49eea524bebea0d2b7dfa1c709a6694de808eb8a
1374 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Linux Build Service Account
|
8f8b5140bd |
Merge "Merge android-4.9.92 (9c3fb9c) into msm-4.9"
|
||
|
Linux Build Service Account
|
78667dedc6 |
Merge "Merge android-4.9.90 (dd1e37e) into msm-4.9"
|
||
|
Blagovest Kolenichev
|
427fd2195c |
Merge android-4.9.92 (9c3fb9c) into msm-4.9
* refs/heads/tmp-9c3fb9c: Linux 4.9.92 net: hns: Fix a skb used after free bug kcm: lock lower socket in kcm_attach net: systemport: Rewrite __bcm_sysport_tx_reclaim() s390/qeth: on channel error, reject further cmd requests s390/qeth: lock read device while queueing next buffer s390/qeth: when thread completes, wake up all waiters s390/qeth: free netdevice when removing a card soc/fsl/qbman: fix issue in qman_delete_cgr_safe() team: Fix double free in error path skbuff: Fix not waking applications when errors are enqueued net: Only honor ifindex in IP_PKTINFO if non-0 netlink: avoid a double skb free in genlmsg_mcast() net/iucv: Free memory obtained by kzalloc net: fec: Fix unbalanced PM runtime calls net: ethernet: ti: cpsw: add check for in-band mode setting with RGMII PHY interface net: ethernet: arc: Fix a potential memory leak if an optional regulator is deferred l2tp: do not accept arbitrary sockets ipv6: fix access to non-linear packet in ndisc_fill_redirect_hdr_option() dccp: check sk for closed state in dccp_sendmsg() net: Fix hlist corruptions in inet_evict_bucket() net: use skb_to_full_sk() in skb_update_prio() ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event() sch_netem: fix skb leak in netem_enqueue() rhashtable: Fix rhlist duplicates insertion ppp: avoid loop in xmit recursion detection code net sched actions: return explicit error when tunnel_key mode is not specified Revert "genirq: Use irqd_get_trigger_type to compare the trigger type for shared IRQs" scsi: sg: don't return bogus Sg_requests Revert "genirq: Use irqd_get_trigger_type to compare the trigger type for shared IRQs" Change-Id: I539eaf561b5aa70589d886052d160c71a79145ad Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> |
||
|
Blagovest Kolenichev
|
16b6ed19fc |
Merge android-4.9.87 (a290494) into msm-4.9
* refs/heads/tmp-a290494: Linux 4.9.87 btrfs: preserve i_mode if __btrfs_set_acl() fails bpf, ppc64: fix out of bounds access in tail call bpf: add schedule points in percpu arrays management bpf, arm64: fix out of bounds access in tail call bpf, x64: implement retpoline for tail call bpf: fix mlock precharge on arraymaps bpf: fix wrong exposure of map_flags into fdinfo for lpm mpls, nospec: Sanitize array index in mpls_label_ok() net: mpls: Pull common label check into helper sctp: verify size of a new chunk in _sctp_make_chunk() s390/qeth: fix IPA command submission race s390/qeth: fix IP address lookup for L3 devices s390/qeth: fix double-free on IP add/remove race s390/qeth: fix IP removal on offline cards s390/qeth: fix overestimated count of buffer elements s390/qeth: fix SETIP command handling s390/qeth: fix underestimated count of buffer elements sctp: fix dst refcnt leak in sctp_v6_get_dst() tcp_bbr: better deal with suboptimal GSO rxrpc: Fix send in rxrpc_send_data_packet() tcp: Honor the eor bit in tcp_mtu_probe net: phy: fix phy_start to consider PHY_IGNORE_INTERRUPT mlxsw: spectrum_switchdev: Check success of FDB add operation sctp: fix dst refcnt leak in sctp_v4_get_dst udplite: fix partial checksum initialization ppp: prevent unregistered channels from connecting to PPP units netlink: ensure to loop over all netns in genlmsg_multicast_allns() net: ipv4: don't allow setting net.ipv4.route.min_pmtu below 68 net: fix race on decreasing number of TX queues ipv6 sit: work around bogus gcc-8 -Wrestrict warning hdlc_ppp: carrier detect ok, don't turn off negotiation fib_semantics: Don't match route with mismatching tclassid bridge: check brport attr show in brport_show x86/apic/vector: Handle legacy irq data correctly netlink: put module reference if dump start fails md: only allow remove_and_add_spares when no sync_thread running. x86/speculation: Use Indirect Branch Prediction Barrier in context switch x86/mm: Give each mm TLB flush generation a unique ID ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux ARM: dts: LogicPD SOM-LV: Fix I2C1 pinmux dm io: fix duplicate bio completion due to missing ref count PCI/ASPM: Deal with missing root ports in link state handling KVM/VMX: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR path as unlikely() KVM/x86: Remove indirect MSR op calls from SPEC_CTRL KVM: mmu: Fix overlap between public and private memslots ARM: kvm: fix building with gcc-8 ARM: mvebu: Fix broken PL310_ERRATA_753970 selects nospec: Allow index argument to have const-qualified type media: m88ds3103: don't call a non-initalized function x86/platform/intel-mid: Handle Intel Edison reboot correctly x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend dax: fix vma_is_fsdax() helper cpufreq: s3c24xx: Fix broken s3c_cpufreq_init() parisc: Fix ordering of cache and TLB flushes timers: Forward timer base before migrating timers ALSA: hda - Fix pincfg at resume on Lenovo T470 dock ALSA: hda: Add a power_save blacklist ALSA: usb-audio: Add a quirck for B&W PX headphones tpm-dev-common: Reject too short writes tpm_tis_spi: Use DMA-safe memory for SPI transfers tpm: constify transmit data pointers tpm_tis: fix potential buffer overruns caused by bit glitches on the bus tpm_i2c_nuvoton: fix potential buffer overruns caused by bit glitches on the bus tpm_i2c_infineon: fix potential buffer overruns caused by bit glitches on the bus tpm: st33zp24: fix potential buffer overruns caused by bit glitches on the bus FROMLIST: ARM: amba: Don't read past the end of sysfs "driver_override" buffer UPSTREAM: ANDROID: binder: remove WARN() for redundant txn error Conflicts: kernel/time/timer.c Change-Id: I302546c52a480e9a4c661accf021766c499739b9 Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> |
||
|
Alexander Duyck
|
3f59047e8a |
ipv4/GRO: Make GRO conform to RFC 6864
RFC 6864 states that the IPv4 ID field MUST NOT be used for purposes other than fragmentation and reassembly. Currently we are looking at this field as a way of identifying what frames can be aggregated and which cannot for GRO. While this is valid for frames that do not have DF set, it is invalid to do so if the bit is set. In addition we were generating IPv4 ID collisions when 2 or more flows were interleaved over the same tunnel. To prevent that we store the result of all IP ID checks via a "|=" instead of overwriting previous values. Change-Id: I96d90494f929fb217ceaa1698213465b0a17835a CRs-Fixed: 2221952 Signed-off-by: Alexander Duyck <aduyck@mirantis.com> Patch-mainline: netdev @ April 1, 2016, 6:05 p.m Signed-off-by: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org> Signed-off-by: Manjunathappa Prakash <prakashpm@codeaurora.org> |
||
|
Manjunathappa Prakash
|
39e939a52b |
Revert "GRO: Add support for TCP with fixed IPv4 ID field, limit tunnel IP ID values"
This reverts commit
|
||
|
Eric Dumazet
|
28984ba0c4 |
net: use skb_to_full_sk() in skb_update_prio()
[ Upstream commit 4dcb31d4649df36297296b819437709f5407059c ]
Andrei Vagin reported a KASAN: slab-out-of-bounds error in
skb_update_prio()
Since SYNACK might be attached to a request socket, we need to
get back to the listener socket.
Since this listener is manipulated without locks, add const
qualifiers to sock_cgroup_prioidx() so that the const can also
be used in skb_update_prio()
Also add the const qualifier to sock_cgroup_classid() for consistency.
Fixes:
|
||
|
Blagovest Kolenichev
|
e06a1054bd |
Merge android-4.9.84 (a9d0273) into msm-4.9
* refs/heads/tmp-a9d0273:
Linux 4.9.84
crypto: s5p-sss - Fix kernel Oops in AES-ECB mode
KVM: nVMX: invvpid handling improvements
KVM: VMX: clean up declaration of VPID/EPT invalidation types
KVM: async_pf: Fix #DF due to inject "Page not Present" and "Page Ready" exceptions simultaneously
x86/microcode/AMD: Change load_microcode_amd()'s param to bool to fix preemptibility bug
usb: phy: msm add regulator dependency
arm64: fix warning about swapper_pg_dir overflow
idle: i7300: add PCI dependency
spi: bcm-qspi: shut up warning about cfi header inclusion
binfmt_elf: compat: avoid unused function warning
arm64: sunxi: always enable reset controller
drm/i915: hide unused intel_panel_set_backlight function
kasan: rework Kconfig settings
clk: meson: gxbb: fix build error without RESET_CONTROLLER
ISDN: eicon: reduce stack size of sig_ind function
tw5864: use dev_warn instead of WARN to shut up warning
em28xx: only use mt9v011 if camera support is enabled
go7007: add MEDIA_CAMERA_SUPPORT dependency
tc358743: fix register i2c_rd/wr functions
shmem: fix compilation warnings on unused functions
KVM: add X86_LOCAL_APIC dependency
Input: tca8418_keypad - hide gcc-4.9 -Wmaybe-uninitialized warning
drm/nouveau: hide gcc-4.9 -Wmaybe-uninitialized
rbd: silence bogus -Wmaybe-uninitialized warning
drm: exynos: mark pm functions as __maybe_unused
security/keys: BIG_KEY requires CONFIG_CRYPTO
cw1200: fix bogus maybe-uninitialized warning
reiserfs: avoid a -Wmaybe-uninitialized warning
ALSA: hda/ca0132 - fix possible NULL pointer use
arm64: Kconfig: select COMPAT_BINFMT_ELF only when BINFMT_ELF is set
scsi: advansys: fix uninitialized data access
x86/vm86: Fix unused variable warning if THP is disabled
x86/platform: Add PCI dependency for PUNIT_ATOM_DEBUG
dmaengine: zx: fix build warning
x86: add MULTIUSER dependency for KVM
thermal: fix INTEL_SOC_DTS_IOSF_CORE dependencies
x86/build: Silence the build with "make -s"
tools build: Add tools tree support for 'make -s'
x86/fpu/math-emu: Fix possible uninitialized variable use
arm64: define BUG() instruction without CONFIG_BUG
gpio: xgene: mark PM functions as __maybe_unused
x86/ras/inject: Make it depend on X86_LOCAL_APIC=y
scsi: advansys: fix build warning for PCI=n
video: fbdev: via: remove possibly unused variables
perf: xgene: Include module.h
PCI: Change pci_host_common_probe() visibility
usb: musb: fix compilation warning on unused function
platform/x86: intel_mid_thermal: Fix suspend handlers unused warning
gpio: intel-mid: Fix build warning when !CONFIG_PM
PCI: vmd: Fix suspend handlers defined-but-not-used warning
perf/x86: Shut up false-positive -Wmaybe-uninitialized warning
vmxnet3: prevent building with 64K pages
clk: sunxi-ng: fix build error without CONFIG_RESET_CONTROLLER
shmem: avoid maybe-uninitialized warning
drm/i915: fix intel_backlight_device_register declaration
crypto: talitos - fix Kernel Oops on hashing an empty file
powerpc/64s: Improve RFI L1-D cache flush fallback
powerpc/64s: Simple RFI macro conversions
powerpc/64s: Fix conversion of slb_miss_common to use RFI_TO_USER/KERNEL
hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close
xen: XEN_ACPI_PROCESSOR is Dom0-only
platform/x86: dell-laptop: Fix keyboard max lighting for Dell Latitude E6410
x86/mm/kmmio: Fix mmiotrace for page unaligned addresses
mm/early_ioremap: Fix boot hang with earlyprintk=efi,keep
usb: dwc3: of-simple: fix missing clk_disable_unprepare
usb: dwc3: gadget: Wait longer for controller to end command processing
dmaengine: jz4740: disable/unprepare clk if probe fails
drm/armada: fix leak of crtc structure
xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies.
spi: sun4i: disable clocks in the remove function
ASoC: rockchip: disable clock on error
clk: fix a panic error caused by accessing NULL pointer
dmaengine: at_hdmac: fix potential NULL pointer dereference in atc_prep_dma_interleaved
dmaengine: ioat: Fix error handling path
gianfar: Disable EEE autoneg by default
509: fix printing uninitialized stack memory when OID is empty
net: ethernet: arc: fix error handling in emac_rockchip_probe
brcmfmac: Avoid build error with make W=1
btrfs: Fix possible off-by-one in btrfs_search_path_in_tree
net_sched: red: Avoid illegal values
net_sched: red: Avoid devision by zero
gianfar: fix a flooded alignment reports because of padding issue.
ARM: dts: Fix elm interrupt compiler warning
s390/dasd: prevent prefix I/O error
powerpc/perf: Fix oops when grouping different pmu events
m68k: add missing SOFTIRQENTRY_TEXT linker section
ipvlan: Add the skb->mark as flow4's member to lookup route
scripts/kernel-doc: Don't fail with status != 0 if error encountered with -none
sctp: only update outstanding_bytes for transmitted queue when doing prsctp_prune
RDMA/cma: Make sure that PSN is not over max allowed
i40iw: Correct ARP index mask
pinctrl: sunxi: Fix A64 UART mux value
pinctrl: sunxi: Fix A80 interrupt pin bank
media: s5k6aa: describe some function parameters
perf bench numa: Fixup discontiguous/sparse numa nodes
perf top: Fix window dimensions change handling
ARM: dts: am437x-cm-t43: Correct the dmas property of spi0
ARM: dts: am4372: Correct the interrupts_properties of McASP
ARM: dts: logicpd-somlv: Fix wl127x pinmux
ARM: dts: logicpd-som-lv: Fix gpmc addresses for NAND and enet
ARM: dts: Fix omap4 hang with GPS connected to USB by using wakeupgen
ARM: AM33xx: PRM: Remove am33xx_pwrdm_read_prev_pwrst function
ARM: OMAP2+: Fix SRAM virt to phys translation for save_secure_ram_context
usb: build drivers/usb/common/ when USB_SUPPORT is set
usbip: keep usbip_device sockfd state in sync with tcp_socket
staging: iio: ad5933: switch buffer mode to software
staging: iio: adc: ad7192: fix external frequency setting
binder: check for binder_thread allocation failure in binder_poll()
staging: android: ashmem: Fix a race condition in pin ioctls
dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock
arm64: dts: add #cooling-cells to CPU nodes
ARM: 8743/1: bL_switcher: add MODULE_LICENSE tag
video: fbdev/mmp: add MODULE_LICENSE
ASoC: ux500: add MODULE_LICENSE tag
crypto: hash - prevent using keyed hashes without setting key
crypto: hash - annotate algorithms taking optional key
net: avoid skb_warn_bad_offload on IS_ERR
rds: tcp: atomically purge entries from rds_tcp_conn_list during netns delete
netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert
netfilter: xt_cgroup: initialize info->priv in cgroup_mt_check_v1()
netfilter: on sockopt() acquire sock lock only in the required scope
netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check()
netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target}
netfilter: x_tables: fix int overflow in xt_alloc_table_info()
kcov: detect double association with a single task
KVM: x86: fix escape of guest dr6 to the host
blk_rq_map_user_iov: fix error override
staging: android: ion: Switch from WARN to pr_warn
staging: android: ion: Add __GFP_NOWARN for system contig heap
crypto: x86/twofish-3way - Fix %rbp usage
selinux: skip bounded transition processing if the policy isn't loaded
selinux: ensure the context is NUL terminated in security_context_to_sid_core()
Provide a function to create a NUL-terminated string from unterminated data
ptr_ring: fail early if queue occupies more than KMALLOC_MAX_SIZE
drm: Require __GFP_NOFAIL for the legacy drm_modeset_lock_all
blktrace: fix unlocked registration of tracepoints
sctp: set frag_point in sctp_setsockopt_maxseg correctly
xfrm: check id proto in validate_tmpl()
xfrm: Fix stack-out-of-bounds read on socket policy lookup.
mm,vmscan: Make unregister_shrinker() no-op if register_shrinker() failed.
xfrm: skip policies marked as dead while rehashing
cfg80211: check dev_set_name() return value
kcm: Only allow TCP sockets to be attached to a KCM mux
kcm: Check if sk_user_data already set in kcm_attach
vhost: use mutex_lock_nested() in vhost_dev_lock_vqs()
ANDROID: sdcardfs: Hold i_mutex for i_size_write
UPSTREAM: ANDROID: binder: synchronize_rcu() when using POLLFREE.
BACKPORT, FROMGIT: crypto: speck - add test vectors for Speck64-XTS
BACKPORT, FROMGIT: crypto: speck - add test vectors for Speck128-XTS
BACKPORT, FROMGIT: crypto: arm/speck - add NEON-accelerated implementation of Speck-XTS
FROMGIT: crypto: speck - export common helpers
BACKPORT, FROMGIT: crypto: speck - add support for the Speck block cipher
f2fs: updates on v4.16-rc1
Linux 4.9.83
media: r820t: fix r820t_write_reg for KASAN
ARM: dts: Delete bogus reference to the charlcd
arm: dts: mt2701: Add reset-cells
ARM: dts: s5pv210: add interrupt-parent for ohci
arm64: dts: msm8916: Add missing #phy-cells
ARM: pxa/tosa-bt: add MODULE_LICENSE tag
ARM: dts: exynos: fix RTC interrupt for exynos5410
vfs: don't do RCU lookup of empty pathnames
x86: fix build warnign with 32-bit PAE
x86/cpu: Change type of x86_cache_size variable to unsigned int
x86/spectre: Fix an error message
x86/cpu: Rename cpu_data.x86_mask to cpu_data.x86_stepping
selftests/x86/mpx: Fix incorrect bounds with old _sigfault
x86/speculation: Add <asm/msr-index.h> dependency
nospec: Move array_index_nospec() parameter checking into separate macro
x86/speculation: Fix up array_index_nospec_mask() asm constraint
selftests/x86: Do not rely on "int $0x80" in single_step_syscall.c
selftests/x86: Do not rely on "int $0x80" in test_mremap_vdso.c
selftests/x86/pkeys: Remove unused functions
x86/speculation: Clean up various Spectre related details
X86/nVMX: Properly set spec_ctrl and pred_cmd before merging MSRs
KVM/x86: Reduce retpoline performance impact in slot_handle_level_range(), by always inlining iterator helper methods
x86/speculation: Correct Speculation Control microcode blacklist again
x86/speculation: Update Speculation Control microcode blacklist
compiler-gcc.h: Introduce __optimize function attribute
x86/entry/64/compat: Clear registers for compat syscalls, to reduce speculation attack surface
arm: spear13xx: Fix spics gpio controller's warning
arm: spear13xx: Fix dmas cells
arm: spear600: Add missing interrupt-parent of rtc
ARM: dts: nomadik: add interrupt-parent for clcd
ARM: dts: STi: Add gpio polarity for "hdmi,hpd-gpio" property
ARM: lpc3250: fix uda1380 gpio numbers
arm64: dts: msm8916: Correct ipc references for smsm
s390: fix handling of -1 in set{,fs}[gu]id16 syscalls
ocfs2: try a blocking lock before return AOP_TRUNCATED_PAGE
PM / devfreq: Propagate error from devfreq_add_device()
cpufreq: powernv: Dont assume distinct pstate values for nominal and pmin
RDMA/rxe: Fix a race condition related to the QP error state
kselftest: fix OOM in memory compaction test
IB/mlx4: Fix incorrectly releasing steerable UD QPs when have only ETH ports
IB/qib: Fix comparison error with qperf compare/swap test
powerpc: fix build errors in stable tree
dm: correctly handle chained bios in dec_pending()
usb: Move USB_UHCI_BIG_ENDIAN_* out of USB_SUPPORT
mvpp2: fix multicast address filter
ALSA: seq: Fix racy pool initializations
ALSA: usb-audio: add implicit fb quirk for Behringer UFX1204
ALSA: hda/realtek: PCI quirk for Fujitsu U7x7
ALSA: hda/realtek - Enable Thinkpad Dock device for ALC298 platform
ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute
ALSA: hda - Fix headset mic detection problem for two Dell machines
mtd: nand: vf610: set correct ooblayout
9p/trans_virtio: discard zero-length reply
Btrfs: fix unexpected -EEXIST when creating new inode
Btrfs: fix btrfs_evict_inode to handle abnormal inodes correctly
Btrfs: fix extent state leak from tree log
Btrfs: fix crash due to not cleaning up tree log block's dirty bits
Btrfs: fix deadlock in run_delalloc_nocow
target/iscsi: avoid NULL dereference in CHAP auth error path
rtlwifi: rtl8821ae: Fix connection lost problem correctly
console/dummy: leave .con_font_get set to NULL
video: fbdev: atmel_lcdfb: fix display-timings lookup
PCI: keystone: Fix interrupt-controller-node lookup
MIPS: Fix typo BIG_ENDIAN to CPU_BIG_ENDIAN
mm: Fix memory size alignment in devm_memremap_pages_release()
mm: hide a #warning for COMPILE_TEST
ext4: correct documentation for grpid mount option
ext4: save error to disk in __ext4_grp_locked_error()
ext4: fix a race in the ext4 shutdown path
jbd2: fix sphinx kernel-doc build warnings
mbcache: initialize entry->e_referenced in mb_cache_entry_create()
rtc-opal: Fix handling of firmware error codes, prevent busy loops
drm/radeon: adjust tested variable
drm/radeon: Add dpm quirk for Jet PRO (v2)
scsi: smartpqi: allow static build ("built-in")
BACKPORT: tee: shm: Potential NULL dereference calling tee_shm_register()
BACKPORT: tee: shm: don't put_page on null shm->pages
BACKPORT: tee: shm: make function __tee_shm_alloc static
BACKPORT: tee: optee: check type of registered shared memory
BACKPORT: tee: add start argument to shm_register callback
BACKPORT: tee: optee: fix header dependencies
BACKPORT: tee: shm: inline tee_shm_get_id()
BACKPORT: tee: use reference counting for tee_context
BACKPORT: tee: optee: enable dynamic SHM support
BACKPORT: tee: optee: add optee-specific shared pool implementation
BACKPORT: tee: optee: store OP-TEE capabilities in private data
BACKPORT: tee: optee: add registered buffers handling into RPC calls
BACKPORT: tee: optee: add registered shared parameters handling
BACKPORT: tee: optee: add shared buffer registration functions
BACKPORT: tee: optee: add page list manipulation functions
BACKPORT: tee: optee: Update protocol definitions
BACKPORT: tee: shm: add page accessor functions
BACKPORT: tee: shm: add accessors for buffer size and page offset
BACKPORT: tee: add register user memory
BACKPORT: tee: flexible shared memory pool creation
BACKPORT: optee: support asynchronous supplicant requests
BACKPORT: tee: add TEE_IOCTL_PARAM_ATTR_META
BACKPORT: tee: add tee_param_is_memref() for driver use
UPSTREAM: tcp: fix access to sk->sk_state in tcp_poll()
BACKPORT: tcp: fix potential double free issue for fastopen_req
BACKPORT: xfrm: Fix return value check of copy_sec_ctx.
