firmware: fix usermode helper fallback loading
ARC: mm: arc700: Don't assume 2 colours for aliasing VIPT dcache
scsi: avoid a permanent stop of the scsi device's request queue
scsi: zfcp: fix rport unblock race with LUN recovery
scsi: zfcp: do not trace pure benign residual HBA responses at default level
scsi: zfcp: fix use-after-"free" in FC ingress path after TMF
iscsi-target: Return error if unable to add network portal
scsi: megaraid_sas: Do not set MPI2_TYPE_CUDA for JBOD FP path for FW which does not support JBOD sequence map
scsi: megaraid_sas: For SRIOV enabled firmware, ensure VF driver waits for 30secs before reset
stm class: Fix device leak in open error path
vt: fix Scroll Lock LED trigger name
block: protect iterate_bdevs() against concurrent close
mei: me: add lewisburg device ids
mei: request async autosuspend at the end of enumeration
drivers/gpu/drm/ast: Fix infinite loop if read fails
drm/amdgpu: fix init save/restore list in gfx_v8.0
drm/amdgpu: fix enable_cp_power_gating in gfx_v8.0.
drm/amd/powerplay: bypass fan table setup if no fan connected
drm/gma500: Add compat ioctl
drm/radeon/si: load the proper firmware on 0x87 oland boards
drm/radeon: add additional pci revision to dpm workaround
drm/radeon: Hide the HW cursor while it's out of bounds
drm/radeon: Also call cursor_move_locked when the cursor size changes
drm/nouveau/fifo/gf100-: protect channel preempt with subdev mutex
drm/nouveau/i2c/gk110b,gm10x: use the correct implementation
drm/nouveau/ttm: wait for bo fence to signal before unmapping vmas
drm/nouveau/ltc: protect clearing of comptags with mutex
drm/nouveau/bios: require checksum to match for fast acpi shadow method
drm/nouveau/kms: lvds panel strap moved again on maxwell
drm/nouveau/gr: fallback to legacy paths during firmware lookup
drm/amd/amdgpu: enable GUI idle INT after enabling CGCG
drm/amdgpu: Also call cursor_move_locked when the cursor size changes
drm/amdgpu: Store CRTC relative amdgpu_crtc->cursor_x/y values
drm/amdgpu: add additional pci revision to dpm workaround
drm/amdgpu/si: load the proper firmware on 0x87 oland boards
ACPI / video: Add force_native quirk for HP Pavilion dv6
ACPI / video: Add force_native quirk for Dell XPS 17 L702X
staging: comedi: ni_mio_common: fix E series ni_ai_insn_read() data
staging: comedi: ni_mio_common: fix M Series ni_ai_insn_read() data mask
staging: lustre: ldlm: pl_recalc time handling is wrong
staging/lustre/osc: Revert erroneous list_for_each_entry_safe use
hv: acquire vmbus_connection.channel_mutex in vmbus_free_channels()
docs: sphinx-extensions: make rstFlatTable work with docutils 0.13
thermal: hwmon: Properly report critical temperature in sysfs
clk: bcm2835: Avoid overwriting the div info when disabling a pll_div clk
arm64: tegra: Add VDD_GPU regulator to Jetson TX1
gpio: chardev: Return error for seek operations
gpio: stmpe: fix interrupt handling bug
timekeeping_Force_unsigned_clocksource_to_nanoseconds_conversion
mmc: sd: Meet alignment requirements for raw_ssr DMA
regulator: stw481x-vmmc: fix ages old enable error
mmc: sdhci: Fix recovery from tuning timeout
Revert "mmc: sdhci: Reset cmd and data circuits after tuning failure"
ath9k: do not return early to fix rcu unlocking
ath9k: Really fix LED polarity for some Mini PCI AR9220 MB92 cards.