time: Fix ktime_get_raw() incorrect base accumulation
FROMLIST: coresight: ETM: Add support for ARM Cortex-A73
FROMLIST: coresight: tmc: implementing TMC-ETR AUX space API
UPSTREAM: coresight: etm_perf: Fix using uninitialised work
UPSTREAM: coresight: fix kernel panic caused by invalid CPU
UPSTREAM: coresight: Fix disabling of CoreSight TPIU
UPSTREAM: coresight: perf: Add a missing call to etm_free_aux
UPSTREAM: coresight: tmc: Remove duplicate memset
UPSTREAM: coresight: tmc: Get rid of mode parameter for helper routines
UPSTREAM: coresight: tmc: Cleanup operation mode handling
UPSTREAM: coresight: reset "enable_sink" flag when need be
sched/fair: prevent possible infinite loop in sched_group_energy
ANDROID: qtaguid: Fix the UAF probelm with tag_ref_tree
UPSTREAM: ANDROID: binder: remove waitqueue when thread exits.
ANDROID: sdcardfs: Protect set_top
ANDROID: fsnotify: Notify lower fs of open
Revert "ANDROID: sdcardfs: notify lower file of opens"
ANDROID: sdcardfs: Use lower getattr times/size
ANDROID: sched: EAS: check energy_aware() before calling select_energy_cpu_brute() in up-migrate path
UPSTREAM: eventpoll.h: add missing epoll event masks
BACKPORT: thermal/drivers/hisi: Add support for hi3660 SoC
BACKPORT: thermal/drivers/hisi: Prepare to add support for other hisi platforms
BACKPORT: thermal/drivers/hisi: Add platform prefix to function name
BACKPORT: thermal/drivers/hisi: Put platform code together
BACKPORT: thermal/drivers/hisi: Use round up step value
BACKPORT: thermal/drivers/hisi: Move the clk setup in the corresponding functions
BACKPORT: thermal/drivers/hisi: Remove mutex_lock in the code
BACKPORT: thermal/drivers/hisi: Remove thermal data back pointer
BACKPORT: thermal/drivers/hisi: Convert long to int
BACKPORT: thermal/drivers/hisi: Rename and remove unused field
BACKPORT: thermal/drivers/hisi: Remove costly sensor inspection
BACKPORT: thermal/drivers/hisi: Fix configuration register setting
BACKPORT: thermal/drivers/hisi: Encapsulate register writes into helpers
BACKPORT: thermal/drivers/hisi: Remove pointless lock
BACKPORT: thermal/drivers/hisi: Remove the multiple sensors support
BACKPORT: thermal: hisilicon: constify thermal_zone_of_device_ops structures
ANDROID: xattr: Pass EOPNOTSUPP to permission2
ANDROID: sdcardfs: Move default_normal to superblock
UPSTREAM: tcp: fix a request socket leak
UPSTREAM: tcp: fix possible deadlock in TCP stack vs BPF filter
UPSTREAM: tcp: Add a tcp_filter hook before handle ack packet
FROMLIST: arm64: kpti: Fix the interaction between ASID switching and software PAN
FROMLIST: arm64: Move post_ttbr_update_workaround to C code
fscrypt: updates on 4.15-rc4
ANDROID: uid_sys_stats: fix the comment
BACKPORT: optee: fix invalid of_node_put() in optee_driver_init()
BACKPORT: tee: optee: sync with new naming of interrupts
BACKPORT: tee: indicate privileged dev in gen_caps
BACKPORT: tee: optee: interruptible RPC sleep
BACKPORT: tee: optee: add const to tee_driver_ops and tee_desc structures
BACKPORT: tee: tee_shm: Constify dma_buf_ops structures.
BACKPORT: tee: add forward declaration for struct device
BACKPORT: tee: optee: fix uninitialized symbol 'parg'
BACKPORT: tee.txt: standardize document format
BACKPORT: tee: add ARM_SMCCC dependency
clocksource: arch_timer: make virtual counter access configurable
arm64: issue isb when trapping CNTVCT_EL0 access
BACKPORT: arm64: Add CNTFRQ_EL0 trap handler
BACKPORT: arm64: Add CNTVCT_EL0 trap handler
ANDROID: sdcardfs: Fix missing break on default_normal
ANDROID: arm64: kaslr: fixup Falkor workaround for 4.9
ANDROID: usb: f_fs: Prevent gadget unbind if it is already unbound
arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry
arm64: use RET instruction for exiting the trampoline
UPSTREAM: arm64: kaslr: Put kernel vectors address in separate data page
UPSTREAM: arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR
UPSTREAM: arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0
UPSTREAM: arm64: entry: Add fake CPU feature for unmapping the kernel at EL0
UPSTREAM: arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks
UPSTREAM: arm64: erratum: Work around Falkor erratum #E1003 in trampoline code
UPSTREAM: arm64: entry: Hook up entry trampoline to exception vectors
UPSTREAM: arm64: entry: Explicitly pass exception level to kernel_ventry macro
UPSTREAM: arm64: mm: Map entry trampoline into trampoline and kernel page tables
UPSTREAM: arm64: entry: Add exception trampoline page for exceptions from EL0
UPSTREAM: arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI
UPSTREAM: arm64: mm: Add arm64_kernel_unmapped_at_el0 helper
UPSTREAM: arm64: mm: Allocate ASIDs in pairs
UPSTREAM: arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN
UPSTREAM: arm64: mm: Rename post_ttbr0_update_workaround
UPSTREAM: arm64: mm: Move ASID from TTBR0 to TTBR1
UPSTREAM: arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN
UPSTREAM: arm64: mm: Use non-global mappings for kernel space
UPSTREAM: arm64: factor out entry stack manipulation
ANDROID: sdcardfs: Add default_normal option
ANDROID: sdcardfs: notify lower file of opens
blkdev: Refactoring block io latency histogram codes
UPSTREAM: netfilter: conntrack: use power efficient workqueue
ANDROID: binder: Remove obsolete proc waitqueue.
UPSTREAM: arm64: setup: introduce kaslr_offset()
UPSTREAM: kcov: fix comparison callback signature
UPSTREAM: kcov: support comparison operands collection
UPSTREAM: kcov: remove pointless current != NULL check
UPSTREAM: kcov: support compat processes
UPSTREAM: kcov: simplify interrupt check
UPSTREAM: kcov: make kcov work properly with KASLR enabled
UPSTREAM: kcov: add more missing includes
BACKPORT: irq: Make the irqentry text section unconditional
UPSTREAM: kasan: make get_wild_bug_type() static
UPSTREAM: kasan: separate report parts by empty lines
UPSTREAM: kasan: improve double-free report format
UPSTREAM: kasan: print page description after stacks
UPSTREAM: kasan: improve slab object description
UPSTREAM: kasan: change report header
UPSTREAM: kasan: simplify address description logic
UPSTREAM: kasan: change allocation and freeing stack traces headers
UPSTREAM: kasan: unify report headers
UPSTREAM: kasan: introduce helper functions for determining bug type
BACKPORT: kasan: report only the first error by default
UPSTREAM: kasan: fix races in quarantine_remove_cache()
UPSTREAM: kasan: resched in quarantine_remove_cache()
UPSTREAM: kasan, sched/headers: Uninline kasan_enable/disable_current()
UPSTREAM: kasan: drain quarantine of memcg slab objects
UPSTREAM: kasan: eliminate long stalls during quarantine reduction
UPSTREAM: kasan: support panic_on_warn
ANDROID: dma-buf/sw_sync: Rename active_list to link
ANDROID: initramfs: call free_initrd() when skipping init
BACKPORT: Documentation: tee subsystem and op-tee driver
BACKPORT: tee: add OP-TEE driver
BACKPORT: tee: generic TEE subsystem
BACKPORT: dt/bindings: add bindings for optee
BACKPORT: schedutil: Reset cached freq if it is not in sync with next_freq
sched: EAS/WALT: Don't take into account of running task's util
sched: EAS/WALT: take into account of waking task's load
sched: EAS: upmigrate misfit current task
sched: avoid pushing tasks to an offline CPU
sched: Extend active balance to accept 'push_task' argument
sched: walt: Correct WALT window size initialization
sched: WALT: account cumulative window demand
sched: EAS/WALT: finish accounting prior to task_tick
sched/fair: prevent meaningless active migration
sched: walt: Leverage existing helper APIs to apply invariance
UPSTREAM: net: xfrm: allow clearing socket xfrm policies.
UPSTREAM: time: Clean up CLOCK_MONOTONIC_RAW time handling
UPSTREAM: arm64: vdso: fix clock_getres for 4GiB-aligned res
f2fs: updates on 4.15-rc1
UPSTREAM: android: binder: fix type mismatch warning
BACKPORT: arm64: Use __pa_symbol for empty_zero_page
UPSTREAM: arm64: Use __pa_symbol for kernel symbols
UPSTREAM: mm: Introduce lm_alias
FROMLIST: binder: fix proc->files use-after-free
BACKPORT: xfrm: Clear sk_dst_cache when applying per-socket policy.
sched: WALT: fix potential overflow
sched: Update task->on_rq when tasks are moving between runqueues
sched: WALT: fix window mis-alignment
sched: EAS: kill incorrect nohz idle cpu kick
sched: EAS: fix incorrect energy delta calculation due to rounding error
sched: EAS/WALT: use cr_avg instead of prev_runnable_sum
sched: WALT: fix broken cumulative runnable average accounting
sched: deadline: WALT: account cumulative runnable avg
ANDROID: binder: clarify deferred thread work.
BACKPORT: net/tcp-fastopen: Add new API support
UPSTREAM: net: Remove __sk_dst_reset() in tcp_v6_connect()
UPSTREAM: net/tcp-fastopen: refactor cookie check logic
sched: compute task utilisation with WALT consistently
FROMLIST: arm64: Avoid aligning normal memory pointers in __memcpy_{to,from}io
UPSTREAM: security: bpf: replace include of linux/bpf.h with forward declarations
UPSTREAM: selinux: bpf: Add addtional check for bpf object file receive
UPSTREAM: selinux: bpf: Add selinux check for eBPF syscall operations
BACKPORT: security: bpf: Add LSM hooks for bpf object related syscall
BACKPORT: bpf: Add file mode configuration into bpf maps
cpufreq: Drop schedfreq governor
ANDROID: Revert "arm64: move ELF_ET_DYN_BASE to 4GB / 4MB"
ANDROID: Revert "arm: move ELF_ET_DYN_BASE to 4MB"
sched: EAS: Fix the condition to distinguish energy before/after
sched: EAS: update trg_cpu to backup_cpu if no energy saving for target_cpu
sched/fair: consider task utilization in group_max_util()
sched/fair: consider task utilization in group_norm_util()
sched/fair: enforce EAS mode
sched/fair: ignore backup CPU when not valid
sched/fair: trace energy_diff for non boosted tasks
UPSTREAM: sched/fair: Sync task util before slow-path wakeup
UPSTREAM: sched/core: Add missing update_rq_clock() call in set_user_nice()
UPSTREAM: sched/core: Add missing update_rq_clock() call for task_hot()
UPSTREAM: sched/core: Add missing update_rq_clock() in detach_task_cfs_rq()
UPSTREAM: sched/core: Add missing update_rq_clock() in post_init_entity_util_avg()
UPSTREAM: sched/fair: Fix task group initialization
cpufreq/sched: Consider max cpu capacity when choosing frequencies
cpufreq/sched: Use cpu max freq rather than policy max
sched/fair: remove erroneous RCU_LOCKDEP_WARN from start_cpu()
FROMLIST: ALSA: usx2y: Suppress kernel warning at page allocation failures
FROMLIST: kbuild: clang: fix build failures with sparse check
Revert "Revert "BACKPORT: efi/libstub/arm64: Set -fpie when building the EFI stub""
BACKPORT: efi/libstub: Unify command line param parsing
ANDROID: sched/walt: Fix divide by zero error in cpufreq notifier
ANDROID: binder: show high watermark of alloc->pages.
ANDROID: binder: Add thread->process_todo flag.
ANDROID: sched/fair: Select correct capacity state for energy_diff
ANDROID: cpufreq-dt: Set sane defaults for schedutil rate limits
BACKPORT: cpufreq: schedutil: Use policy-dependent transition delays
Revert "BACKPORT: efi/libstub/arm64: Set -fpie when building the EFI stub"
FROMLIST: android: binder: Fix null ptr dereference in debug msg
FROMLIST: android: binder: Change binder_shrinker to static
UPSTREAM: arm64: compat: Remove leftover variable declaration
ANDROID: HACK: arm64: use -mno-implicit-float instead of -mgeneral-regs-only
ANDROID: Kbuild, LLVMLinux: allow overriding clang target triple
CHROMIUM: arm64: Disable asm-operand-width warning for clang
CHROMIUM: kbuild: clang: Disable the 'duplicate-decl-specifier' warning
BACKPORT: x86/asm: Fix inline asm call constraints for Clang
BACKPORT: efi/libstub/arm64: Set -fpie when building the EFI stub
UPSTREAM: efi/libstub/arm64: Force 'hidden' visibility for section markers
UPSTREAM: efi/libstub/arm64: Use hidden attribute for struct screen_info reference
UPSTREAM: x86/build: Use cc-option to validate stack alignment parameter
UPSTREAM: x86/build: Fix stack alignment for CLang
UPSTREAM: compiler, clang: always inline when CONFIG_OPTIMIZE_INLINING is disabled
UPSTREAM: x86/boot: #undef memcpy() et al in string.c
UPSTREAM: llist: clang: introduce member_address_is_nonnull()
UPSTREAM: crypto: arm64/sha - avoid non-standard inline asm tricks
UPSTREAM: kbuild: clang: Disable 'address-of-packed-member' warning
UPSTREAM: x86/build: Specify stack alignment for clang
UPSTREAM: x86/build: Use __cc-option for boot code compiler options
UPSTREAM: kbuild: Add __cc-option macro
UPSTREAM: x86/mm/kaslr: Use the _ASM_MUL macro for multiplication to work around Clang incompatibility
UPSTREAM: crypto, x86: aesni - fix token pasting for clang
UPSTREAM: x86/kbuild: Use cc-option to enable -falign-{jumps/loops}
UPSTREAM: compiler, clang: properly override 'inline' for clang
UPSTREAM: compiler, clang: suppress warning for unused static inline functions
UPSTREAM: modules: mark __inittest/__exittest as __maybe_unused
UPSTREAM: kbuild: Add support to generate LLVM assembly files
UPSTREAM: kbuild: use -Oz instead of -Os when using clang
UPSTREAM: kbuild, LLVMLinux: Add -Werror to cc-option to support clang
UPSTREAM: kbuild: drop -Wno-unknown-warning-option from clang options
UPSTREAM: kbuild: fix asm-offset generation to work with clang
UPSTREAM: kbuild: consolidate redundant sed script ASM offset generation
UPSTREAM: kbuild: Consolidate header generation from ASM offset information
UPSTREAM: kbuild: clang: add -no-integrated-as to KBUILD_[AC]FLAGS
UPSTREAM: kbuild: Add better clang cross build support
FROMLIST: f2fs: expose some sectors to user in inline data or dentry case
UPSTREAM: sched/fair: Fix usage of find_idlest_group() when the local group is idlest
UPSTREAM: sched/fair: Fix usage of find_idlest_group() when no groups are allowed
UPSTREAM: sched/fair: Fix find_idlest_group() when local group is not allowed
UPSTREAM: sched/fair: Remove unnecessary comparison with -1
UPSTREAM: sched/fair: Move select_task_rq_fair() slow-path into its own function
UPSTREAM: sched/fair: Force balancing on NOHZ balance if local group has capacity
UPSTREAM: f2fs: fix potential panic during fstrim
f2fs: catch up to v4.14-rc1
UPSTREAM: sched: use load_avg for selecting idlest group
UPSTREAM: sched: fix find_idlest_group for fork
ANDROID: binder: fix node sched policy calculation
ANDROID: binder: init desired_prio.sched_policy before use it
BACKPORT: net: xfrm: support setting an output mark.
FROMLIST: tracing: Add support for preempt and irq enable/disable events
FROMLIST: tracing: Prepare to add preempt and irq trace events
Conflicts:
arch/arm64/Kconfig
arch/arm64/include/asm/assembler.h
arch/arm64/include/asm/cpucaps.h
arch/arm64/include/asm/efi.h
arch/arm64/include/asm/memory.h
arch/arm64/include/asm/mmu.h
arch/arm64/include/asm/mmu_context.h
arch/arm64/kernel/cpufeature.c
arch/arm64/kernel/io.c
arch/arm64/kernel/setup.c
arch/arm64/kernel/vdso.c
arch/arm64/mm/context.c
arch/arm64/mm/mmu.c
drivers/Kconfig
drivers/Makefile
drivers/cpufreq/Kconfig
drivers/hwtracing/coresight/coresight-etm4x.c
drivers/hwtracing/coresight/coresight-priv.h
drivers/hwtracing/coresight/coresight-tmc-etr.c
drivers/hwtracing/coresight/coresight.c
drivers/scsi/ufs/ufshcd.h
drivers/staging/android/ion/ion-ioctl.c
drivers/staging/android/ion/ion_system_heap.c
drivers/usb/dwc3/gadget.c
include/linux/sched.h
include/trace/events/sched.h
kernel/kcov.c
kernel/sched/core.c
kernel/sched/cpufreq_sched.c
kernel/sched/cpufreq_schedutil.c
kernel/sched/fair.c
kernel/sched/sched.h
kernel/sched/walt.c
kernel/sched/walt.h
mm/kasan/report.c
security/security.c
security/selinux/hooks.c
Change-Id: I0ec8cbca6cb6384e22fbbe8def8a9d228229dc48
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
|
||
|
Jakub Kicinski
|
106dc9648a |
net: fix race on decreasing number of TX queues
[ Upstream commit ac5b70198adc25c73fba28de4f78adcee8f6be0b ]
netif_set_real_num_tx_queues() can be called when netdev is up.
That usually happens when user requests change of number of
channels/rings with ethtool -L. The procedure for changing
the number of queues involves resetting the qdiscs and setting
dev->num_tx_queues to the new value. When the new value is
lower than the old one, extra care has to be taken to ensure
ordering of accesses to the number of queues vs qdisc reset.
Currently the queues are reset before new dev->num_tx_queues
is assigned, leaving a window of time where packets can be
enqueued onto the queues going down, leading to a likely
crash in the drivers, since most drivers don't check if TX
skbs are assigned to an active queue.
Fixes:
|
||
|
Willem de Bruijn
|
eb9c7c7d95 |
net: avoid skb_warn_bad_offload on IS_ERR
commit 8d74e9f88d65af8bb2e095aff506aa6eac755ada upstream.
skb_warn_bad_offload warns when packets enter the GSO stack that
require skb_checksum_help or vice versa. Do not warn on arbitrary
bad packets. Packet sockets can craft many. Syzkaller was able to
demonstrate another one with eth_type games.
In particular, suppress the warning when segmentation returns an
error, which is for reasons other than checksum offload.
See also commit
|
||
|
Blagovest Kolenichev
|
c1d6892632 |
Merge android-4.9-o.79 (db04eb4) into msm-4.9
* refs/heads/tmp-db04eb4: Linux 4.9.79 nfsd: auth: Fix gid sorting when rootsquash enabled bpf: reject stores into ctx via st and xadd bpf: fix 32-bit divide by zero bpf: fix divides by zero bpf: avoid false sharing of map refcount with max_entries bpf: arsh is not supported in 32 bit alu thus reject it bpf: introduce BPF_JIT_ALWAYS_ON config bpf: fix bpf_tail_call() x64 JIT x86: bpf_jit: small optimization in emit_bpf_tail_call() hrtimer: Reset hrtimer cpu base proper on CPU hotplug x86/microcode/intel: Extend BDW late-loading further with LLC size check perf/x86/amd/power: Do not load AMD power module on !AMD platforms flow_dissector: properly cap thoff field tun: fix a memory leak for tfile->tx_array mlxsw: spectrum_router: Don't log an error on missing neighbor gso: validate gso_type in GSO handlers ip6_gre: init dev->mtu and dev->hard_header_len correctly be2net: restore properly promisc mode after queues reconfiguration ppp: unlock all_ppp_mutex before registering device ipv4: Make neigh lookup keys for loopback/point-to-point devices be INADDR_ANY net: Allow neigh contructor functions ability to modify the primary_key vmxnet3: repair memory leak tipc: fix a memory leak in tipc_nl_node_get_link() sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf sctp: do not allow the v4 socket to bind a v4mapped v6 address r8169: fix memory corruption on retrieval of hardware statistics. pppoe: take ->needed_headroom of lower device into account on xmit net: tcp: close sock if net namespace is exiting net: qdisc_pkt_len_init() should be more robust net: igmp: fix source address check for IGMPv3 reports lan78xx: Fix failure in USB Full Speed ipv6: ip6_make_skb() needs to clear cork.base.dst ipv6: fix udpv6 sendmsg crash caused by too small MTU ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state eventpoll.h: add missing epoll event masks vsyscall: Fix permissions for emulate mode with KAISER/PTI um: link vmlinux with -no-pie orangefs: fix deadlock; do not write i_size in read_iter Input: trackpoint - force 3 buttons if 0 button is reported mm: fix 100% CPU kswapd busyloop on unreclaimable nodes Revert "module: Add retpoline tag to VERMAGIC" scsi: libiscsi: fix shifting of DID_REQUEUE host byte fs/fcntl: f_setown, avoid undefined behaviour reiserfs: don't preallocate blocks for extended attributes reiserfs: fix race in prealloc discard netfilter: xt_osf: Add missing permission checks netfilter: nfnetlink_cthelper: Add missing permission checks ACPICA: Namespace: fix operand cache leak ACPI / scan: Prefer devices without _HID/_CID for _ADR matching ipc: msg, make msgrcv work with LONG_MIN mm, page_alloc: fix potential false positive in __zone_watermark_ok cma: fix calculation of aligned offset hwpoison, memcg: forcibly uncharge LRU pages mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack drivers: base: cacheinfo: fix boot error message when acpi is enabled drivers: base: cacheinfo: fix x86 with CONFIG_OF enabled Prevent timer value 0 for MWAITX KVM: arm/arm64: Check pagesize when allocating a hugepage at Stage 2 can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once usbip: Fix potential format overflow in userspace tools usbip: Fix implicit fallthrough warning usbip: prevent vhci_hcd driver from leaking a socket pointer address orangefs: initialize op on loop restart in orangefs_devreq_read orangefs: use list_for_each_entry_safe in purge_waiting_ops x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels Conflicts: mm/page_alloc.c mm/vmscan.c Change-Id: Ic2906f35cee88313f33650133b26dc3e51cdc488 Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> |
||
|
Eric Dumazet
|
a44d91150f |
net: qdisc_pkt_len_init() should be more robust
[ Upstream commit 7c68d1a6b4db9012790af7ac0f0fdc0d2083422a ]
Without proper validation of DODGY packets, we might very well
feed qdisc_pkt_len_init() with invalid GSO packets.
tcp_hdrlen() might access out-of-bound data, so let's use
skb_header_pointer() and proper checks.
Whole story is described in commit d0c081b49137 ("flow_dissector:
properly cap thoff field")
We have the goal of validating DODGY packets earlier in the stack,
so we might very well revert this fix in the future.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Willem de Bruijn <willemb@google.com>
Cc: Jason Wang <jasowang@redhat.com>
Reported-by: syzbot+9da69ebac7dddd804552@syzkaller.appspotmail.com
Acked-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Linux Build Service Account
|
e97b6680c7 | Merge "Merge remote-tracking branch '4.9/tmp-7d01cc5' into 4.9" | ||
|
Kyle Yan
|
ff97938fbf |
Merge remote-tracking branch '4.9/tmp-8dd0f52' into msm-4.9
* 4.9/tmp-8dd0f52: Linux 4.9.72 sparc32: Export vac_cache_size to fix build error bpf: fix incorrect sign extension in check_alu_op() bpf: reject out-of-bounds stack pointer calculation bpf: fix branch pruning logic bpf: adjust insn_aux_data when patching insns Revert "Bluetooth: btusb: driver to enable the usb-wakeup feature" platform/x86: asus-wireless: send an EV_SYN/SYN_REPORT between state changes MIPS: math-emu: Fix final emulation phase for certain instructions thermal/drivers/hisi: Fix multiple alarm interrupts firing thermal/drivers/hisi: Simplify the temperature/step computation thermal/drivers/hisi: Fix kernel panic on alarm interrupt thermal/drivers/hisi: Fix missing interrupt enablement thermal: hisilicon: Handle return value of clk_prepare_enable cpuidle: fix broadcast control when broadcast can not be entered rtc: set the alarm to the next expiring timer tcp: fix under-evaluated ssthresh in TCP Vegas clk: sunxi-ng: sun6i: Rename HDMI DDC clock to avoid name collision staging: greybus: light: Release memory obtained by kasprintf net: ipv6: send NS for DAD when link operationally up fm10k: ensure we process SM mbx when processing VF mbx vfio/pci: Virtualize Maximum Payload Size scsi: lpfc: PLOGI failures during NPIV testing scsi: lpfc: Fix secure firmware updates fm10k: fix mis-ordered parameters in declaration for .ndo_set_vf_bw ASoC: img-parallel-out: Add pm_runtime_get/put to set_fmt callback tracing: Exclude 'generic fields' from histograms PCI/AER: Report non-fatal errors only to the affected endpoint IB/rxe: check for allocation failure on elem ixgbe: fix use of uninitialized padding igb: check memory allocation failure PM / OPP: Move error message to debug level PCI: Create SR-IOV virtfn/physfn links before attaching driver scsi: mpt3sas: Fix IO error occurs on pulling out a drive from RAID1 volume created on two SATA drive scsi: cxgb4i: fix Tx skb leak PCI: Avoid bus reset if bridge itself is broken net: phy: at803x: Change error to EINVAL for invalid MAC kvm, mm: account kvm related kmem slabs to kmemcg rtc: pl031: make interrupt optional crypto: crypto4xx - increase context and scatter ring buffer elements backlight: pwm_bl: Fix overflow condition bnxt_en: Fix NULL pointer dereference in reopen failure path cpuidle: powernv: Pass correct drv->cpumask for registration ARM: dma-mapping: disallow dma_get_sgtable() for non-kernel managed memory Btrfs: fix an integer overflow check netfilter: nfnetlink_queue: fix secctx memory leak xhci: plat: Register shutdown for xhci_plat net: moxa: fix TX overrun memory leak isdn: kcapi: avoid uninitialized data virtio_balloon: prevent uninitialized variable use virtio-balloon: use actual number of stats for stats queue buffers KVM: pci-assign: do not map smm memory slot pages in vt-d page tables net: ipconfig: fix ic_close_devs() use-after-free cpufreq: Fix creation of symbolic links to policy directories ARM: dts: am335x-evmsk: adjust mmc2 param to allow suspend netfilter: nf_nat_snmp: Fix panic when snmp_trap_helper fails to register netfilter: nfnl_cthelper: fix a race when walk the nf_ct_helper_hash table irda: vlsi_ir: fix check for DMA mapping errors RDMA/iser: Fix possible mr leak on device removal event i40e: Do not enable NAPI on q_vectors that have no rings IB/rxe: increment msn only when completing a request IB/rxe: double free on error net: Do not allow negative values for busy_read and busy_poll sysctl interfaces nbd: set queue timeout properly infiniband: Fix alignment of mmap cookies to support VIPT caching IB/core: Protect against self-requeue of a cq work item i40iw: Receive netdev events post INET_NOTIFIER state bna: avoid writing uninitialized data into hw registers s390/qeth: no ETH header for outbound AF_IUCV s390/qeth: size calculation outbound buffers r8152: prevent the driver from transmitting packets with carrier off ASoC: STI: Fix reader substream pointer set HID: xinmo: fix for out of range for THT 2P arcade controller. hwmon: (asus_atk0110) fix uninitialized data access ARM: dts: ti: fix PCI bus dtc warnings KVM: VMX: Fix enable VPID conditions KVM: x86: correct async page present tracepoint kvm: vmx: Flush TLB when the APIC-access address changes scsi: lpfc: Fix PT2PT PRLI reject pinctrl: st: add irq_request/release_resources callbacks inet: frag: release spinlock before calling icmp_send() tipc: fix nametbl deadlock at tipc_nametbl_unsubscribe r8152: fix the rx early size of RTL8153 iommu/exynos: Workaround FLPD cache flush issues for SYSMMU v5 netfilter: nfnl_cthelper: Fix memory leak netfilter: nfnl_cthelper: fix runtime expectation policy updates usb: gadget: udc: remove pointer dereference after free usb: gadget: f_uvc: Sanity check wMaxPacketSize for SuperSpeed hwmon: (max31790) Set correct PWM value net: qmi_wwan: Add USB IDs for MDM6600 modem on Motorola Droid 4 sctp: out_qlen should be updated when pruning unsent queue bna: integer overflow bug in debugfs sch_dsmark: fix invalid skb_cow() usage vsock: cancel packets when failing to connect vhost-vsock: add pkt cancel capability vsock: track pkt owner vsock crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex r8152: fix the list rx_done may be used without initialization cpuidle: Validate cpu_dev in cpuidle_add_sysfs() nvme-loop: handle cpu unplug when re-establishing the controller arm: kprobes: Align stack to 8-bytes in test code arm: kprobes: Fix the return address of multiple kretprobes HID: corsair: Add driver Scimitar Pro RGB gaming mouse 1b1c:1b3e support to hid-corsair HID: corsair: support for K65-K70 Rapidfire and Scimitar Pro RGB kvm: fix usage of uninit spinlock in avic_vm_destroy() ALSA: hda - add support for docking station for HP 840 G3 ALSA: hda - add support for docking station for HP 820 G2 arm64: Initialise high_memory global variable earlier cxl: Check if vphb exists before iterating over AFU devices Linux 4.9.71 ath9k: fix tx99 potential info leak icmp: don't fail on fragment reassembly time exceeded IB/ipoib: Grab rtnl lock on heavy flush when calling ndo_open/stop RDMA/cma: Avoid triggering undefined behavior macvlan: Only deliver one copy of the frame to the macvlan interface udf: Avoid overflow when session starts at large offset scsi: bfa: integer overflow in debugfs scsi: sd: change allow_restart to bool in sysfs interface scsi: sd: change manage_start_stop to bool in sysfs interface rtl8188eu: Fix a possible sleep-in-atomic bug in rtw_disassoc_cmd rtl8188eu: Fix a possible sleep-in-atomic bug in rtw_createbss_cmd vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend IB/core: Fix calculation of maximum RoCE MTU scsi: scsi_devinfo: Add REPORTLUN2 to EMC SYMMETRIX blacklist entry raid5: Set R5_Expanded on parity devices as well as data. pinctrl: adi2: Fix Kconfig build problem usb: musb: da8xx: fix babble condition handling tty fix oops when rmmod 8250 soc: mediatek: pwrap: fix compiler errors powerpc/perf/hv-24x7: Fix incorrect comparison in memord scsi: hpsa: destroy sas transport properties before scsi_host scsi: hpsa: cleanup sas_phy structures in sysfs when unloading PCI: Detach driver before procfs & sysfs teardown on device remove RDMA/cxgb4: Declare stag as __be32 xfs: fix incorrect extent state in xfs_bmap_add_extent_unwritten_real xfs: fix log block underflow during recovery cycle verification l2tp: cleanup l2tp_tunnel_delete calls nvme: use kref_get_unless_zero in nvme_find_get_ns platform/x86: hp_accel: Add quirk for HP ProBook 440 G4 btrfs: tests: Fix a memory leak in error handling path in 'run_test()' arm64: prevent regressions in compressed kernel image size when upgrading to binutils 2.27 Ib/hfi1: Return actual operational VLs in port info query bcache: fix wrong cache_misses statistics bcache: explicitly destroy mutex while exiting GFS2: Take inode off order_write list when setting jdata flag scsi: scsi_debug: write_same: fix error report thermal/drivers/step_wise: Fix temperature regulation misbehavior ASoC: rsnd: rsnd_ssi_run_mods() needs to care ssi_parent_mod ppp: Destroy the mutex when cleanup clk: tegra: Fix cclk_lp divisor register clk: hi6220: mark clock cs_atb_syspll as critical clk: imx6: refine hdmi_isfr's parent to make HDMI work on i.MX6 SoCs w/o VPU clk: mediatek: add the option for determining PLL source clock mm: Handle 0 flags in _calc_vm_trans() macro crypto: tcrypt - fix buffer lengths in test_aead_speed() arm-ccn: perf: Prevent module unload while PMU is in use xfs: truncate pagecache before writeback in xfs_setattr_size() iommu/amd: Limit the IOVA page range to the specified addresses badblocks: fix wrong return value in badblocks_set if badblocks are disabled target/file: Do not return error for UNMAP if length is zero target:fix condition return in core_pr_dump_initiator_port() iscsi-target: fix memory leak in lio_target_tiqn_addtpg() target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd() platform/x86: intel_punit_ipc: Fix resource ioremap warning powerpc/ipic: Fix status get and status clear powerpc/opal: Fix EBUSY bug in acquiring tokens netfilter: ipvs: Fix inappropriate output of procfs iommu/mediatek: Fix driver name PCI: Do not allocate more buses than available in parent powerpc/powernv/cpufreq: Fix the frequency read by /proc/cpuinfo PCI/PME: Handle invalid data when reading Root Status dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type ASoC: Intel: Skylake: Fix uuid_module memory leak in failure case rtc: pcf8563: fix output clock rate video: fbdev: au1200fb: Return an error code if a memory allocation fails video: fbdev: au1200fb: Release some resources if a memory allocation fails video: udlfb: Fix read EDID timeout fbdev: controlfb: Add missing modes to fix out of bounds access sfc: don't warn on successful change of MAC HID: cp2112: fix broken gpio_direction_input callback Revert "x86/acpi: Set persistent cpuid <-> nodeid mapping when booting" target: fix race during implicit transition work flushes target: fix ALUA transition timeout handling target: Use system workqueue for ALUA transitions btrfs: add missing memset while reading compressed inline extents NFSv4.1 respect server's max size in CREATE_SESSION efi/esrt: Cleanup bad memory map log messages perf symbols: Fix symbols__fixup_end heuristic for corner cases tty: fix data race in tty_ldisc_ref_wait() tty: don't panic on OOM in tty_set_ldisc() rxrpc: Ignore BUSY packets on old calls net: mpls: Fix nexthop alive tracking on down events net/mlx4_core: Avoid delays during VF driver device shutdown nvmet-rdma: Fix a possible uninitialized variable dereference nvmet: confirm sq percpu has scheduled and switched to atomic nvme-loop: fix a possible use-after-free when destroying the admin queue afs: Fix abort on signal while waiting for call completion afs: Fix afs_kill_pages() afs: Fix page leak in afs_write_begin() afs: Populate and use client modification time afs: Better abort and net error handling afs: Invalid op ID should abort with RXGEN_OPCODE afs: Fix the maths in afs_fs_store_data() afs: Prevent callback expiry timer overflow afs: Migrate vlocation fields to 64-bit afs: Flush outstanding writes when an fd is closed afs: Deal with an empty callback array afs: Adjust mode bits processing afs: Populate group ID from vnode status afs: Fix missing put_page() drm/radeon: reinstate oland workaround for sclk mmc: mediatek: Fixed bug where clock frequency could be set wrong sched/deadline: Use deadline instead of period when calculating overflow sched/deadline: Throttle a constrained deadline task activated after the deadline sched/deadline: Make sure the replenishment timer fires in the next period sched/deadline: Add missing update_rq_clock() in dl_task_timer() iwlwifi: mvm: cleanup pending frames in DQA mode Drivers: hv: util: move waiting for release to hv_utils_transport itself drm/radeon/si: add dpm quirk for Oland fjes: Fix wrong netdevice feature flags scsi: hpsa: do not timeout reset operations scsi: hpsa: limit outstanding rescans scsi: hpsa: update check for logical volume status ASoC: rcar: clear DE bit only in PDMACHCR when it stops openrisc: fix issue handling 8 byte get_user calls intel_th: pci: Add Gemini Lake support drm: amd: remove broken include path qed: Fix interrupt flags on Rx LL2 qed: Fix mapping leak on LL2 rx flow qed: Align CIDs according to DORQ requirement mlxsw: reg: Fix SPVMLR max record count mlxsw: reg: Fix SPVM max record count net: Resend IGMP memberships upon peer notification. irqchip/mvebu-odmi: Select GENERIC_MSI_IRQ_DOMAIN dmaengine: Fix array index out of bounds warning in __get_unmap_pool() net: wimax/i2400m: fix NULL-deref at probe writeback: fix memory leak in wb_queue_work() blk-mq: Fix tagset reinit in the presence of cpu hot-unplug ASoC: rsnd: fix sound route path when using SRC6/SRC9 netfilter: bridge: honor frag_max_size when refragmenting drm/omap: fix dmabuf mmap for dma_alloc'ed buffers Input: i8042 - add TUXEDO BU1406 (N24_25BU) to the nomux list NFSD: fix nfsd_reset_versions for NFSv4. NFSD: fix nfsd_minorversion(.., NFSD_AVAIL) drm/amdgpu: fix parser init error path to avoid