ath9k: fix ath9k_hw_gpio_get() to return 0 or 1 on success
cfg80211/mac80211: fix BSS leaks when abandoning assoc attempts
rtl8xxxu: Work around issue with 8192eu and 8723bu devices not reconnecting
perf/x86/intel/cstate: Prevent hotplug callback leak
perf annotate: Don't throw error for zero length symbols
perf/x86: Fix exclusion of BTS and LBR for Goldmont
rtlwifi: Fix enter/exit power_save
ath10k: fix soft lockup during firmware crash/hw-restart
ssb: Fix error routine when fallback SPROM fails
Linux 4.9.1
x86/kbuild: enable modversions for symbols exported from asm
builddeb: fix cross-building to arm64 producing host-arch debs
xfs: set AGI buffer type in xlog_recover_clear_agi_bucket
xfs: fix up xfs_swap_extent_forks inline extent handling
arm/xen: Use alloc_percpu rather than __alloc_percpu
xen/gntdev: Use VM_MIXEDMAP instead of VM_IO to avoid NUMA balancing
tpm xen: Remove bogus tpm_chip_unregister
kernel/debug/debug_core.c: more properly delay for secondary CPUs
watchdog: qcom: fix kernel panic due to external abort on non-linefetch
watchdog: mei_wdt: request stop on reboot to prevent false positive event
kernel/watchdog: use nmi registers snapshot in hardlockup handler
CIFS: Fix a possible memory corruption in push locks
CIFS: Decrease verbosity of ioctl call
CIFS: Fix a possible double locking of mutex during reconnect
CIFS: Fix missing nls unload in smb2_reconnect()
CIFS: Fix a possible memory corruption during reconnect
cifs: Fix smbencrypt() to stop pointing a scatterlist at the stack
ASoC: intel: Fix crash at suspend/resume without card registration
dm space map metadata: fix 'struct sm_metadata' leak on failed create
dm raid: fix discard support regression
dm rq: fix a race condition in rq_completed()
dm crypt: mark key as invalid until properly loaded
dm flakey: return -EINVAL on interval bounds error in flakey_ctr()
dm table: an 'all_blk_mq' table must be loaded for a blk-mq DM device
dm table: fix 'all_blk_mq' inconsistency when an empty table is loaded
blk-mq: Do not invoke .queue_rq() for a stopped queue
PM / OPP: Don't use OPP structure outside of rcu protected section
PM / OPP: Pass opp_table to dev_pm_opp_put_regulator()
usb: gadget: composite: always set ep->mult to a sensible value
mm, page_alloc: keep pcp count and list contents in sync if struct page is corrupted
mm/vmscan.c: set correct defer count for shrinker
nvmet: Fix possible infinite loop triggered on hot namespace removal
loop: return proper error from loop_queue_rq()
f2fs: fix to determine start_cp_addr by sbi->cur_cp_pack
f2fs: fix overflow due to condition check order
f2fs: set ->owner for debugfs status file's file_operations
Revert "f2fs: use percpu_counter for # of dirty pages in inode"
ext4: do not perform data journaling when data is encrypted
ext4: return -ENOMEM instead of success
ext4: reject inodes with negative size
ext4: add sanity checking to count_overhead()
ext4: fix in-superblock mount options processing
ext4: use more strict checks for inodes_per_block on mount
ext4: fix stack memory corruption with 64k block size
ext4: fix mballoc breakage with 64k block size
ext4: don't lock buffer in ext4_commit_super if holding spinlock
crypto: caam - fix AEAD givenc descriptors
ptrace: Don't allow accessing an undumpable mm
ptrace: Capture the ptracer's creds not PT_PTRACE_CAP
vfs,mm: fix return value of read() at s_maxbytes