crash in parser fini iommu/io-pgtable-arm-v7s: Check for leaf entry before dereferencing it net/mlx5: Don't save PCI state when PCI error is detected net/mlx5: Fix create autogroup prev initializer rxrpc: Wake up the transmitter if Rx window size increases on the peer net: bcmgenet: Power up the internal PHY before probing the MII net: bcmgenet: synchronize irq0 status between the isr and task net: bcmgenet: power down internal phy if open or resume fails net: bcmgenet: reserved phy revisions must be checked first net: bcmgenet: correct MIB access of UniMAC RUNT counters net: bcmgenet: correct the RBUF_OVFL_CNT and RBUF_ERR_CNT MIB values bnxt_en: Ignore 0 value in autoneg supported speed from firmware. net: initialize msg.msg_flags in recvfrom userfaultfd: selftest: vm: allow to build in vm/ directory userfaultfd: shmem: __do_fault requires VM_FAULT_NOPAGE md-cluster: free md_cluster_info if node leave cluster usb: xhci-mtk: check hcc_params after adding primary hcd KVM: nVMX: do not warn when MSR bitmap address is not backed usb: phy: isp1301: Add OF device ID table mac80211: Fix addition of mesh configuration element ext4: fix crash when a directory's i_size is too small ext4: fix fdatasync(2) after fallocate(2) operation dmaengine: dmatest: move callback wait queue to thread context eeprom: at24: change nvmem stride to 1 sched/rt: Do not pull from current CPU if only one CPU to pull nfs: don't wait on commit in nfs_commit_inode() if there were no commit requests xhci: Don't add a virt_dev to the devs array before it's fully allocated Bluetooth: btusb: driver to enable the usb-wakeup feature usb: xhci: fix TDS for MTK xHCI1.1 ceph: drop negative child dentries before try pruning inode's alias usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input usb: add helper to extract bits 12:11 of wMaxPacketSize usbip: fix stub_rx: get_pipe() to validate endpoint number USB: core: prevent malicious bNumInterfaces overflow USB: uas and storage: Add US_FL_BROKEN_FUA for another JMicron JMS567 ID tracing: Allocate mask_str buffer dynamically autofs: fix careless error in recent commit crypto: salsa20 - fix blkcipher_walk API usage crypto: hmac - require that the underlying hash algorithm is unkeyed crypto: rsa - fix buffer overread when stripping leading zeroes mfd: fsl-imx25: Clean up irq settings during removal Linux 4.9.70 RDMA/cxgb4: Annotate r2 and stag as __be32 md: free unused memory after bitmap resize audit: ensure that 'audit=1' actually enables audit for PID 1 ipvlan: fix ipv6 outbound device kbuild: do not call cc-option before KBUILD_CFLAGS initialization powerpc/64: Fix checksum folding in csum_tcpudp_nofold and ip_fast_csum_nofold KVM: arm/arm64: vgic-its: Preserve the revious read from the pending table fix kcm_clone() usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping s390: always save and restore all registers on context switch ipmi: Stop timers before cleaning up the module Fix handling of verdicts after NF_QUEUE tipc: call tipc_rcv() only if bearer is up in tipc_udp_recv() s390/qeth: fix thinko in IPv4 multicast address tracking s390/qeth: fix GSO throughput regression s390/qeth: build max size GSO skbs on L2 devices tcp/dccp: block bh before arming time_wait timer stmmac: reset last TSO segment size after device open net: remove hlist_nulls_add_tail_rcu() usbnet: fix alignment for frames with no ethernet header net/packet: fix a race in packet_bind() and packet_notifier() packet: fix crash in fanout_demux_rollover() sit: update frag_off info rds: Fix NULL pointer dereference in __rds_rdma_map tipc: fix memory leak in tipc_accept_from_sock() s390/qeth: fix early exit from error path net: qmi_wwan: add Quectel BG96 2c7c:0296 ANDROID: dma-buf/sw_sync: Rename active_list to link FROMLIST: android: binder: Fix null ptr dereference in debug msg FROMLIST: android: binder: Move buffer out of area shared with user space FROMLIST: android: binder: Add allocator selftest FROMLIST: android: binder: Refactor prev and next buffer into a helper function Linux 4.9.69 afs: Connect up the CB.ProbeUuid IB/mlx5: Assign send CQ and recv CQ of UMR QP IB/mlx4: Increase maximal message size under UD QP xfrm: Copy policy family in clone_policy jump_label: Invoke jump_label_test() via early_initcall() atm: horizon: Fix irq release error clk: uniphier: fix DAPLL2 clock rate of Pro5 bpf: fix lockdep splat sctp: use the right sk after waking up from wait_buf sleep sctp: do not free asoc when it is already dead in sctp_sendmsg zsmalloc: calling zs_map_object() from irq is a bug sparc64/mm: set fields in deferred pages block: wake up all tasks blocked in get_request() dt-bindings: usb: fix reg-property port-number range xfs: fix forgotten rcu read unlock when skipping inode reclaim sunrpc: Fix rpc_task_begin trace point NFS: Fix a typo in nfs_rename() dynamic-debug-howto: fix optional/omitted ending line number to be LARGE instead of 0 lib/genalloc.c: make the avail variable an atomic_long_t drivers/rapidio/devices/rio_mport_cdev.c: fix resource leak in error handling path in 'rio_dma_transfer()' route: update fnhe_expires for redirect when the fnhe exists route: also update fnhe_genid when updating a route cache gre6: use log_ecn_error module parameter in ip6_tnl_rcv() mac80211_hwsim: Fix memory leak in hwsim_new_radio_nl() x86/mpx/selftests: Fix up weird arrays coccinelle: fix parallel build with CHECK=scripts/coccicheck kbuild: pkg: use --transform option to prefix paths in tar EDAC, i5000, i5400: Fix definition of NRECMEMB register EDAC, i5000, i5400: Fix use of MTR_DRAM_WIDTH macro powerpc/powernv/ioda2: Gracefully fail if too many TCE levels requested drm/amd/amdgpu: fix console deadlock if late init failed axonram: Fix gendisk handling netfilter: don't track fragmented packets zram: set physical queue limits to avoid array out of bounds accesses blk-mq: initialize mq kobjects in blk_mq_init_allocated_queue() i2c: riic: fix restart condition crypto: s5p-sss - Fix completing crypto request in IRQ handler ipv6: reorder icmpv6_init() and ip6_mr_init() ibmvnic: Allocate number of rx/tx buffers agreed on by firmware ibmvnic: Fix overflowing firmware/hardware TX queue rds: tcp: Sequence teardown of listen and acceptor sockets to avoid races bnx2x: do not rollback VF MAC/VLAN filters we did not configure bnx2x: fix detection of VLAN filtering feature for VF bnx2x: fix possible overrun of VFPF multicast addresses array bnx2x: prevent crash when accessing PTP with interface down spi_ks8995: regs_size incorrect for some devices spi_ks8995: fix "BUG: key accdaa28 not in .data!" KVM: arm/arm64: VGIC: Fix command handling while ITS being disabled arm64: KVM: Survive unknown traps from guests arm: KVM: Survive unknown traps from guests KVM: nVMX: reset nested_run_pending if the vCPU is going to be reset irqchip/crossbar: Fix incorrect type of register size scsi: lpfc: Fix crash during Hardware error recovery on SLI3 adapters scsi: qla2xxx: Fix ql_dump_buffer workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq libata: drop WARN from protocol error in ata_sff_qc_issue() kvm: nVMX: VMCLEAR should not cause the vCPU to shut down usb: gadget: udc: net2280: Fix tmp reusage in net2280 driver usb: gadget: pxa27x: Test for a valid argument pointer usb: dwc3: gadget: Fix system suspend/resume on TI platforms USB: gadgetfs: Fix a potential memory leak in 'dev_config()' usb: gadget: configs: plug memory leak HID: chicony: Add support for another ASUS Zen AiO keyboard gpio: altera: Use handle_level_irq when configured as a level_high ASoC: rcar: avoid SSI_MODEx settings for SSI8 ARM: OMAP2+: Release device node after it is no longer needed. ARM: OMAP2+: Fix device node reference counts powerpc/64: Fix checksum folding in csum_add() module: set __jump_table alignment to 8 lirc: fix dead lock between open and wakeup_filter powerpc: Fix compiling a BE kernel with a powerpc64le toolchain selftest/powerpc: Fix false failures for skipped tests powerpc/64: Invalidate process table caching after setting process table x86/hpet: Prevent might sleep splat on resume sched/fair: Make select_idle_cpu() more aggressive x86/platform/uv/BAU: Fix HUB errors by remove initial write to sw-ack register x86/selftests: Add clobbers for int80 on x86_64 ARM: OMAP2+: gpmc-onenand: propagate error on initialization failure vti6: Don't report path MTU below IPV6_MIN_MTU. ARM: 8657/1: uaccess: consistently check object sizes Revert "spi: SPI_FSL_DSPI should depend on HAS_DMA" Revert "drm/armada: Fix compile fail" mm: drop unused pmdp_huge_get_and_clear_notify() thp: fix MADV_DONTNEED vs. numa balancing race thp: reduce indentation level in change_huge_pmd() ARM: avoid faulting on qemu ARM: BUG if jumping to usermode address in kernel mode usb: f_fs: Force Reserved1=1 in OS_DESC_EXT_COMPAT crypto: talitos - fix ctr-aes-talitos crypto: talitos - fix use of sg_link_tbl_len crypto: talitos - fix AEAD for sha224 on non sha224 capable chips crypto: talitos - fix setkey to check key weakness crypto: talitos - fix memory corruption on SEC2 crypto: talitos - fix AEAD test failures bus: arm-ccn: fix module unloading Error: Removing state 147 which has instances left. bus: arm-ccn: Fix use of smp_processor_id() in preemptible context bus: arm-ccn: Check memory allocation failure bus: arm-cci: Fix use of smp_processor_id() in preemptible context arm64: fpsimd: Prevent registers leaking from dead tasks KVM: arm/arm64: vgic-its: Check result of allocation before use KVM: arm/arm64: vgic-irqfd: Fix MSI entry allocation KVM: arm/arm64: Fix broken GICH_ELRSR big endian conversion KVM: VMX: remove I/O port 0x80 bypass on Intel hosts arm: KVM: Fix VTTBR_BADDR_MASK BUG_ON off-by-one arm64: KVM: fix VTTBR_BADDR_MASK BUG_ON off-by-one media: dvb: i2c transfers over usb cannot be done from stack drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU kdb: Fix handling of kallsyms_symbol_next() return value brcmfmac: change driver unbind order of the sdio function devices powerpc/64s: Initialize ISAv3 MMU registers before setting partition table KVM: s390: Fix skey emulation permission check s390: fix compat system call table smp/hotplug: Move step CPUHP_AP_SMPCFD_DYING to the correct place iommu/vt-d: Fix scatterlist offset handling ALSA: usb-audio: Add check return value for usb_string() ALSA: usb-audio: Fix out-of-bound error ALSA: seq: Remove spurious WARN_ON() at timer check ALSA: pcm: prevent UAF in snd_pcm_info btrfs: fix missing error return in btrfs_drop_snapshot KVM: x86: fix APIC page invalidation x86/PCI: Make broadcom_postcore_init() check acpi_disabled X.509: fix comparisons of ->pkey_algo X.509: reject invalid BIT STRING for subjectPublicKey KEYS: add missing permission check for request_key() destination ASN.1: check for error from ASN1_OP_END__ACT actions ASN.1: fix out-of-bounds read when parsing indefinite length item efi/esrt: Use memunmap() instead of kfree() to free the remapping efi: Move some sysfs files to be read-only by root scsi: libsas: align sata_device's rps_resp on a cacheline scsi: use dma_get_cache_alignment() as minimum DMA alignment scsi: dma-mapping: always provide dma_get_cache_alignment isa: Prevent NULL dereference in isa_bus driver callbacks hv: kvp: Avoid reading past allocated blocks from KVP file virtio: release virtio index when fail to device_register can: usb_8dev: cancel urb on -EPIPE and -EPROTO can: esd_usb2: cancel urb on -EPIPE and -EPROTO can: ems_usb: cancel urb on -EPIPE and -EPROTO can: kvaser_usb: cancel urb on -EPIPE and -EPROTO can: kvaser_usb: ratelimit errors if incomplete messages are received can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback() can: kvaser_usb: free buf in error paths can: ti_hecc: Fix napi poll return value for repoll usb: gadget: udc: renesas_usb3: fix number of the pipes ANDROID: Revert "arm64: move ELF_ET_DYN_BASE to 4GB / 4MB" ANDROID: Revert "arm: move ELF_ET_DYN_BASE to 4MB" Linux 4.9.68 xen-netfront: avoid crashing on resume after a failure in talk_to_netback() usb: host: fix incorrect updating of offset USB: usbfs: Filter flags passed in from user space USB: devio: Prevent integer overflow in proc_do_submiturb() USB: Increase usbfs transfer limit USB: core: Add type-specific length check of BOS descriptors usb: xhci: fix panic in xhci_free_virt_devices_depth_first usb: hub: Cycle HUB power when initialization fails dma-buf: Update kerneldoc for sync_file_create dma-buf/sync_file: hold reference to fence when creating sync_file dma-buf/sw_sync: force signal all unsignaled fences on dying timeline dma-fence: Introduce drm_fence_set_error() helper dma-fence: Wrap querying the fence->status dma-fence: Clear fence->status during dma_fence_init() dma-buf/sw_sync: clean up list before signaling the fence dma-buf/sw_sync: move timeline_fence_ops around dma-buf/sw-sync: Use an rbtree to sort fences in the timeline dma-buf/sw-sync: Fix locking around sync_timeline lists dma-buf/sw-sync: sync_pt is private and of fixed size dma-buf/sw-sync: Reduce irqsave/irqrestore from known context dma-buf/sw-sync: Prevent user overflow on timeline advance dma-buf/sw-sync: Fix the is-signaled test to handle u32 wraparound dma-buf/dma-fence: Extract __dma_fence_is_later() net: fec: fix multicast filtering hardware setup xen-netback: vif counters from int/long to u64 cec: initiator should be the same as the destination for, poll xen-netfront: Improve error handling during initialization mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers vfio/spapr: Fix missing mutex unlock when creating a window be2net: fix initial MAC setting net: thunderx: avoid dereferencing xcv when NULL net: phy: micrel: KSZ8795 do not set SUPPORTED_[Asym_]Pause gtp: fix cross netns recv on gtp socket gtp: clear DF bit on GTP packet tx nvmet: cancel fatal error and flush async work before free controller i2c: i2c-cadence: Initialize configuration before probing devices tcp: correct memory barrier usage in tcp_check_space() dmaengine: pl330: fix double lock tipc: fix cleanup at module unload tipc: fix nametbl_lock soft lockup at module exit RDMA/qedr: Fix RDMA CM loopback RDMA/qedr: Return success when not changing QP state mac80211: don't try to sleep in rate_control_rate_init() drm/amdgpu: fix unload driver issue for virtual display x86/fpu: Set the xcomp_bv when we fake up a XSAVES area net: sctp: fix array overrun read on sctp_timer_tbl drm/exynos/decon5433: set STANDALONE_UPDATE_F on output enablement drm/amdgpu: fix bug set incorrect value to vce register qla2xxx: Fix wrong IOCB type assumption powerpc/mm: Fix memory hotplug BUG() on radix perf/x86/intel: Account interrupts for PEBS errors NFSv4: Fix client recovery when server reboots multiple times mac80211: prevent skb/txq mismatch KVM: arm/arm64: Fix occasional warning from the timer work function drm/exynos/decon5433: set STANDALONE_UPDATE_F also if planes are disabled drm/exynos/decon5433: update shadow registers iff there are active windows nfs: Don't take a reference on fl->fl_file for LOCK operation ravb: Remove Rx overflow log messages mac80211: calculate min channel width correctly mm: fix remote numa hits statistics net: qrtr: Mark 'buf' as little endian libfs: Modify mount_pseudo_xattr to be clear it is not a userspace mount net/appletalk: Fix kernel memory disclosure be2net: fix unicast list filling be2net: fix accesses to unicast list vti6: fix device register to report IFLA_INFO_KIND ARM: OMAP1: DMA: Correct the number of logical channels ARM: OMAP2+: Fix WL1283 Bluetooth Baud Rate net: systemport: Pad packet before inserting TSB net: systemport: Utilize skb_put_padto() libcxgb: fix error check for ip6_route_output() usb: gadget: f_fs: Fix ExtCompat descriptor validation dmaengine: stm32-dma: Fix null pointer dereference in stm32_dma_tx_status dmaengine: stm32-dma: Set correct args number for DMA request from DT l2tp: take remote address into account in l2tp_ip and l2tp_ip6 socket lookups net/mlx4_en: Fix type mismatch for 32-bit systems dax: Avoid page invalidation races and unnecessary radix tree traversals iio: adc: ti-ads1015: add 10% to conversion wait time tools include: Do not use poison with C++ kprobes/x86: Disable preemption in ftrace-based jprobes perf test attr: Fix ignored test case result usbip: tools: Install all headers needed for libusbip development sysrq : fix Show Regs call trace on ARM EDAC, sb_edac: Fix missing break in switch x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X usb: phy: tahvo: fix error handling in tahvo_usb_probe() mmc: sdhci-msm: fix issue with power irq spi: spi-axi: fix potential use-after-free after deregistration spi: sh-msiof: Fix DMA transfer size check staging: rtl8188eu: avoid a null dereference on pmlmepriv serial: 8250_fintek: Fix rs485 disablement on invalid ioctl() m68k: fix ColdFire node shift size calculation staging: greybus: loopback: Fix iteration count on async path selftests/x86/ldt_get: Add a few additional tests for limits s390/pci: do not require AIS facility ima: fix hash algorithm initialization USB: serial: option: add Quectel BG96 id s390/runtime instrumentation: simplify task exit handling serial: 8250_pci: Add Amazon PCI serial device ID usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices mm, oom_reaper: gather each vma to prevent leaking TLB entry Revert "crypto: caam - get rid of tasklet" drm/fsl-dcu: enable IRQ before drm_atomic_helper_resume() drm/fsl-dcu: avoid disabling pixel clock twice on suspend bcache: recover data from backing when data is clean bcache: only permit to recovery read error when cache device is clean Linux 4.9.67 drm/i915: Prevent zero length "index" write drm/i915: Don't try indexed reads to alternate slave addresses NFS: revalidate "." etc correctly on "open". Revert "x86/entry/64: Add missing irqflags tracing to native_load_gs_index()" drm/amd/pp: fix typecast error in powerplay. drm/ttm: once more fix ttm_buffer_object_transfer drm/hisilicon: Ensure LDI regs are properly configured. drm/panel: simple: Add missing panel_simple_unprepare() calls drm/radeon: fix atombios on big endian drm/amdgpu: Potential uninitialized variable in amdgpu_vm_update_directories() drm/amdgpu: potential uninitialized variable in amdgpu_vce_ring_parse_cs() Revert "drm/radeon: dont switch vt on suspend" nvme-pci: add quirk for delay before CHK RDY for WDC SN200 hwmon: (jc42) optionally try to disable the SMBUS timeout bcache: Fix building error on MIPS i2c: i801: Fix Failed to allocate irq -2147483648 error eeprom: at24: check at24_read/write arguments eeprom: at24: correctly set the size for at24mac402 eeprom: at24: fix reading from 24MAC402/24MAC602 mmc: core: prepend 0x to OCR entry in sysfs mmc: core: Do not leave the block driver in a suspended state KVM: lapic: Fixup LDR on load in x2apic KVM: lapic: Split out x2apic ldr calculation KVM: x86: inject exceptions produced by x86_decode_insn KVM: x86: Exit to user-mode on #UD intercept when emulator requires KVM: x86: pvclock: Handle first-time write to pvclock-page contains random junk ARM: OMAP2+: Fix WL1283 Bluetooth Baud Rate mfd: twl4030-power: Fix pmic for boards that need vmmc1 on reboot nfsd: fix panic in posix_unblock_lock called from nfs4_laundromat nfsd: Fix another OPEN stateid race nfsd: Fix stateid races between OPEN and CLOSE btrfs: clear space cache inode generation always mm/madvise.c: fix madvise() infinite loop under special circumstances mm, hugetlbfs: introduce ->split() to vm_operations_struct mm/cma: fix alloc_contig_range ret code/potential leak mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d() ARM: dts: omap3: logicpd-torpedo-37xx-devkit: Fix MMC1 cd-gpio ARM: dts: LogicPD Torpedo: Fix camera pin mux Linux 4.9.66 xen: xenbus driver must not accept invalid transaction ids nvmet: fix KATO offset in Set Features cec: update log_addr[] before finishing configuration cec: CEC_MSG_GIVE_FEATURES should abort for CEC version < 2 cec: when canceling a message, don't overwrite old status info s390/kbuild: enable modversions for symbols exported from asm ASoC: wm_adsp: Don't overrun firmware file buffer when reading region data btrfs: return the actual error value from from btrfs_uuid_tree_iterate crypto: marvell - Copy IVDIG before launching partial DMA ahash requests ASoC: rsnd: don't double free kctrl netfilter: nf_tables: fix oob access netfilter: nft_queue: use raw_smp_processor_id() spi: SPI_FSL_DSPI should depend on HAS_DMA staging: iio: cdc: fix improper return value iio: light: fix improper return value adm80211: add checks for dma mapping errors mac80211: Suppress NEW_PEER_CANDIDATE event if no room mac80211: Remove invalid flag operations in mesh TSF synchronization drm/mediatek: don't use drm_put_dev clk: qcom: ipq4019: Add all the frequencies for apss cpu drm: Apply range restriction after color adjustment when allocation gpio: mockup: dynamically allocate memory for chip name ALSA: hda - Apply ALC269_FIXUP_NO_SHUTUP on HDA_FIXUP_ACT_PROBE ath10k: set CTS protection VDEV param only if VDEV is up bnxt_en: Set default completion ring for async events. pinctrl: sirf: atlas7: Add missing 'of_node_put()' ath10k: fix potential memory leak in ath10k_wmi_tlv_op_pull_fw_stats() ath10k: ignore configuring the incorrect board_id ath10k: fix incorrect txpower set by P2P_DEVICE interface mwifiex: sdio: fix use after free issue for save_adapter adm80211: return an error if adm8211_alloc_rings() fails rt2800: set minimum MPDU and PSDU lengths to sane values drm/armada: Fix compile fail net: 3com: typhoon: typhoon_init_one: fix incorrect return values net: 3com: typhoon: typhoon_init_one: make return values more specific net: Allow IP_MULTICAST_IF to set index to L3 slave fscrypt: use ENOTDIR when setting encryption policy on nondirectory fscrypt: use ENOKEY when file cannot be created w/o key dmaengine: zx: set DMA_CYCLIC cap_mask bit clk: sunxi-ng: fix PLL_CPUX adjusting on A33 clk: sunxi-ng: A31: Fix spdif clock register drm/sun4i: Fix a return value in case of error PCI: Apply _HPX settings only to relevant devices RDS: RDMA: fix the ib_map_mr_sg_zbva() argument RDS: RDMA: return appropriate error on rdma map failures RDS: make message size limit compliant with spec e1000e: Avoid receiver overrun interrupt bursts e1000e: Separate signaling for link check/link up e1000e: Fix return value test e1000e: Fix error path in link detection Revert "drm/i915: Do not rely on wm preservation for ILK watermarks" PM / OPP: Add missing of_node_put(np) net/9p: Switch to wait_event_killable() fscrypt: lock mutex before checking for bounce page pool sched/rt: Simplify the IPI based RT balancing logic media: v4l2-ctrl: Fix flags field on Control events cx231xx-cards: fix NULL-deref on missing association descriptor media: rc: check for integer overflow media: Don't do DMA on stack for firmware upload in the AS102 driver powerpc/signal: Properly handle return value from uprobe_deny_signal() parisc: Fix validity check of pointer size argument in new CAS implementation ixgbe: Fix skb list corruption on Power systems fm10k: Use smp_rmb rather than read_barrier_depends i40evf: Use smp_rmb rather than read_barrier_depends ixgbevf: Use smp_rmb rather than read_barrier_depends igbvf: Use smp_rmb rather than read_barrier_depends igb: Use smp_rmb rather than read_barrier_depends i40e: Use smp_rmb rather than read_barrier_depends NFC: fix device-allocation error return IB/srp: Avoid that a cable pull can trigger a kernel crash IB/srpt: Do not accept invalid initiator port names libnvdimm, namespace: make 'resource' attribute only readable by root libnvdimm, namespace: fix label initialization to use valid seq numbers libnvdimm, pfn: make 'resource' attribute only readable by root clk: ti: dra7-atl-clock: fix child-node lookups SUNRPC: Fix tracepoint storage issues with svc_recv and svc_rqst_status KVM: SVM: obey guest PAT KVM: nVMX: set IDTR and GDTR limits when loading L1 host state lockd: double unregister of inetaddr notifiers irqchip/gic-v3: Fix ppi-partitions lookup block: Fix a race between blk_cleanup_queue() and timeout handling p54: don't unregister leds when they are not initialized mtd: nand: mtk: fix infinite ECC decode IRQ issue mtd: nand: Fix writing mtdoops to nand flash. mtd: nand: omap2: Fix subpage write target: Fix QUEUE_FULL + SCSI task attribute handling iscsi-target: Fix non-immediate TMR reference leak fs/9p: Compare qid.path in v9fs_test_inode fix a page leak in vhost_scsi_iov_to_sgl() error recovery ALSA: hda/realtek - Fix ALC700 family no sound issue ALSA: hda: Fix too short HDMI/DP chmap reporting ALSA: timer: Remove kernel warning at compat ioctl error paths ALSA: usb-audio: Add sanity checks in v2 clock parsers ALSA: usb-audio: Fix potential out-of-bound access at parsing SU ALSA: usb-audio: Add sanity checks to FE parser ALSA: pcm: update tstamp only if audio_tstamp changed ext4: fix interaction between i_size, fallocate, and delalloc after a crash ata: fixes kernel crash while tracing ata_eh_link_autopsy event rtlwifi: fix uninitialized rtlhal->last_suspend_sec time rtlwifi: rtl8192ee: Fix memory leak when loading firmware nfsd: deal with revoked delegations appropriately NFS: Avoid RCU usage in tracepoints nfs: Fix ugly referral attributes NFS: Fix typo in nomigration mount option isofs: fix timestamps beyond 2027 bcache: check ca->alloc_thread initialized before wake up it libceph: don't WARN() if user tries to add invalid key eCryptfs: use after free in ecryptfs_release_messaging() nilfs2: fix race condition that causes file system corruption autofs: don't fail mount for transient error rt2x00usb: mark device removed when get ENOENT usb error MIPS: BCM47XX: Fix LED inversion for WRT54GSv1 MIPS: Fix an n32 core file generation regset support regression MIPS: dts: remove bogus bcm96358nb4ser.dtb from dtb-y entry MIPS: Fix odd fp register warnings with MIPS64r2 dm: fix race between dm_get_from_kobject() and __dm_destroy() MIPS: pci: Remove KERN_WARN instance inside the mt7620 driver dm: allocate struct mapped_device with kvzalloc dm bufio: fix integer overflow when limiting maximum cache size ALSA: hda: Add Raven PCI ID PCI: Set Cavium ACS capability quirk flags to assert RR/CR/SV/UF MIPS: ralink: Fix typo in mt7628 pinmux function MIPS: ralink: Fix MT7628 pinmux ARM: 8721/1: mm: dump: check hardware RO bit for LPAE ARM: 8722/1: mm: make STRICT_KERNEL_RWX effective for LPAE arm64: Implement arch-specific pte_access_permitted() x86/entry/64: Add missing irqflags tracing to native_load_gs_index() x86/decoder: Add new TEST instruction pattern lib/mpi: call cond_resched() from mpi_powm() loop sched: Make resched_cpu() unconditional vsock: use new wait API for vsock_stream_sendmsg() ipv6: only call ip6_route_dev_notify() once for NETDEV_UNREGISTER x86/mm: fix use-after-free of vma during userfaultfd fault ACPI / EC: Fix regression related to triggering source of EC event handling s390/disassembler: increase show_code buffer size s390/disassembler: add missing end marker for e7 table s390/runtime instrumention: fix possible memory corruption s390: fix transactional execution control register handling Conflicts: drivers/android/binder_alloc.c drivers/android/binder_alloc.h drivers/android/binder_alloc_selftest.c drivers/mmc/core/bus.c drivers/mmc/host/sdhci-msm.c drivers/thermal/step_wise.c kernel/cpu.c mm/oom_kill.c sound/usb/mixer.c Change-Id: Id01eb66cafc5970b460321e44ec8ffcfa76971a6 Signed-off-by: Kyle Yan <kyan@codeaurora.org> |
||
|
Justin Tee
|
7c888a1522 |
net: Kernel changes for Generic Software Bridge(GSB)
Changes are made to let GSB intercept network packets and consume them when possible. The goal is to bridge the packets directly to backhaul without letting packet do a round trip through the network stack. Acked-by: Vinisha Varre <vvarre@qti.qualcomm.com> Signed-off-by: Justin Tee <justint@codeaurora.org> Change-Id: I274da3196b4488f80ff9fc223d1f6ba0d04d3832 |
||
|
Vlad Yasevich
|
6c548e90a0 |
net: Resend IGMP memberships upon peer notification.
[ Upstream commit 37c343b4f4e70e9dc328ab04903c0ec8d154c1a4 ] When we notify peers of potential changes, it's also good to update IGMP memberships. For example, during VM migration, updating IGMP memberships will redirect existing multicast streams to the VM at the new location. Signed-off-by: Vladislav Yasevich <vyasevic@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Sasha Levin <alexander.levin@verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Kyle Yan
|
01bff91034 |
Merge remote-tracking branch '4.9/tmp-8cca21f' into 4.9
* 4.9/tmp-8cca21f: Linux 4.9.65 mm/pagewalk.c: report holes in hugetlb ranges coda: fix 'kernel memory exposure attempt' in fsync mm/page_alloc.c: broken deferred calculation ipmi: fix unsigned long underflow ocfs2: should wait dio before inode lock in ocfs2_setattr() ocfs2: fix cluster hang after a node dies dmaengine: dmatest: warn user when dma test times out serial: 8250_fintek: Fix finding base_port with activated SuperIO serial: omap: Fix EFR write on RTS deassertion ima: do not update security.ima if appraisal status is not INTEGRITY_PASS crypto: dh - Fix double free of ctx->p crypto: dh - fix memleak in setkey net/sctp: Always set scope_id in sctp_inet6_skb_msgname fealnx: Fix building error on MIPS sctp: do not peel off an assoc from one netns to another one af_netlink: ensure that NLMSG_DONE never fails in dumps vlan: fix a use-after-free in vlan_device_event() net: usb: asix: fill null-ptr-deref in asix_suspend qmi_wwan: Add missing skb_reset_mac_header-call net: qmi_wwan: fix divide by 0 on bad descriptors net: cdc_ether: fix divide by 0 on bad descriptors bonding: discard lowest hash bit for 802.3ad layer3+4 netfilter/ipvs: clear ipvs_property flag when SKB net namespace changed tcp: do not mangle skb->cb[] in tcp_make_synack() net: vrf: correct FRA_L3MDEV encode type tcp_nv: fix division by zero in tcpnv_acked() Linux 4.9.64 staging: greybus: spilib: fix use-after-free after deregistration brcmfmac: don't preset all channels as disabled x86/MCE/AMD: Always give panic severity for UC errors in kernel context USB: serial: garmin_gps: fix memory leak on probe errors USB: serial: garmin_gps: fix I/O after failed probe and remove USB: serial: qcserial: add pid/vid for Sierra Wireless EM7355 fw update usb: gadget: f_fs: Fix use-after-free in ffs_free_inst USB: Add delay-init quirk for Corsair K70 LUX keyboards USB: usbfs: compute urb->actual_length for isochronous crypto: dh - Don't permit 'key' or 'g' size longer than 'p' crypto: dh - Don't permit 'p' to be 0 Revert "dt-bindings: Add LEGO MINDSTORMS EV3 compatible specification" Revert "dt-bindings: Add vendor prefix for LEGO" uapi: fix linux/rds.h userspace compilation errors uapi: fix linux/rds.h userspace compilation error Revert "uapi: fix linux/rds.h userspace compilation errors" Revert "crypto: xts - Add ECB dependency" MIPS: Netlogic: Exclude netlogic,xlp-pic code from XLR builds MIPS: traps: Ensure L1 & L2 ECC checking match for CM3 systems MIPS: init: Ensure reserved memory regions are not added to bootmem MIPS: init: Ensure bootmem does not corrupt reserved memory MIPS: End asm function prologue macros with .insn staging: greybus: add host device function pointer checks staging: wilc1000: Fix endian sparse warning staging: rtl8712: fixed little endian problem ixgbe: do not disable FEC from the driver ixgbe: add mask for 64 RSS queues ixgbe: Reduce I2C retry count on X550 devices ixgbe: Fix reporting of 100Mb capability ixgbe: handle close/suspend race with netif_device_detach/present ixgbe: fix AER error handling ixgbe: Configure advertised speeds correctly for KR/KX backplane arm64: dts: NS2: reserve memory for Nitro firmware ALSA: hda/realtek - Add new codec ID ALC299 gpu: drm: mgag200: mgag200_main:- Handle error from pci_iomap backlight: adp5520: Fix error handling in adp5520_bl_probe() backlight: lcd: Fix race condition during register drm/omap: panel-sony-acx565akm.c: Add MODULE_ALIAS ALSA: vx: Fix possible transfer overflow ALSA: vx: Don't try to update capture stream before running power: supply: axp288_fuel_gauge: Read 12 bit values 2 registers at a time power: supply: axp288_fuel_gauge: Read 15 bit values 2 registers at a time rtc: rx8010: change lock mechanism scsi: lpfc: Clear the VendorVersion in the PLOGI/PLOGI ACC payload scsi: lpfc: Correct issue leading to oops during link reset scsi: lpfc: Correct host name in symbolic_name field scsi: lpfc: FCoE VPort enable-disable does not bring up the VPort scsi: lpfc: Add missing memory barrier x86/irq, trace: Add __irq_entry annotation to x86's platform IRQ handlers staging: rtl8188eu: fix incorrect ERROR tags from logs tcp: provide timestamps for partial writes scsi: ufs: add capability to keep auto bkops always enabled scsi: ufs-qcom: Fix module autoload igb: Fix hw_dbg logging in igb_update_flash_i210 igb: close/suspend race in netif_device_detach igb: reset the PHY before reading the PHY ID drm/sti: sti_vtg: Handle return NULL error from devm_ioremap_nocache ata: SATA_MV should depend on HAS_DMA ata: SATA_HIGHBANK should depend on HAS_DMA ata: ATA_BMDMA should depend on HAS_DMA ARM: dts: omap5-uevm: Allow bootloader to configure USB Ethernet MAC ARM: dts: Fix omap3 off mode pull defines ARM: OMAP2+: Fix init for multiple quirks for the same SoC ARM: dts: Fix am335x and dm814x scm syscon to probe children ARM: dts: Fix compatible for ti81xx uarts for 8250 fm10k: request reset when mbx->state changes extcon: palmas: Check the parent instance to prevent the NULL extcon: Remove potential problem when calling extcon_register_notifier() Bluetooth: btusb: fix QCA Rome suspend/resume arm: crypto: reduce priority of bit-sliced AES cipher media: dib0700: fix invalid dvb_detach argument media: imon: Fix null-ptr-deref in imon_probe Linux 4.9.63 misc: panel: properly restore atomic counter on error path qla2xxx: Fix incorrect tcm_qla2xxx_free_cmd use during TMR ABORT (v2) target/iscsi: Fix iSCSI task reassignment handling brcmfmac: remove setting IBSS mode when stopping AP security/keys: add CONFIG_KEYS_COMPAT to Kconfig netfilter: nat: Revert "netfilter: nat: convert nat bysrc hash to rhashtable" netfilter: nat: avoid use of nf_conn_nat extension Revert "ARM: dts: imx53-qsb-common: fix FEC pinmux config" ALSA: seq: Cancel pending autoload work at unbinding device Input: ims-psu - check if CDC union descriptor is sane usb: usbtest: fix NULL pointer dereference mac80211: don't compare TKIP TX MIC key in reinstall prevention mac80211: use constant time comparison with keys mac80211: accept key reinstall without changing anything ppp: fix race in ppp device destruction net_sched: avoid matching qdisc with zero handle sctp: reset owner sk for data chunks on out queues when migrating a sock tun: allow positive return values on dev_get_valid_name() call ip6_gre: update dst pmtu if dev mtu has been updated by toobig in __gre6_xmit ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err ipip: only increase err_count for some certain type icmp in ipip_err tap: double-free in error path in tap_open() net/unix: don't show information about sockets from other namespaces tcp/dccp: fix other lockdep splats accessing ireq_opt tcp/dccp: fix lockdep splat in inet_csk_route_req() sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND ipv6: flowlabel: do not leave opt->tot_len with garbage soreuseport: fix initialization race packet: avoid panic in packet_getsockopt() tcp/dccp: fix ireq->opt races sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect tun: call dev_get_valid_name() before register_netdevice() l2tp: check ps->sock before running pppol2tp_session_ioctl() tcp: fix tcp_mtu_probe() vs highest_sack net: call cgroup_sk_alloc() earlier in sk_clone_lock() netlink: do not set cb_running if dump's start() errs ipv6: addrconf: increment ifp refcount before ipv6_del_addr() tun/tap: sanitize TUNSETSNDBUF input gso: fix payload length when gso_size is zero FROMLIST: binder: fix proc->files use-after-free Conflicts: drivers/scsi/ufs/ufshcd.h include/net/netfilter/nf_conntrack.h Change-Id: I38fd3aa5f077a7bde0a8de4ebe9dc9316075f199 Signed-off-by: Kyle Yan <kyan@codeaurora.org> |
||
|
Cong Wang
|
3e2ab0ceef |
tun: call dev_get_valid_name() before register_netdevice()
[ Upstream commit 0ad646c81b2182f7fa67ec0c8c825e0ee165696d ]
register_netdevice() could fail early when we have an invalid
dev name, in which case ->ndo_uninit() is not called. For tun
device, this is a problem because a timer etc. are already
initialized and it expects ->ndo_uninit() to clean them up.
We could move these initializations into a ->ndo_init() so
that register_netdevice() knows better, however this is still
complicated due to the logic in tun_detach().
Therefore, I choose to just call dev_get_valid_name() before
register_netdevice(), which is quicker and much easier to audit.
And for this specific case, it is already enough.
Fixes:
|
||
|
Linux Build Service Account
|
fd5d61b170 | Merge "net/embms-kernel : EMBMS Tunneling Module" | ||
|
Ravinder Konka
|
94266eb2b8 |
net/embms-kernel : EMBMS Tunneling Module
This module is used to tunnel multicast packets received on an interface to WLAN clients which have registered for these packet streams. Mainly used to tunnel EMBMS packets received on TMGI streams. Change-Id: I996077342261ec2cb688e98319c6881d2dd7cce2 Acked-by: Mohit Pahuja <mpahuja@qti.qualcomm.com> Signed-off-by: Ravinder konka <rkonka@codeaurora.org> |
||
|
Linux Build Service Account
|
06cb987fb2 | Merge "net: rps: reset backlog state when IPI fails." | ||
|
Linux Build Service Account
|
411a7a1188 | Merge "Merge remote-tracking branch '4.9/tmp-05a906d' into msm-4.9" | ||
|
Linux Build Service Account
|
b7fe225bc2 | Merge "net: rps: send out pending IPI's on CPU hotplug" | ||
|
Ashwanth Goli
|
9a04486a94 |
net: rps: reset backlog state when IPI fails.
Changes that reset remote cpu backlog state are removed with the
following commit. Adding them back.