mm: Add a user_ns owner to mm_struct and fix ptrace permission checks
block_dev: don't test bdev->bd_contains when it is not stable
splice: reinstate SIGPIPE/EPIPE handling
fs: exec: apply CLOEXEC before changing dumpable task flags
exec: Ensure mm->user_ns contains the execed files
clk: ti: omap36xx: Work around sprz319 advisory 2.1
ALSA: hda: when comparing pin configurations, ignore assoc in addition to seq
ALSA: hda - Gate the mic jack on HP Z1 Gen3 AiO
ALSA: hda - fix headset-mic problem on a Dell laptop
ALSA: hda - ignore the assoc and seq when comparing pin configurations
ALSA: hda/ca0132 - Add quirk for Alienware 15 R2 2016
ALSA: hiface: Fix M2Tech hiFace driver sampling rate change
ALSA: usb-audio: Add QuickCam Communicate Deluxe/S7500 to volume_control_quirks
usbip: vudc: fix: Clear already_seen flag also for ep0
USB: UHCI: report non-PME wakeup signalling for Intel hardware
usb: gadget: composite: correctly initialize ep->maxpacket
usb: gadget: f_uac2: fix error handling at afunc_bind
usb: core: usbport: Use proper LED API to fix potential crash
usb: hub: Fix auto-remount of safely removed or ejected USB-3 devices
usb: dwc3: gadget: set PCM1 field of isochronous-first TRBs
USB: cdc-acm: add device id for GW Instek AFG-125
USB: serial: kl5kusb105: fix open error path
USB: serial: option: add dlink dwm-158
USB: serial: option: add support for Telit LE922A PIDs 0x1040, 0x1041
Btrfs: fix qgroup rescan worker initialization
Btrfs: fix emptiness check for dirtied extent buffers at check_leaf()
btrfs: store and load values of stripes_min/stripes_max in balance status item
Btrfs: fix relocation incorrectly dropping data references
Btrfs: fix tree search logic when replaying directory entry deletes
Btrfs: fix deadlock caused by fsync when logging directory entries
Btrfs: fix BUG_ON in btrfs_mark_buffer_dirty
btrfs: limit async_work allocation and worker func duration
hotplug: Make register and unregister notifier API symmetric
ANDROID: Shrink ashmem directly through shmem_fallocate
ANDROID: ashmem: Add shmem_set_file to mm/shmem.c
ANDROID: Add android config documentation to boot framework.
Conflicts:
Documentation/android.txt
Documentation/cpu-freq/governors.txt
Documentation/networking/ip-sysctl.txt
arch/arm64/boot/Makefile
arch/arm64/kernel/process.c
arch/arm64/kernel/topology.c
arch/arm64/mm/dma-mapping.c
drivers/cpufreq/cpufreq_interactive.c
drivers/input/misc/gpio_matrix.c
drivers/md/Kconfig
drivers/md/dm-android-verity.c
drivers/md/dm-android-verity.h
drivers/md/dm-linear.c
drivers/md/dm-verity-fec.h
drivers/mmc/core/host.c
drivers/platform/goldfish/goldfish_pipe.c
drivers/power/supply/power_supply_sysfs.c
drivers/scsi/ufs/ufshcd.c
drivers/scsi/ufs/ufshcd.h
drivers/staging/android/fiq_debugger/fiq_debugger.c
drivers/staging/android/lowmemorykiller.c
drivers/usb/dwc3/core.h
drivers/usb/gadget/Kconfig
drivers/usb/gadget/configfs.c
drivers/usb/gadget/function/Makefile
drivers/usb/gadget/function/f_accessory.c
drivers/usb/gadget/function/f_audio_source.c
drivers/usb/gadget/function/f_fs.c
drivers/usb/gadget/function/f_mtp.c
drivers/usb/phy/Kconfig
drivers/usb/phy/otg-wakelock.c
fs/ext4/inode.c
fs/ext4/ioctl.c
fs/f2fs/data.c
fs/proc/task_mmu.c
fs/sdcardfs/derived_perm.c
fs/sdcardfs/file.c
fs/sdcardfs/inode.c
fs/sdcardfs/lookup.c
fs/sdcardfs/main.c
fs/sdcardfs/packagelist.c
fs/sdcardfs/sdcardfs.h
fs/sdcardfs/super.c
include/linux/mmc/core.h
include/linux/power_supply.h
include/linux/sched.h
include/linux/usb/f_mtp.h
include/net/fib_rules.h
include/net/route.h
include/trace/events/cpufreq_interactive.h
include/trace/events/power.h
include/trace/events/sched.h
include/uapi/linux/magic.h
include/uapi/linux/prctl.h
init/Kconfig
kernel/cgroup.c
kernel/configs/android-base.config
kernel/power/process.c
kernel/sched/Makefile
kernel/sched/core.c
kernel/sched/cputime.c
kernel/sched/fair.c
kernel/sched/rt.c
kernel/sched/sched.h
kernel/sched/stop_task.c
kernel/sched/tune.c
lib/Kconfig.debug
net/core/fib_rules.c
net/ipv4/inet_connection_sock.c
net/ipv4/ping.c
net/ipv4/raw.c
net/ipv4/route.c
net/ipv4/syncookies.c
net/ipv4/udp.c
net/ipv6/af_inet6.c
net/ipv6/ah6.c
net/ipv6/datagram.c
net/ipv6/esp6.c
net/ipv6/icmp.c
net/ipv6/inet6_connection_sock.c
net/ipv6/ip6_vti.c
net/ipv6/ipcomp6.c
net/ipv6/ping.c
net/ipv6/raw.c
net/ipv6/route.c
net/ipv6/syncookies.c
net/ipv6/tcp_ipv6.c
net/ipv6/udp.c
Change-Id: I82455dc7b564fc5d3ad2b784a0eb8f96c6b05d4c
Signed-off-by: Channagoud Kadabi <ckadabi@codeaurora.org>
|
||
|
Dmitry Shmidt
|
cb057345da |
Merge tag 'v4.9.10' into android-4.9-aosp
This is the 4.9.10 stable release |
||
|
Peter Zijlstra
|
e5c2e51470 |
perf/core: Fix crash in perf_event_read()
commit 451d24d1e5f40bad000fa9abe36ddb16fc9928cb upstream.
Alexei had his box explode because doing read() on a package
(rapl/uncore) event that isn't currently scheduled in ends up doing an
out-of-bounds load.
Rework the code to more explicitly deal with event->oncpu being -1.
Reported-by: Alexei Starovoitov <alexei.starovoitov@gmail.com>
Tested-by: Alexei Starovoitov <ast@kernel.org>
Tested-by: David Carrillo-Cisneros <davidcc@google.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: eranian@google.com
Fixes:
|
||
|
Dmitry Shmidt
|
dcb6110067 |
Merge tag 'v4.9.9' into android-4.9-aosp
This is the 4.9.9 stable release |
||
|
Peter Zijlstra
|
b41615aa70 |
perf/core: Fix PERF_RECORD_MMAP2 prot/flags for anonymous memory
commit 0b3589be9b98994ce3d5aeca52445d1f5627c4ba upstream.
Andres reported that MMAP2 records for anonymous memory always have
their protection field 0.
Turns out, someone daft put the prot/flags generation code in the file
branch, leaving them unset for anonymous memory.
Reported-by: Andres Freund <andres@anarazel.de>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Don Zickus <dzickus@redhat.com
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephane Eranian <eranian@gmail.com>
Cc: Stephane Eranian <eranian@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: acme@kernel.org
Cc: anton@ozlabs.org
Cc: namhyung@kernel.org
Fixes:
|
||
|
Peter Zijlstra
|
3996a91e3b |
perf/core: Fix use-after-free bug
commit a76a82a3e38c8d3fb6499e3dfaeb0949241ab588 upstream.
Dmitry reported a KASAN use-after-free on event->group_leader.
It turns out there's a hole in perf_remove_from_context() due to
event_function_call() not calling its function when the task
associated with the event is already dead.
In this case the event will have been detached from the task, but the
grouping will have been retained, such that group operations might
still work properly while there are live child events etc.
This does however mean that we can miss a perf_group_detach() call
when the group decomposes, this in turn can then lead to
use-after-free.