I6e688bf0d09 ("net: rps: send out pending IPI's on CPU hotplug")
Change-Id: I436d1a1f185f0ddc375349e135bbb5d6eb8c5f26
Signed-off-by: Ashwanth Goli <ashwanth@codeaurora.org>
|
||
|
Ashwanth Goli
|
d6a8cc0a25 |
net: rps: send out pending IPI's on CPU hotplug
IPI's from the victim cpu are not handled in dev_cpu_callback. So these pending IPI's would be sent to the remote cpu only when NET_RX is scheduled on the victim cpu and since this trigger is unpredictable it would result in packet latencies on the remote cpu. This patch add support to send the pending ipi's of victim cpu. Change-Id: I6e688bf0d09a952468eec18f80ce6b21bf370ef1 Signed-off-by: Ashwanth Goli <ashwanth@codeaurora.org> Signed-off-by: David S. Miller <davem@davemloft.net> |
||
|
Mohammed Javid
|
7ea9946b5f |
msm: net: API to send list of SKB's to network driver
Existing network stack API's which are used to transmit data to the network drivers send one SKB at a time. There can be usecases where network driver expects a list of skb's from the network stack. For example it will be needed in cases where aggregation is needed before giving packets to HW. Create a new API to send list of skb's from the network stack to network driver. Re-use the existing functionality of __dev_queue_xmit(). Change-Id: I67bd081c92eda63d3712d29f3b5bee21cde798ab Acked-by: Chaitanya Pratapa <cpratapa@qti.qualcomm.com> Signed-off-by: Mohammed Javid <mjavid@codeaurora.org> |
||
|
Mohammed Javid
|
9c84341cf3 |
net: Changes to support Shortcut Forward Engine
Shortcut forward Engine (SFE) is a software packet accelerator which works on packet tuple entires (SFE entry) based on conntrack information. net:core has changes to invoke SFE module during packet traversal. net:netfilter has changes to remove SFE Entries when conntrack is deleted or expires. Also has changes to avoid tcp window check for incoming packets. Change-Id: I1622677e472870f8100c72221d9b1fab7fa768be Signed-off-by: Mohammed Javid <mjavid@codeaurora.org> |
||
|
Kyle Yan
|
1bca48ef39 |
Merge remote-tracking branch '4.9/tmp-05a906d' into msm-4.9
* 4.9/tmp-05a906d:
Linux 4.9.56
Revert "socket, bpf: fix possible use after free"
Linux 4.9.55
KVM: x86: fix singlestepping over syscall
f2fs: don't allow encrypted operations without keys
ext4: don't allow encrypted operations without keys
ext4: Don't clear SGID when inheriting ACLs
ext4: fix data corruption for mmap writes
vfs: deny copy_file_range() for non regular files
sched/cpuset/pm: Fix cpuset vs. suspend-resume bugs
mmc: core: add driver strength selection when selecting hs400es
nvme-pci: Use PCI bus address for data/queues in CMB
drm/i915/bios: ignore HDMI on port A
brcmfmac: setup passive scan if requested by user-space
brcmfmac: add length check in brcmf_cfg80211_escan_handler()
scsi: sd: Do not override max_sectors_kb sysfs setting
iwlwifi: add workaround to disable wide channels in 5GHz
iwlwifi: mvm: use IWL_HCMD_NOCOPY for MCAST_FILTER_CMD
netlink: fix nla_put_{u8,u16,u32} for KASAN
rocker: fix rocker_tlv_put_* functions for KASAN
HID: wacom: bits shifted too much for 9th and 10th buttons
HID: wacom: Always increment hdev refcount within wacom_get_hdev_data
HID: wacom: leds: Don't try to control the EKR's read-only LEDs
HID: i2c-hid: allocate hid buffers for real worst case
ftrace: Fix kmemleak in unregister_ftrace_graph
stm class: Fix a use-after-free
Drivers: hv: fcopy: restore correct transfer length
driver core: platform: Don't read past the end of "driver_override" buffer
percpu: make this_cpu_generic_read() atomic w.r.t. interrupts
powerpc/tm: Fix illegal TM state in signal handler
powerpc/64s: Use emergency stack for kernel TM Bad Thing program checks
socket, bpf: fix possible use after free
net: rtnetlink: fix info leak in RTM_GETSTATS call
tipc: use only positive error codes in messages
ip6_tunnel: update mtu properly for ARPHRD_ETHER tunnel device in tx path
ip6_gre: ip6gre_tap device should keep dst
netlink: do not proceed if dump's start() errs
net: Set sk_prot_creator when cloning sockets to the right proto
packet: only test po->has_vnet_hdr once in packet_snd
packet: in packet_do_bind, test fanout with bind_lock held
net: dsa: Fix network device registration order
tun: bail out from tun_get_user() if the skb is empty
l2tp: fix race condition in l2tp_tunnel_delete
l2tp: Avoid schedule while atomic in exit_net
vti: fix use after free in vti_tunnel_xmit/vti6_tnl_xmit
net: qcom/emac: specify the correct size when mapping a DMA buffer
net_sched: always reset qdisc backlog in qdisc_reset()
isdn/i4l: fetch the ppp_write buffer in one shot
bpf: one perf event close won't free bpf program attached by another perf event
packet: hold bind lock when rebinding to fanout hook
net: emac: Fix napi poll list corruption
tcp: fastopen: fix on syn-data transmit failure
net/sched: cls_matchall: fix crash when used with classful qdisc
ip6_tunnel: do not allow loading ip6_tunnel if ipv6 is disabled in cmdline
net: phy: Fix mask value write on gmii2rgmii converter speed register
ip6_gre: skb_push ipv6hdr before packing the header in ip6gre_header
udpv6: Fix the checksum computation when HW checksum does not apply
tcp: fix data delivery rate
bpf/verifier: reject BPF_ALU64|BPF_END
tcp: update skb->skb_mstamp more carefully
sctp: potential read out of bounds in sctp_ulpevent_type_enabled()
net: sched: fix use-after-free in tcf_action_destroy and tcf_del_walker
mlxsw: spectrum: Prevent mirred-related crash on removal
ALSA: usx2y: Suppress kernel warning at page allocation failures
Revert "ALSA: echoaudio: purge contradictions between dimension matrix members and total number of members"
ALSA: compress: Remove unused variable
lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
lib/ratelimit.c: use deferred printk() version
mm, oom_reaper: skip mm structs with mmu notifiers
staging: vchiq_2835_arm: Fix NULL ptr dereference in free_pagelist
uwb: ensure that endpoint is interrupt
uwb: properly check kthread_run return value
iio: adc: mcp320x: Fix oops on module unload
iio: adc: mcp320x: Fix readout of negative voltages
iio: ad7793: Fix the serial interface reset
IIO: BME280: Updates to Humidity readings need ctrl_reg write!
iio: core: Return error for failed read_reg
staging: iio: ad7192: Fix - use the dedicated reset function avoiding dma from stack.
iio: ad_sigma_delta: Implement a dedicated reset function
iio: adc: twl4030: Disable the vusb3v1 rugulator in the error handling path of 'twl4030_madc_probe()'
iio: adc: twl4030: Fix an error handling path in 'twl4030_madc_probe()'
Revert "xhci: Limit USB2 port wake support for AMD Promontory hosts"
xhci: set missing SuperSpeedPlus Link Protocol bit in roothub descriptor
xhci: Fix sleeping with spin_lock_irq() held in ASmedia 1042A workaround
xhci: fix finding correct bus_state structure for USB 3.1 hosts
USB: fix out-of-bounds in usb_set_configuration
usb: Increase quirk delay for USB devices
USB: core: harden cdc_parse_cdc_header
USB: uas: fix bug in handling of alternate settings
USB: g_mass_storage: Fix deadlock when driver is unbound
usb: gadget: mass_storage: set msg_registered after msg registered
USB: devio: Don't corrupt user memory
USB: dummy-hcd: Fix erroneous synchronization change
USB: dummy-hcd: fix infinite-loop resubmission bug
USB: dummy-hcd: fix connection failures (wrong speed)
USB: cdc-wdm: ignore -EPIPE from GetEncapsulatedResponse
usb: pci-quirks.c: Corrected timeout values used in handshake
ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor
usb: renesas_usbhs: fix usbhsf_fifo_clear() for RX direction
usb: renesas_usbhs: fix the BCLR setting condition for non-DCP pipe
usb-storage: fix bogus hardware error messages for ATA pass-thru devices
usb-storage: unusual_devs entry to fix write-access regression for Seagate external drives
usb: gadget: udc: renesas_usb3: Fix return value of usb3_write_pipe()
usb: gadget: udc: renesas_usb3: fix Pn_RAMMAP.Pn_MPKT value
usb: gadget: udc: renesas_usb3: fix for no-data control transfer
usb: gadget: udc: atmel: set vbus irqflags explicitly
USB: gadgetfs: fix copy_to_user while holding spinlock
USB: gadgetfs: Fix crash caused by inadequate synchronization
Linux 4.9.54
s390/mm: make pmdp_invalidate() do invalidation only
ttpci: address stringop overflow warning
ALSA: au88x0: avoid theoretical uninitialized access
ASoC: rt5660: remove double const
ASoC: rt5659: drop double const
ASoC: rt5514: fix gcc-7 warning
ARM: remove duplicate 'const' annotations'
IB/qib: fix false-postive maybe-uninitialized warning
tools/power turbostat: bugfix: GFXMHz column not changing
ARM: dts: BCM5301X: Fix memory start address
libata: transport: Remove circular dependency at free time
ASoC: wm_adsp: Return an error on write to a disabled volatile control
xfs: remove kmem_zalloc_greedy
i2c: meson: fix wrong variable usage in meson_i2c_put_data
netfilter: nf_tables: set pktinfo->thoff at AH header if found
md/raid10: submit bio directly to replacement disk
rds: ib: add error handle
mm/cgroup: avoid panic when init with low memory
iommu/io-pgtable-arm: Check for leaf entry before dereferencing it
x86/acpi: Restore the order of CPU IDs
cpufreq: intel_pstate: Update pid_params.sample_rate_ns in pid_param_set()
ibmvnic: Free tx/rx scrq pointer array when releasing sub-crqs
nfs: make nfs4_cb_sv_ops static
parisc: perf: Fix potential NULL pointer dereference
netfilter: nfnl_cthelper: fix incorrect helper->expect_class_max
nvme-rdma: handle cpu unplug when re-establishing the controller
MIPS: smp-cps: Fix retrieval of VPE mask on big endian CPUs
exynos-gsc: Do not swap cb/cr for semi planar formats
iommu/exynos: Block SYSMMU while invalidating FLPD cache
MIPS: IRQ Stack: Unwind IRQ stack onto task stack
netfilter: invoke synchronize_rcu after set the _hook_ to NULL
drivers/rapidio/devices/tsi721.c: make module parameter variable name unique
kasan: do not sanitize kexec purgatory
hugetlbfs: initialize shared policy as part of inode allocation
sata_via: Enable hotplug only on VT6421
Btrfs: fix potential use-after-free for cloned bio
Btrfs: fix segmentation fault when doing dio read
bridge: netlink: register netdevice before executing changelink
mmc: sdio: fix alignment issue in struct sdio_func
qed: Fix possible system hang in the dcbnl-getdcbx() path.
net: dsa: b53: Include IMP/CPU port in dumb forwarding mode
udp: disable inner UDP checksum offloads in IPsec case
usb: plusb: Add support for PL-27A1
team: fix memory leaks
net/packet: check length in getsockopt() called with PACKET_HDRLEN
net: core: Prevent from dereferencing null pointer when releasing SKB
lkdtm: Fix Oops when unloading the module
mips: ath79: clock:- Unmap region obtained by of_iomap
MIPS: Lantiq: Fix another request_mem_region() return code check
HID: wacom: release the resources before leaving despite devm
drm: mali-dp: Fix transposed horizontal/vertical flip
drm: mali-dp: Fix destination size handling when rotating
ASoC: dapm: fix some pointer error handling
rtl8xxxu: Add additional USB IDs for rtl8192eu devices
usb: chipidea: vbus event may exist before starting gadget
iommu/arm-smmu: Set privileged attribute to 'default' instead of 'unprivileged'
spi: pxa2xx: Add support for Intel Gemini Lake
ath10k: prevent sta pointer rcu violation
audit: log 32-bit socketcalls
ASoC: dapm: handle probe deferrals
partitions/efi: Fix integer overflow in GPT size calculation
sfc: get PIO buffer size from the NIC
USB: serial: mos7840: fix control-message error handling
USB: serial: mos7720: fix control-message error handling
drm/amdkfd: fix improper return value on error
arm: dts: mt2701: Add subsystem clock controller device nodes
IB/ipoib: Replace list_del of the neigh->list with list_del_init
IB/ipoib: rtnl_unlock can not come after free_netdev
IB/ipoib: Fix deadlock over vlan_mutex
serial: 8250_port: Remove dangerous pr_debug()
tty: goldfish: Fix a parameter of a call to free_irq
serial: 8250: moxa: Store num_ports in brd
drm/i915/psr: disable psr2 for resolution greater than 32X20
ARM: 8635/1: nommu: allow enabling REMAP_VECTORS_TO_RAM
IB/rxe: Fix a MR reference leak in check_rkey()
IB/rxe: Add a runtime check in alloc_index()
iio: adc: hx711: Add DT binding for avia,hx711
iio: adc: axp288: Drop bogus AXP288_ADC_TS_PIN_CTRL register modifications
iio: adc: imx25-gcq: Fix module autoload
hwmon: (gl520sm) Fix overflows and crash seen when writing into limit attributes
usb: make the MTK XHCI driver compile for older MIPS SoCs
clk/axs10x: Clear init field in driver probe
sh_eth: use correct name for ECMR_MPDE bit
reset: ti_syscon: fix a ti_syscon_reset_status issue
extcon: axp288: Use vbus-valid instead of -present to determine cable presence
igb: re-assign hw address pointer on reset after PCI error
ARM: dts: am335x-chilisom: Wakeup from RTC-only state by power on event
scsi: be2iscsi: Add checks to validate CID alloc/free
power: supply: axp288_fuel_gauge: Fix fuel_gauge_reg_readb return on error
MIPS: ralink: Fix incorrect assignment on ralink_soc
MIPS: ralink: Fix a typo in the pinmux setup.
MIPS: Ensure bss section ends on a long-aligned address
ARM: dts: r8a7790: Use R-Car Gen 2 fallback binding for msiof nodes
RDS: RDMA: Fix the composite message user notification
clk: sunxi-ng: fix PLL_CPUX adjusting on H3
ARM: dts: exynos: Add CPU OPPs for Exynos4412 Prime
drm/i915: Fix the overlay frontbuffer tracking
GFS2: Fix reference to ERR_PTR in gfs2_glock_iter_next
drm: bridge: add DT bindings for TI ths8135
drm_fourcc: Fix DRM_FORMAT_MOD_LINEAR #define
FROMLIST: binder: fix use-after-free in binder_transaction()
FROMLIST: binder: fix an ret value override
FROMLIST: binder: fix memory corruption in binder_transaction binder
Conflicts:
mm/oom_kill.c
sound/usb/card.c
Change-Id: I8b32fbdaa2be959a4149cf07d0bda16b75eeacbc
Signed-off-by: Kyle Yan <kyan@codeaurora.org>
|
||
|
Myungho Jung
|
1dee03af73 |
net: core: Prevent from dereferencing null pointer when releasing SKB
[ Upstream commit 9899886d5e8ec5b343b1efe44f185a0e68dc6454 ] Added NULL check to make __dev_kfree_skb_irq consistent with kfree family of functions. Link: https://bugzilla.kernel.org/show_bug.cgi?id=195289 Signed-off-by: Myungho Jung <mhjungk@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Sasha Levin <alexander.levin@verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Kyle Yan
|
229226ed21 |
Merge remote-tracking branch '4.9/tmp-9452b2c' into msm-4.9
* 4.9/tmp-9452b2c: Linux 4.9.51 ipv6: Fix may be used uninitialized warning in rt6_check xfs: fix compiler warnings md/raid5: release/flush io in raid5_do_work() xfs: use kmem_free to free return value of kmem_zalloc xfs: open code end_buffer_async_write in xfs_finish_page_writeback xfs: don't set v3 xflags for v2 inodes xfs: fix incorrect log_flushed on fsync xfs: disable per-inode DAX flag xfs: relog dirty buffers during swapext bmbt owner change xfs: disallow marking previously dirty buffers as ordered xfs: move bmbt owner change to last step of extent swap xfs: skip bmbt block ino validation during owner change xfs: don't log dirty ranges for ordered buffers xfs: refactor buffer logging into buffer dirtying helper xfs: ordered buffer log items are never formatted xfs: remove unnecessary dirty bli format check for ordered bufs xfs: open-code xfs_buf_item_dirty() xfs: check for race with xfs_reclaim_inode() in xfs_ifree_cluster() xfs: evict all inodes involved with log redo item xfs: stop searching for free slots in an inode chunk when there are none xfs: add log recovery tracepoint for head/tail xfs: handle -EFSCORRUPTED during head/tail verification xfs: fix log recovery corruption error due to tail overwrite xfs: always verify the log tail during recovery xfs: fix recovery failure when log record header wraps log end xfs: Properly retry failed inode items in case of error during buffer writeback xfs: Add infrastructure needed for error propagation during buffer IO failure xfs: remove xfs_trans_ail_delete_bulk xfs: toggle readonly state around xfs_log_mount_finish xfs: write unmount record for ro mounts iomap: fix integer truncation issues in the zeroing and dirtying helpers xfs: don't leak quotacheck dquots when cow recovery xfs: clear MS_ACTIVE after finishing log recovery xfs: fix inobt inode allocation search optimization xfs: Fix per-inode DAX flag inheritance xfs: fix multi-AG deadlock in xfs_bunmapi xfs: fix quotacheck dquot id overflow infinite loop xfs: check _alloc_read_agf buffer pointer before using xfs: set firstfsb to NULLFSBLOCK before feeding it to _bmapi_write xfs: check _btree_check_block value xfs: don't crash on unexpected holes in dir/attr btrees xfs: free cowblocks and retry on buffered write ENOSPC xfs: free uncommitted transactions during log recovery xfs: don't allow bmap on rt files xfs: remove bli from AIL before release on transaction abort xfs: release bli from transaction properly on fs shutdown xfs: try to avoid blowing out the transaction reservation when bunmaping a shared extent xfs: push buffer of flush locked dquot to avoid quotacheck deadlock xfs: fix spurious spin_is_locked() assert failures on non-smp kernels xfs: Move handling of missing page into one place in xfs_find_get_desired_pgoff() x86/switch_to/64: Rewrite FS/GS switching yet again to fix AMD CPUs x86/fsgsbase/64: Report FSBASE and GSBASE correctly in core dumps x86/fsgsbase/64: Fully initialize FS and GS state in start_thread_common f2fs: check hot_data for roll-forward recovery f2fs: let fill_super handle roll-forward errors ip_tunnel: fix setting ttl and tos value in collect_md mode sctp: fix missing wake ups in some situations ipv6: fix typo in fib6_net_exit() ipv6: fix memory leak with multiple tables during netns destruction ip6_gre: update mtu properly in ip6gre_err vhost_net: correctly check tx avail during rx busy polling gianfar: Fix Tx flow control deactivation Revert "net: fix percpu memory leaks" Revert "net: use lib/percpu_counter API for fragmentation mem accounting" bridge: switchdev: Clear forward mark when transmitting packet mlxsw: spectrum: Forbid linking to devices that have uppers tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 Revert "net: phy: Correctly process PHY_HALTED in phy_stop_machine()" kcm: do not attach PF_KCM sockets to avoid deadlock packet: Don't write vnet header beyond end of buffer cxgb4: Fix stack out-of-bounds read due to wrong size to t4_record_mbox() netvsc: fix deadlock betwen link status and removal qlge: avoid memcpy buffer overflow sctp: Avoid out-of-bounds reads from address storage fsl/man: Inherit parent device and of_node udp: on peeking bad csum, drop packets even if not at head macsec: add genl family module alias ipv6: fix sparse warning on rt6i_node ipv6: add rcu grace period before freeing fib6_node ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt() ANDROID: configs: remove config fragments Conflicts: kernel/configs/android-recommended.config Change-Id: Ifc0a477ea15c7cdf7154b5f047014549fbf28f88 Signed-off-by: Kyle Yan <kyan@codeaurora.org> |
||
|
Ido Schimmel
|
73ee5a73e7 |
mlxsw: spectrum: Forbid linking to devices that have uppers
[ Upstream commit 25cc72a33835ed8a6f53180a822cadab855852ac ]
The mlxsw driver relies on NETDEV_CHANGEUPPER events to configure the
device in case a port is enslaved to a master netdev such as bridge or
bond.
Since the driver ignores events unrelated to its ports and their
uppers, it's possible to engineer situations in which the device's data
path differs from the kernel's.
One example to such a situation is when a port is enslaved to a bond
that is already enslaved to a bridge. When the bond was enslaved the
driver ignored the event - as the bond wasn't one of its uppers - and
therefore a bridge port instance isn't created in the device.
Until such configurations are supported forbid them by checking that the
upper device doesn't have uppers of its own.