Fix it by explicitly doing the group detach if its still required.
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Tested-by: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: syzkaller <syzkaller@googlegroups.com>
Fixes:
|
||
|
Olav Haugan
|
23d984b28d |
perf: Add cpu isolation awareness
Ensure perf events does not wake up idle cores when core is isolated. Change-Id: Ifefb2f1cf6c24af7bc46fc62797955b8c8ad5815 Signed-off-by: Olav Haugan <ohaugan@codeaurora.org> |
||
|
Dmitry Shmidt
|
e37704d2d0 |
Merge tag 'v4.9.8' into android-4.9
This is the 4.9.8 stable release |
||
|
Peter Zijlstra
|
922813f4d6 |
perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race
commit 321027c1fe77f892f4ea07846aeae08cefbbb290 upstream. Di Shen reported a race between two concurrent sys_perf_event_open() calls where both try and move the same pre-existing software group into a hardware context. The problem is exactly that described in commit: |
||
|
Jeff Vander Stoep
|
d28f856d2c |
FROMLIST: security,perf: Allow further restriction of perf_event_open
When kernel.perf_event_open is set to 3 (or greater), disallow all access to performance events by users without CAP_SYS_ADMIN. Add a Kconfig symbol CONFIG_SECURITY_PERF_EVENTS_RESTRICT that makes this value the default. This is based on a similar feature in grsecurity (CONFIG_GRKERNSEC_PERF_HARDEN). This version doesn't include making the variable read-only. It also allows enabling further restriction at run-time regardless of whether the default is changed. https://lkml.org/lkml/2016/1/11/587 Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Bug: 29054680 Change-Id: Iff5bff4fc1042e85866df9faa01bce8d04335ab8 |
||
|
Kyle Yan
|
f37d2ac4fd |
Merge remote-tracking branch 'origin/tmp-69973b8' into msm-4.8
* origin/tmp-69973b8: Linux 4.9 MIPS: Lantiq: Fix mask of GPE frequency MIPS: Return -ENODEV from weak implementation of rtc_mips_set_time net: mlx5: Fix Kconfig help text net: smsc911x: back out silently on probe deferrals ibmveth: set correct gso_size and gso_type Revert "radix tree test suite: fix compilation" net: ethernet: cpmac: Call SET_NETDEV_DEV() net: ethernet: lantiq_etop: Call SET_NETDEV_DEV() vhost-vsock: fix orphan connection reset cxgb4/cxgb4vf: Assign netdev->dev_port with port ID parisc: Fix TLB related boot crash on SMP machines driver: ipvlan: Unlink the upper dev when ipvlan_link_new failed ser_gigaset: return -ENOMEM on error instead of success ARM: dts: orion5x: fix number of sata port for linkstation ls-gl NET: usb: cdc_mbim: add quirk for supporting Telit LE922A can: peak: fix bad memory access and free sequence ceph: don't set req->r_locked_dir in ceph_d_revalidate crypto: algif_aead - fix uninitialized variable warning kcov: add missing #include <linux/sched.h> radix tree test suite: fix compilation zram: restrict add/remove attributes to root only libata-scsi: disable SCT Write Same for the moment ARM: dts: imx7d: fix LCDIF clock assignment dts: sun8i-h3: correct UART3 pin definitions phy: Don't increment MDIO bus refcount unless it's a different owner netvsc: reduce maximum GSO size drivers: net: cpsw-phy-sel: Clear RGMII_IDMODE on "rgmii" links Revert "default exported asm symbols to zero" Don't feed anything but regular iovec's to blk_rq_map_user_iov drm/amdgpu: just suspend the hw on pci shutdown crypto: mcryptd - Check mcryptd algorithm compatibility crypto: algif_aead - fix AEAD tag memory handling crypto: caam - fix pointer size for AArch64 boot loader, AArch32 kernel crypto: marvell - Don't corrupt state of an STD req for re-stepped ahash crypto: marvell - Don't copy hash operation twice into the SRAM can: raw: raw_setsockopt: limit number of can_filter that can be set parisc: Remove unnecessary TLB purges from flush_dcache_page_asm and flush_icache_page_asm parisc: Purge TLB before setting PTE device-dax: fix private mapping restriction, permit read-only tools/testing/nvdimm: unit test acpi_nfit_ctl() acpi, nfit: fix bus vs dimm confusion in xlat_status acpi, nfit: validate ars_status output buffer size acpi, nfit, libnvdimm: fix / harden ars_status output length handling acpi, nfit: fix extended status translations for ACPI DSMs dbri: move dereference after check for NULL shmem: fix shm fallocate() list corruption net/mlx5e: Change the SQ/RQ operational state to positive logic net/mlx5e: Don't flush SQ on error net/mlx5e: Don't notify HW when filling the edge of ICO SQ net/mlx5: Fix query ISSI flow net/mlx5: Remove duplicate pci dev name print net/mlx5: Verify module parameters net: fec: fix compile with CONFIG_M5272 be2net: Add DEVSEC privilege to SET_HSW_CONFIG command. virtio-net: Fix DMA-from-the-stack in virtnet_set_mac_address() tcp: warn on bogus MSS and try to amend it uapi glibc compat: fix outer guard of net device flags enum net: stmmac: clear reset value of snps, wr_osr_lmt/snps, rd_osr_lmt before writing fuse: fix clearing suid, sgid for chown() lockdep: Fix report formatting perf/core: Remove invalid warning from list_update_cgroup_even()t perf/x86: Fix full width counter, counter overflow perf/x86/intel: Enable C-state residency events for Knights Mill objtool: Fix bytes check of lea's rex_prefix netlink: Do not schedule work from sk_destruct uapi: export nf_log.h uapi: export tc_skbmod.h net: ep93xx_eth: Do not crash unloading module bnx2x: Prevent tunnel config for 577xx bnx2x: Correct ringparam estimate when DOWN isdn: hisax: set error code on failure net: bnx2x: fix improper return value net: ethernet: qlogic: set error code on failure atm: fix improper return value net: irda: set error code on failures net: caif: remove ineffective check net: ping: check minimum size on ICMP header length atm: lanai: set error code when ioremap fails net: usb: set error code when usb_alloc_urb fails net: bridge: set error code on failure net: af_mpls.c add space before open parenthesis netdev: broadcom: propagate error code ipv4: Drop suffix update from resize code ipv4: Drop leaf from suffix pull/push functions net: dcb: set error code on failures locking/rtmutex: Use READ_ONCE() in rt_mutex_owner() locking/rtmutex: Prevent dequeue vs. unlock race batman-adv: Check for alloc errors when preparing TT local data powerpc/64: Fix placement of .text to be immediately following .head.text powerpc/eeh: Fix deadlock when PE frozen state can't be cleared crypto: rsa - Add Makefile dependencies to fix parallel builds crypto: chcr - Fix memory corruption crypto: drbg - prevent invalid SG mappings ata: sata_mv: check for errors when parsing nr-ports from dt powerpc/mm: Fix lazy icache flush on pre-POWER5 powerpc/boot: Fix build failure in 32-bit boot wrapper x86/unwind: Fix guess-unwinder regression x86/build: Annotate die() with noreturn to fix build warning on clang x86/platform/olpc: Fix resume handler build warning scsi: lpfc: fix oops/BUG in lpfc_sli_ringtxcmpl_put() locking/selftest: Fix output since KERN_CONT changes x86/apic/uv: Silence a shift wrapping warning x86/coredump: Always use user_regs_struct for compat_elf_gregset_t sched/autogroup: Fix 64-bit kernel nice level adjustment m68k: Fix ndelay() macro m68k/defconfig: Update defconfigs for v4.9-rc1 Change-Id: Idc16bee2830d4c5c61a174175aeabc04b20067b3 Signed-off-by: Kyle Yan <kyan@codeaurora.org> |