Fixes:
|
||
|
Kyle Yan
|
7d337cc7f9 |
Merge remote-tracking branch '4.9/tmp-85e1c01' into 4.9
* 4.9/tmp-85e1c01:
Linux 4.9.48
epoll: fix race between ep_poll_callback(POLLFREE) and ep_free()/ep_remove()
kvm: arm/arm64: Force reading uncached stage2 PGD
drm/ttm: Fix accounting error when fail to get pages for pool
xfrm: policy: check policy direction value
lib/mpi: kunmap after finishing accessing buffer
wl1251: add a missing spin_lock_init()
CIFS: remove endian related sparse warning
CIFS: Fix maximum SMB2 header size
alpha: uapi: Add support for __SANE_USERSPACE_TYPES__
cpuset: Fix incorrect memory_pressure control file mapping
cpumask: fix spurious cpumask_of_node() on non-NUMA multi-node configs
ceph: fix readpage from fscache
mm, madvise: ensure poisoned pages are removed from per-cpu lists
mm, uprobes: fix multiple free of ->uprobes_state.xol_area
crypto: algif_skcipher - only call put_page on referenced and used pages
i2c: ismt: Return EMSGSIZE for block reads with bogus length
i2c: ismt: Don't duplicate the receive length for block reads
irqchip: mips-gic: SYNC after enabling GIC region
ANDROID: fiq_debugger: Fix minor bug in code
ANDROID: configs: remove requirement for CONFIG_SYNC
FROMLIST: binder: fix an ret value override
FROMLIST: binder: fix memory corruption in binder_transaction binder
Linux 4.9.47
lz4: fix bogus gcc warning
scsi: sg: reset 'res_in_use' after unlinking reserved array
scsi: sg: protect accesses to 'reserved' page array
locking/spinlock/debug: Remove spinlock lockup detection code
arm64: fpsimd: Prevent registers leaking across exec
x86/io: Add "memory" clobber to insb/insw/insl/outsb/outsw/outsl
arm64: mm: abort uaccess retries upon fatal signal
kvm: arm/arm64: Fix race in resetting stage2 PGD
gcov: support GCC 7.1
staging: wilc1000: simplify vif[i]->ndev accesses
scsi: isci: avoid array subscript warning
p54: memset(0) whole array
FROMLIST: android: binder: Add page usage in binder stats
FROMLIST: android: binder: Add shrinker tracepoints
FROMLIST: android: binder: Add global lru shrinker to binder
FROMLIST: android: binder: Move buffer out of area shared with user space
FROMLIST: android: binder: Add allocator selftest
FROMLIST: android: binder: Refactor prev and next buffer into a helper function
android: android-base.config: enable IP6_NF_MATCH_RPFILTER
Linux 4.9.46
powerpc/mm: Ensure cpumask update is ordered
ACPI: EC: Fix regression related to wrong ECDT initialization order
ACPI / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal
ACPI: ioapic: Clear on-stack resource before using it
ntb: transport shouldn't disable link due to bogus values in SPADs
ntb: ntb_test: ensure the link is up before trying to configure the mws
ntb: no sleep in ntb_async_tx_submit
NTB: ntb_test: fix bug printing ntb_perf results
ntb_transport: fix bug calculating num_qps_mw
ntb_transport: fix qp count bug
Clarify (and fix) MAX_LFS_FILESIZE macros
staging: rtl8188eu: add RNX-N150NUB support
iio: hid-sensor-trigger: Fix the race with user space powering up sensors
iio: imu: adis16480: Fix acceleration scale factor for adis16480
ANDROID: binder: fix proc->tsk check.
binder: Use wake up hint for synchronous transactions.
binder: use group leader instead of open thread
Revert "android: binder: Sanity check at binder ioctl"
Bluetooth: bnep: fix possible might sleep error in bnep_session
Bluetooth: cmtp: fix possible might sleep error in cmtp_session
Bluetooth: hidp: fix possible might sleep error in hidp_session_thread
netfilter: nat: fix src map lookup
Revert "leds: handle suspend/resume in heartbeat trigger"
net: sunrpc: svcsock: fix NULL-pointer exception
x86/mm: Fix use-after-free of ldt_struct
timers: Fix excessive granularity of new timers after a nohz idle
perf/x86/intel/rapl: Make package handling more robust
perf probe: Fix --funcs to show correct symbols for offline module
perf/core: Fix group {cpu,task} validation
ftrace: Check for null ret_stack on profile function graph entry function
nfsd: Limit end of page list when decoding NFSv4 WRITE
cifs: return ENAMETOOLONG for overlong names in cifs_open()/cifs_lookup()
cifs: Fix df output for users with quota limits
kbuild: linker script do not match C names unless LD_DEAD_CODE_DATA_ELIMINATION is configured
tracing: Fix freeing of filter in create_filter() when set_str is false
tracing: Fix kmemleak in tracing_map_array_free()
tracing: Call clear_boot_tracer() at lateinit_sync
drm: rcar-du: Fix H/V sync signal polarity configuration
drm: rcar-du: Fix display timing controller parameter
drm: rcar-du: Fix crash in encoder failure error path
drm/atomic: If the atomic check fails, return its value first
drm: Release driver tracking before making the object available again
mm/memblock.c: reversed logic in memblock_discard()
fork: fix incorrect fput of ->exe_file causing use-after-free
mm/madvise.c: fix freeing of locked page with MADV_FREE
i2c: designware: Fix system suspend
mm, shmem: fix handling /sys/kernel/mm/transparent_hugepage/shmem_enabled
ARCv2: PAE40: Explicitly set MSB counterpart of SLC region ops addresses
ALSA: firewire: fix NULL pointer dereference when releasing uninitialized data of iso-resource
ALSA: hda - Add stereo mic quirk for Lenovo G50-70 (17aa:3978)
ALSA: core: Fix unexpected error at replacing user TLV
ALSA: usb-audio: Add delay quirk for H650e/Jabra 550a USB headsets
KVM: x86: block guest protection keys unless the host has them enabled
KVM: s390: sthyi: fix specification exception detection
KVM: s390: sthyi: fix sthyi inline assembly
Input: ALPS - fix two-finger scroll breakage in right side on ALPS touchpad
Input: elan_i2c - add ELAN0602 ACPI ID to support Lenovo Yoga310
Input: trackpoint - add new trackpoint firmware ID
bpf/verifier: fix min/max handling in BPF_SUB
bpf: fix mixed signed/unsigned derived min/max value bounds
bpf, verifier: fix alu ops against map_value{, _adj} register types
bpf: adjust verifier heuristics
bpf, verifier: add additional patterns to evaluate_reg_imm_alu
net_sched: fix order of queue length updates in qdisc_replace()
net: sched: fix NULL pointer dereference when action calls some targets
irda: do not leak initialized list.dev to userspace
net/mlx4_core: Enable 4K UAR if SRIOV module parameter is not enabled
tcp: when rearming RTO, if RTO time is in past then fire RTO ASAP
ipv6: repair fib6 tree in failure case
ipv6: reset fn->rr_ptr when replacing route
tipc: fix use-after-free
sctp: fully initialize the IPv6 address in sctp_v6_to_addr()
nfp: fix infinite loop on umapping cleanup
ipv4: better IP_MAX_MTU enforcement
ptr_ring: use kmalloc_array()
openvswitch: fix skb_panic due to the incorrect actions attrlen
bpf: fix bpf_trace_printk on 32 bit archs
net_sched: remove warning from qdisc_hash_add
net_sched/sfq: update hierarchical backlog when drop packet
ipv4: fix NULL dereference in free_fib_info_rcu()
dccp: defer ccid_hc_tx_delete() at dismantle time
dccp: purge write queue in dccp_destroy_sock()
af_key: do not use GFP_KERNEL in atomic contexts
sparc64: remove unnecessary log message
ANDROID: NFC: st21nfca: Fix memory OOB and leak issues in connectivity events handler
Linux 4.9.45
usb: qmi_wwan: add D-Link DWM-222 device ID
usb: optimize acpi companion search for usb port devices
pids: make task_tgid_nr_ns() safe
Sanitize 'move_pages()' permission checks
genirq/ipi: Fixup checks against nr_cpu_ids
genirq: Restore trigger settings in irq_modify_status()
irqchip/atmel-aic: Fix unbalanced refcount in aic_common_rtc_irq_fixup()
irqchip/atmel-aic: Fix unbalanced of_node_put() in aic_common_irq_fixup()
x86/asm/64: Clear AC on NMI entries
xen-blkfront: use a right index when checking requests
powerpc: Fix VSX enabling/flushing to also test MSR_FP and MSR_VEC
blk-mq-pci: add a fallback when pci_irq_get_affinity returns NULL
xen: fix bio vec merging
mm: revert x86_64 and arm64 ELF_ET_DYN_BASE base changes
mm/mempolicy: fix use after free when calling get_mempolicy
mm: fix double mmap_sem unlock on MMF_UNSTABLE enforced SIGBUS
mm: discard memblock data later
ALSA: usb-audio: Add mute TLV for playback volumes on C-Media devices
ALSA: usb-audio: Apply sample rate quirk to Sennheiser headset
ALSA: seq: 2nd attempt at fixing race creating a queue
Input: elan_i2c - Add antoher Lenovo ACPI ID for upcoming Lenovo NB
Input: elan_i2c - add ELAN0608 to the ACPI table
crypto: x86/sha1 - Fix reads beyond the number of blocks passed
crypto: ixp4xx - Fix error handling path in 'aead_perform()'
parisc: pci memory bar assignment fails with 64bit kernels on dino/cujo
audit: Fix use after free in audit_remove_watch_rule()
netfilter: nf_ct_ext: fix possible panic after nf_ct_extend_unregister
ANDROID: check dir value of xfrm_userpolicy_id
ANDROID: NFC: Fix possible memory corruption when handling SHDLC I-Frame commands
ANDROID: nfc: fdp: Fix possible buffer overflow in WCS4000 NFC driver
ANDROID: NFC: st21nfca: Fix out of bounds kernel access when handling ATR_REQ
ANDROID: usb: gadget: assign no-op request complete callbacks
ANDROID: usb: gadget: configfs: fix null ptr in android_disconnect
ANDROID: uid_sys_stats: Fix implicit declaration of get_cmdline()
uid_sys_stats: log task io with a debug flag
Linux 4.9.44
MIPS: DEC: Fix an int-handler.S CPU_DADDI_WORKAROUNDS regression
pinctrl: meson-gxbb: Add missing GPIODV_18 pin entry
pinctrl: samsung: Remove bogus irq_[un]mask from resource management
pinctrl: uniphier: fix WARN_ON() of pingroups dump on LD20
pinctrl: uniphier: fix WARN_ON() of pingroups dump on LD11
pinctrl: intel: merrifield: Correct UART pin lists
pinctrl: sunxi: add a missing function of A10/A20 pinctrl driver
pnfs/blocklayout: require 64-bit sector_t
iio: adc: vf610_adc: Fix VALT selection value for REFSEL bits
usb:xhci:Add quirk for Certain failing HP keyboard on reset after resume
usb: quirks: Add no-lpm quirk for Moshi USB to Ethernet Adapter
usb: core: unlink urbs from the tail of the endpoint's urb_list
USB: Check for dropped connection before switching to full speed
usb: renesas_usbhs: Fix UGCTRL2 value for R-Car Gen3
usb: gadget: udc: renesas_usb3: Fix usb_gadget_giveback_request() calling
uas: Add US_FL_IGNORE_RESIDUE for Initio Corporation INIC-3069
staging: comedi: comedi_fops: do not call blocking ops when !TASK_RUNNING
iio: light: tsl2563: use correct event code
iio: accel: bmc150: Always restore device to normal mode after suspend-resume
staging:iio:resolver:ad2s1210 fix negative IIO_ANGL_VEL read
USB: hcd: Mark secondary HCD as dead if the primary one died
usb: musb: fix tx fifo flush handling again
USB: serial: pl2303: add new ATEN device id
USB: serial: cp210x: add support for Qivicon USB ZigBee dongle
USB: serial: option: add D-Link DWM-222 device ID
drm/i915: Fix out-of-bounds array access in bdw_load_gamma_lut
drm/etnaviv: Fix off-by-one error in reloc checking
nfs/flexfiles: fix leak of nfs4_ff_ds_version arrays
mmc: mmc: correct the logic for setting HS400ES signal voltage
nand: fix wrong default oob layout for small pages using soft ecc
fuse: initialize the flock flag in fuse_file on allocation
target: Fix node_acl demo-mode + uncached dynamic shutdown regression
iscsi-target: Fix iscsi_np reset hung task during parallel delete
iscsi-target: fix memory leak in iscsit_setup_text_cmd()
mtd: nand: Fix timing setup for NANDs that do not support SET FEATURES
xtensa: don't limit csum_partial export by CONFIG_NET
xtensa: mm/cache: add missing EXPORT_SYMBOLs
xtensa: fix cache aliasing handling code for WT cache
futex: Remove unnecessary warning from get_futex_key
mm: fix list corruptions on shmem shrinklist
mm: ratelimit PFNs busy info message
ANDROID: Use sk_uid to replace uid get from socket file
Linux 4.9.43
Revert "ARM: dts: sun8i: Support DTB build for NanoPi M1"
KVM: arm/arm64: Handle hva aging while destroying the vm
sparc64: Prevent perf from running during super critical sections
udp: consistently apply ufo or fragmentation
revert "ipv4: Should use consistent conditional judgement for ip fragment in __ip_append_data and ip_finish_output"
revert "net: account for current skb length when deciding about UFO"
packet: fix tp_reserve race in packet_set_ring
igmp: Fix regression caused by igmp sysctl namespace code.
net: avoid skb_warn_bad_offload false positives on UFO
tcp: fastopen: tcp_connect() must refresh the route
net: sched: set xt_tgchk_param par.nft_compat as 0 in ipt_init_target
net/mlx4_en: don't set CHECKSUM_COMPLETE on SCTP packets
bpf, s390: fix jit branch offset related to ldimm64
net: fix keepalive code vs TCP_FASTOPEN_CONNECT
tcp: avoid setting cwnd to invalid ssthresh after cwnd reduction states
ppp: fix xmit recursion detection on ppp channels
ppp: Fix false xmit recursion detect with two ppp devices
Linux 4.9.42
workqueue: implicit ordered attribute should be overridable
net: phy: Fix PHY unbind crash
net: account for current skb length when deciding about UFO
ipv4: Should use consistent conditional judgement for ip fragment in __ip_append_data and ip_finish_output
net/mlx5: E-Switch, Re-enable RoCE on mode change only after FDB destroy
mm: don't dereference struct page fields of invalid pages
signal: protect SIGNAL_UNKILLABLE from unintentional clearing.
lib/Kconfig.debug: fix frv build failure
mm, slab: make sure that KMALLOC_MAX_SIZE will fit into MAX_ORDER
ARM: 8632/1: ftrace: fix syscall name matching
virtio_blk: fix panic in initialization error path
nbd: blk_mq_init_queue returns an error code on failure, not NULL
iw_cxgb4: do not send RX_DATA_ACK CPLs after close/abort
ARM: dts: sunxi: Change node name for pwrseq pin on Olinuxino-lime2-emmc
ARM: dts: sun8i: Support DTB build for NanoPi M1
drm/virtio: fix framebuffer sparse warning
scsi: qla2xxx: Get mutex lock before checking optrom_state
clk/samsung: exynos542x: mark some clocks as critical
ipv4: make tcp_notsent_lowat sysctl knob behave as true unsigned int
phy state machine: failsafe leave invalid RUNNING state
netfilter: use fwmark_reflect in nf_send_reset
ASoC: rt5645: set sel_i2s_pre_div1 to 2
spi: spi-axi: Free resources on error path
x86/boot: Add missing declaration of string functions
tg3: Fix race condition in tg3_get_stats64().
net: phy: dp83867: fix irq generation
sh_eth: R8A7740 supports packet shecksumming
sh_eth: fix EESIPR values for SH77{34|63}
wext: handle NULL extra data in iwe_stream_add_point better
sparc64: Fix exception handling in UltraSPARC-III memcpy.
sparc64: Measure receiver forward progress to avoid send mondo timeout
xen-netback: correctly schedule rate-limited queues
net: phy: Correctly process PHY_HALTED in phy_stop_machine()
net/mlx5e: Schedule overflow check work to mlx5e workqueue
net/mlx5e: Fix wrong delay calculation for overflow check scheduling
net/mlx5e: Fix outer_header_zero() check size
net/mlx5: Fix command bad flow on command entry allocation failure
net/mlx5: Consider tx_enabled in all modes on remap
sctp: fix the check for _sctp_walk_params and _sctp_walk_errors
sctp: don't dereference ptr before leaving _sctp_walk_{params, errors}()
dccp: fix a memleak for dccp_feat_init err process
dccp: fix a memleak that dccp_ipv4 doesn't put reqsk properly
dccp: fix a memleak that dccp_ipv6 doesn't put reqsk properly
net: ethernet: nb8800: Handle all 4 RGMII modes identically
ipv6: Don't increase IPSTATS_MIB_FRAGFAILS twice in ip6_fragment()
packet: fix use-after-free in prb_retire_rx_blk_timer_expired()
openvswitch: fix potential out of bound access in parse_ct
mcs7780: Fix initialization when CONFIG_VMAP_STACK is enabled
rtnetlink: allocate more memory for dev_set_mac_address()
ipv4: initialize fib_trie prior to register_netdev_notifier call.
net: dsa: b53: Add missing ARL entries for BCM53125
ipv6: avoid overflow of offset in ip6_find_1stfragopt
net: Zero terminate ifr_name in dev_ifname().
ipv4: ipv6: initialize treq->txhash in cookie_v[46]_check()
tcp_bbr: init pacing rate on first RTT sample
tcp_bbr: remove sk_pacing_rate=0 transient during init
tcp_bbr: introduce bbr_init_pacing_rate_from_rtt() helper
tcp_bbr: introduce bbr_bw_to_pacing_rate() helper
tcp_bbr: cut pacing rate only if filled pipe
saa7164: fix double fetch PCIe access condition
Btrfs: fix early ENOSPC due to delalloc
f2fs: sanity check checkpoint segno and blkoff
media: lirc: LIRC_GET_REC_RESOLUTION should return microseconds
mmc: core: Use device_property_read instead of of_property_read
mmc: dw_mmc: Use device_property_read instead of of_property_read
iscsi-target: Fix initial login PDU asynchronous socket close OOPs
media: platform: davinci: return -EINVAL for VPFE_CMD_S_CCDC_RAW_PARAMS ioctl
ARM: dts: tango4: Request RGMII RX and TX clock delays
ARM: dts: armada-38x: Fix irq type for pca955
ext4: fix overflow caused by missing cast in ext4_resize_fs()
ext4: fix SEEK_HOLE/SEEK_DATA for blocksize < pagesize
gpiolib: skip unwanted events, don't convert them to opposite edge
iommu/amd: Enable ga_log_intr when enabling guest_mode
powerpc/64: Fix __check_irq_replay missing decrementer interrupt
powerpc/tm: Fix saving of TM SPRs in core dump
timers: Fix overflow in get_next_timer_interrupt
mm/page_alloc: Remove kernel address exposure in free_reserved_area()
KVM: async_pf: make rcu irq exit if not triggered from idle task
ASoC: do not close shared backend dailink
drm/amdgpu: Fix undue fallthroughs in golden registers initialization
ALSA: hda - Fix speaker output from VAIO VPCL14M1R
cpuset: fix a deadlock due to incomplete patching of cpusets_enabled()
mm, mprotect: flush TLB if potentially racing with a parallel reclaim leaving stale TLB entries
mmc: core: Fix access to HS400-ES devices
device property: Make dev_fwnode() public
mmc: sdhci-of-at91: force card detect value for non removable devices
NFSv4: Fix EXCHANGE_ID corrupt verifier issue
brcmfmac: fix memleak due to calling brcmf_sdiod_sgtable_alloc() twice
iwlwifi: dvm: prevent an out of bounds access
workqueue: restore WQ_UNBOUND/max_active==1 to be ordered
libata: array underflow in ata_find_dev()
cgroup: fix error return value from cgroup_subtree_control()
cgroup: create dfl_root files on subsys registration
parisc: Handle vma's whose context is not current in flush_cache_range
ANDROID: binder: don't queue async transactions to thread.
ANDROID: binder: don't enqueue death notifications to thread todo.
ANDROID: binder: call poll_wait() unconditionally.
ANDROID: keychord: Fix for a memory leak in keychord.
ANDROID: keychord: Fix races in keychord_write.
android: configs: move quota-related configs to recommended
ANDROID: sdcardfs: override credential for ioctl to lower fs
ANDROID: xt_qtaguid: handle properly request sockets
Conflicts:
drivers/staging/android/fiq_debugger/fiq_debugger.c
include/linux/sched.h
kernel/locking/spinlock_debug.c
sound/soc/soc-pcm.c
Change-Id: I163a8c98f1737eeb01b9c8a0636a91d552ef349f
Signed-off-by: Kyle Yan <kyan@codeaurora.org>
|
||
|
Kyle Yan
|
e2486b7abe |
Merge remote-tracking branch '4.9/tmp-e6b0c64f' into 4.9
* 4.9/tmp-e6b0c64f:
Linux 4.9.41
ASoC: dpcm: Avoid putting stream state to STOP when FE stream is paused
ASoC: Intel: Skylake: Release FW ctx in cleanup
scsi: bfa: Increase requested firmware version to 3.2.5.1
scsi: snic: Return error code on memory allocation failure
scsi: fnic: Avoid sending reset to firmware when another reset is in progress
HID: ignore Petzl USB headlamp
ASoC: Intel: bytcr-rt5640: fix settings in internal clock mode
perf/x86: Set pmu->module in Intel PMU modules
x86/platform/intel-mid: Rename 'spidev' to 'mrfld_spidev'
ALSA: usb-audio: test EP_FLAG_RUNNING at urb completion
ARCv2: IRQ: Call entry/exit functions for chained handlers in MCIP
sh_eth: enable RX descriptor word 0 shift on SH7734
ASoC: fsl_ssi: set fifo watermark to more reliable value
net: usb: asix_devices: add .reset_resume for USB PM
nvmem: imx-ocotp: Fix wrong register size
arm64: mm: fix show_pte KERN_CONT fallout
vfio-pci: Handle error from pci_iomap
video: fbdev: cobalt_lcdfb: Handle return NULL error from devm_ioremap
perf symbols: Robustify reading of build-id from sysfs
perf tools: Install tools/lib/traceevent plugins with install-bin
xfrm: Don't use sk_family for socket policy lookups
tools lib traceevent: Fix prev/next_prio for deadline tasks
Xen: ARM: Zero reserved fields of xatp before making hypervisor call
Btrfs: adjust outstanding_extents counter properly when dio write is split
benet: stricter vxlan offloading check in be_features_check
Btrfs: fix lockdep warning about log_mutex
Btrfs: use down_read_nested to make lockdep silent
usb: gadget: Fix copy/pasted error message
ACPI / scan: Prefer devices without _HID/_CID for _ADR matching
ARM: s3c2410_defconfig: Fix invalid values for NF_CT_PROTO_*
perf probe: Fix to get correct modname from elf header
ARM64: zynqmp: Fix i2c node's compatible string
ARM64: zynqmp: Fix W=1 dtc 1.4 warnings
usb: dwc3: omap: fix race of pm runtime with irq handler in probe
dmaengine: ti-dma-crossbar: Add some 'of_node_put()' in error path.
l2tp: consider '::' as wildcard address in l2tp_ip6 socket lookup
dmaengine: ioatdma: workaround SKX ioatdma version
dmaengine: ioatdma: Add Skylake PCI Dev ID
openrisc: Add _text symbol to fix ksym build error
irqchip/mxs: Enable SKIP_SET_WAKE and MASK_ON_SUSPEND
ASoC: nau8825: fix invalid configuration in Pre-Scalar of FLL
spi: dw: Make debugfs name unique between instances
ASoC: tlv320aic3x: Mark the RESET register as volatile
irqchip/keystone: Fix "scheduling while atomic" on rt
vfio-pci: use 32-bit comparisons for register address for gcc-4.5
drm/msm: Verify that MSM_SUBMIT_BO_FLAGS are set
drm/msm: Put back the vaddr in submit_reloc()
drm/msm: Ensure that the hardware write pointer is valid
net/mlx4_core: Fix raw qp flow steering rules under SRIOV
net/mlx4: Remove BUG_ON from ICM allocation routine
net/mlx4_core: Use-after-free causes a resource leak in flow-steering detach
ipv6: Should use consistent conditional judgement for ip6 fragment between __ip6_append_data and ip6_finish_output
net/mlx5: Disable RoCE on the e-switch management port under switchdev mode
ARM: dts: n900: Mark eMMC slot with no-sdio and no-sd flags
ARM: dts: am57xx-idk: Put USB2 port in peripheral mode
dt-bindings: input: Specify the interrupt number of TPS65217 power button
dt-bindings: power/supply: Update TPS65217 properties
ARM: omap2+: fixing wrong strcat for Non-NULL terminated string
r8169: add support for RTL8168 series add-on card.
x86/mce/AMD: Make the init code more robust
device-dax: fix sysfs duplicate warnings
net: skb_needs_check() accepts CHECKSUM_NONE for tx
pstore: Use dynamic spinlock initializer
pstore: Correctly initialize spinlock and flags
pstore: Allow prz to control need for locking
v4l: s5c73m3: fix negation operator
dentry name snapshots
ipmi/watchdog: fix watchdog timeout set on reboot
RDMA/uverbs: Fix the check for port number
sched/cgroup: Move sched_online_group() back into css_online() to fix crash
mailbox: handle empty message in tx_tick
mailbox: skip complete wait event if timer expired
mailbox: always wait in mbox_send_message for blocking Tx mode
wil6210: fix deadlock when using fw_no_recovery option
ath10k: fix null deref on wmi-tlv when trying spectral scan
isdn/i4l: fix buffer overflow
isdn: Fix a sleep-in-atomic bug
net: phy: Do not perform software reset for Generic PHY
nfc: fdp: fix NULL pointer dereference
nfc: Fix hangup of RC-S380* in port100_send_ack()
smp/hotplug: Replace BUG_ON and react useful
smp/hotplug: Move unparking of percpu threads to the control CPU
drm: rcar-du: Simplify and fix probe error handling
Staging: comedi: comedi_fops: Avoid orphaned proc entry
Revert "powerpc/numa: Fix percpu allocations to be NUMA aware"
KVM: PPC: Book3S HV: Save/restore host values of debug registers
KVM: PPC: Book3S HV: Restore critical SPRs to host values on guest exit
drm/nouveau/bar/gf100: fix access to upper half of BAR2
drm/nouveau/disp/nv50-: bump max chans to 21
drm/vmwgfx: Fix gcc-7.1.1 warning
md/raid5: add thread_group worker async_tx_issue_pending_all
KVM: PPC: Book3S HV: Enable TM before accessing TM registers
crypto: authencesn - Fix digest_null crash
NFSv4.1: Fix a race where CB_NOTIFY_LOCK fails to wake a waiter
NFS: invalidate file size when taking a lock.
powerpc/pseries: Fix of_node_put() underflow during reconfig remove
parisc: Suspend lockup detectors before system halt
parisc: Extend disabled preemption in copy_user_page
parisc: Prevent TLB speculation on flushed pages on CPUs that only support equivalent aliases
ALSA: hda - Add missing NVIDIA GPU codec IDs to patch table
ALSA: fm801: Initialize chip after IRQ handler is registered
jfs: Don't clear SGID when inheriting ACLs
net: reduce skb_warn_bad_offload() noise
pstore: Make spinlock per zone instead of global
af_key: Add lock to key dump
ANDROID: sched/fair: Add a backup_cpu to find_best_target
ANDROID: sched/fair: Try to estimate possible idle states.
ANDROID: sched/fair: Sync task util before EAS wakeup
ANDROID: Revert "sched/fair: ensure utilization signals are synchronized before use"
ANDROID: sched/fair: kick nohz idle balance for misfit task
ANDROID: sched/fair: Update signals of nohz cpus if we are going idle
ANDROID: events: add tracepoint for find_best_target
ANDROID: sched/fair: streamline find_best_target heuristics
UPSTREAM: cpufreq: schedutil: Trace frequency only if it has changed
UPSTREAM: cpufreq: schedutil: Avoid reducing frequency of busy CPUs prematurely
UPSTREAM: cpufreq: schedutil: Refactor sugov_next_freq_shared()
UPSTREAM: cpufreq: schedutil: Pass sg_policy to get_next_freq()
UPSTREAM: cpufreq: schedutil: Rectify comment in sugov_irq_work() function
UPSTREAM: cpufreq: schedutil: irq-work and mutex are only used in slow path
UPSTREAM: cpufreq: schedutil: enable fast switch earlier
UPSTREAM: cpufreq: schedutil: Avoid indented labels
ANDROID: sched/{fair,tune}: simplify fair.c code
ANDROID: FIXUP: sched/tune: update accouting before CPU capacity
ANDROID: sched: walt: fix window misalignment when HZ=300
ANDROID: sched/fair: Remove remnants of commit
|
||
|
Willem de Bruijn
|
69ffc9644f |
net: avoid skb_warn_bad_offload false positives on UFO
[ Upstream commit 8d63bee643f1fb53e472f0e135cae4eb99d62d19 ]
skb_warn_bad_offload triggers a warning when an skb enters the GSO
stack at __skb_gso_segment that does not have CHECKSUM_PARTIAL
checksum offload set.
Commit b2504a5dbef3 ("net: reduce skb_warn_bad_offload() noise")
observed that SKB_GSO_DODGY producers can trigger the check and
that passing those packets through the GSO handlers will fix it
up. But, the software UFO handler will set ip_summed to
CHECKSUM_NONE.
When __skb_gso_segment is called from the receive path, this
triggers the warning again.
Make UFO set CHECKSUM_UNNECESSARY instead of CHECKSUM_NONE. On
Tx these two are equivalent. On Rx, this better matches the
skb state (checksum computed), as CHECKSUM_NONE here means no
checksum computed.
See also this thread for context:
http://patchwork.ozlabs.org/patch/799015/
Fixes: b2504a5dbef3 ("net: reduce skb_warn_bad_offload() noise")
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Eric Dumazet
|
48a70be0de |
net: skb_needs_check() accepts CHECKSUM_NONE for tx
commit 6e7bc478c9a006c701c14476ec9d389a484b4864 upstream.
My recent change missed fact that UFO would perform a complete
UDP checksum before segmenting in frags.
In this case skb->ip_summed is set to CHECKSUM_NONE.
We need to add this valid case to skb_needs_check()
Fixes: b2504a5dbef3 ("net: reduce skb_warn_bad_offload() noise")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Eric Dumazet
|
26d01aa8a1 |
net: reduce skb_warn_bad_offload() noise
commit b2504a5dbef3305ef41988ad270b0e8ec289331c upstream. Dmitry reported warnings occurring in __skb_gso_segment() [1] All SKB_GSO_DODGY producers can allow user space to feed packets that trigger the current check. We could prevent them from doing so, rejecting packets, but this might add regressions to existing programs. It turns out our SKB_GSO_DODGY handlers properly set up checksum information that is needed anyway when packets needs to be segmented. By checking again skb_needs_check() after skb_mac_gso_segment(), we should remove these pesky warnings, at a very minor cost. With help from Willem de Bruijn [1] WARNING: CPU: 1 PID: 6768 at net/core/dev.c:2439 skb_warn_bad_offload+0x2af/0x390 net/core/dev.c:2434 lo: caps=(0x000000a2803b7c69, 0x0000000000000000) len=138 data_len=0 gso_size=15883 gso_type=4 ip_summed=0 Kernel panic - not syncing: panic_on_warn set ... CPU: 1 PID: 6768 Comm: syz-executor1 Not tainted 4.9.0 #5 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801c063ecd8 ffffffff82346bdf ffffffff00000001 1ffff100380c7d2e ffffed00380c7d26 0000000041b58ab3 ffffffff84b37e38 ffffffff823468f1 ffffffff84820740 ffffffff84f289c0 dffffc0000000000 ffff8801c063ee20 Call Trace: [<ffffffff82346bdf>] __dump_stack lib/dump_stack.c:15 [inline] [<ffffffff82346bdf>] dump_stack+0x2ee/0x3ef lib/dump_stack.c:51 [<ffffffff81827e34>] panic+0x1fb/0x412 kernel/panic.c:179 [<ffffffff8141f704>] __warn+0x1c4/0x1e0 kernel/panic.c:542 [<ffffffff8141f7e5>] warn_slowpath_fmt+0xc5/0x100 kernel/panic.c:565 [<ffffffff8356cbaf>] skb_warn_bad_offload+0x2af/0x390 net/core/dev.c:2434 [<ffffffff83585cd2>] __skb_gso_segment+0x482/0x780 net/core/dev.c:2706 [<ffffffff83586f19>] skb_gso_segment include/linux/netdevice.h:3985 [inline] [<ffffffff83586f19>] validate_xmit_skb+0x5c9/0xc20 net/core/dev.c:2969 [<ffffffff835892bb>] __dev_queue_xmit+0xe6b/0x1e70 net/core/dev.c:3383 [<ffffffff8358a2d7>] dev_queue_xmit+0x17/0x20 net/core/dev.c:3424 [<ffffffff83ad161d>] packet_snd net/packet/af_packet.c:2930 [inline] [<ffffffff83ad161d>] packet_sendmsg+0x32ed/0x4d30 net/packet/af_packet.c:2955 [<ffffffff834f0aaa>] sock_sendmsg_nosec net/socket.c:621 [inline] [<ffffffff834f0aaa>] sock_sendmsg+0xca/0x110 net/socket.c:631 [<ffffffff834f329a>] ___sys_sendmsg+0x8fa/0x9f0 net/socket.c:1954 [<ffffffff834f5e58>] __sys_sendmsg+0x138/0x300 net/socket.c:1988 [<ffffffff834f604d>] SYSC_sendmsg net/socket.c:1999 [inline] [<ffffffff834f604d>] SyS_sendmsg+0x2d/0x50 net/socket.c:1995 [<ffffffff84371941>] entry_SYSCALL_64_fastpath+0x1f/0xc2 Signed-off-by: Eric Dumazet <edumazet@google.com> Reported-by: Dmitry Vyukov <dvyukov@google.com> Cc: Willem de Bruijn <willemb@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> Cc: Mark Salyzyn <salyzyn@android.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Kyle Yan
|
3dfb68c8ba |
Merge remote-tracking branch '4.9/tmp-9ae2c67' into 4.9
* 4.9/tmp-9ae2c67:
Linux 4.9.40
alarmtimer: don't rate limit one-shot timers
tracing: Fix kmemleak in instance_rmdir
PM / Domains: defer dev_pm_domain_set() until genpd->attach_dev succeeds if present
reiserfs: Don't clear SGID when inheriting ACLs
spmi: Include OF based modalias in device uevent
of: device: Export of_device_{get_modalias, uvent_modalias} to modules
acpi/nfit: Fix memory corruption/Unregister mce decoder on failure
ovl: fix random return value on mount
hfsplus: Don't clear SGID when inheriting ACLs
mlx5: Avoid that mlx5_ib_sg_to_klms() overflows the klms[] array
drm/mst: Avoid processing partially received up/down message transactions
drm/mst: Avoid dereferencing a NULL mstb in drm_dp_mst_handle_up_req()
drm/mst: Fix error handling during MST sideband message reception
RDMA/core: Initialize port_num in qp_attr
ceph: fix race in concurrent readdir
staging: lustre: ko2iblnd: check copy_from_iter/copy_to_iter return code
staging: sm750fb: avoid conflicting vesafb
staging: comedi: ni_mio_common: fix AO timer off-by-one regression
staging: rtl8188eu: add TL-WN722N v2 support
Revert "perf/core: Drop kernel samples even though :u is specified"
perf annotate: Fix broken arrow at row 0 connecting jmp instruction to its target
iser-target: Avoid isert_conn->cm_id dereference in isert_login_recv_done
target: Fix COMPARE_AND_WRITE caw_sem leak during se_cmd quiesce
udf: Fix deadlock between writeback and udf_setsize()
NFS: only invalidate dentrys that are clearly invalid.
sunrpc: use constant time memory comparison for mac
IB/core: Namespace is mandatory input for address resolution
IB/iser: Fix connection teardown race condition
Input: i8042 - fix crash at boot time
MIPS: Fix a typo: s/preset/present/ in r2-to-r6 emulation error message
MIPS: Send SIGILL for R6 branches in `__compute_return_epc_for_insn'
MIPS: Send SIGILL for linked branches in `__compute_return_epc_for_insn'
MIPS: Rename `sigill_r6' to `sigill_r2r6' in `__compute_return_epc_for_insn'
MIPS: Send SIGILL for BPOSGE32 in `__compute_return_epc_for_insn'
MIPS: math-emu: Prevent wrong ISA mode instruction emulation
MIPS: Fix unaligned PC interpretation in `compute_return_epc'
MIPS: Actually decode JALX in `__compute_return_epc_for_insn'
MIPS: Save static registers before sysmips
MIPS: Fix MIPS I ISA /proc/cpuinfo reporting
x86/ioapic: Pass the correct data to unmask_ioapic_irq()
x86/acpi: Prevent out of bound access caused by broken ACPI tables
Revert "ACPI / EC: Enable event freeze mode..." to fix a regression
ACPI / EC: Drop EC noirq hooks to fix a regression
ubifs: Don't leak kernel memory to the MTD
MIPS: Negate error syscall return in trace
MIPS: Fix mips_atomic_set() with EVA
MIPS: Fix mips_atomic_set() retry condition
ftrace: Fix uninitialized variable in match_records()
nvme-rdma: remove race conditions from IB signalling
vfio: New external user group/file match
vfio: Fix group release deadlock
ovl: drop CAP_SYS_RESOURCE from saved mounter's credentials
drm/ttm: Fix use-after-free in ttm_bo_clean_mm
f2fs: Don't clear SGID when inheriting ACLs
f2fs: sanity check size of nat and sit cache
xfs: Don't clear SGID when inheriting ACLs
ipmi:ssif: Add missing unlock in error branch
ipmi: use rcu lock around call to intf->handlers->sender()
drm/radeon: Fix eDP for single-display iMac10,1 (v2)
drm/radeon/ci: disable mclk switching for high refresh rates (v2)
drm/amd/amdgpu: Return error if initiating read out of range on vram
s390/syscalls: Fix out of bounds arguments access
Raid5 should update rdev->sectors after reshape
ext2: Don't clear SGID when inheriting ACLs
libnvdimm: fix badblock range handling of ARS range
libnvdimm, btt: fix btt_rw_page not returning errors
cx88: Fix regression in initial video standard setting
x86/xen: allow userspace access during hypercalls
md: don't use flush_signals in userspace processes
usb: renesas_usbhs: gadget: disable all eps when the driver stops
usb: renesas_usbhs: fix usbhsc_resume() for !USBHSF_RUNTIME_PWCTRL
USB: cdc-acm: add device-id for quirky printer
usb: storage: return on error to avoid a null pointer dereference
mxl111sf: Fix driver to use heap allocate buffers for USB messages
xhci: Bad Ethernet performance plugged in ASM1042A host
xhci: Fix NULL pointer dereference when cleaning up streams for removed host
xhci: fix 20000ms port resume timeout
ipvs: SNAT packet replies only for NATed connections
PCI/PM: Restore the status of PCI devices across hibernation
PCI: rockchip: Use normal register bank for config accessors
PCI: Work around poweroff & suspend-to-RAM issue on Macbook Pro 11
af_key: Fix sadb_x_ipsecrequest parsing
powerpc/mm/radix: Properly clear process table entry
powerpc/asm: Mark cr0 as clobbered in mftb()
powerpc: Fix emulation of mfocrf in emulate_step()
powerpc: Fix emulation of mcrf in emulate_step()
powerpc/64: Fix atomic64_inc_not_zero() to return an int
powerpc/pseries: Fix passing of pp0 in updatepp() and updateboltedpp()
xen/scsiback: Fix a TMR related use-after-free
iscsi-target: Add login_keys_workaround attribute for non RFC initiators
scsi: Add STARGET_CREATED_REMOVE state to scsi_target_state
scsi: ses: do not add a device to an enclosure if enclosure_add_links() fails.
PM / Domains: Fix unsafe iteration over modified list of domains
PM / Domains: Fix unsafe iteration over modified list of domain providers
PM / Domains: Fix unsafe iteration over modified list of device links
ASoC: compress: Derive substream from stream based on direction
igb: Explicitly select page 0 at initialization
btrfs: Don't clear SGID when inheriting ACLs
wlcore: fix 64K page support
Bluetooth: use constant time memory comparison for secret values
perf intel-pt: Clear FUP flag on error
perf intel-pt: Use FUP always when scanning for an IP
perf intel-pt: Ensure never to set 'last_ip' when packet 'count' is zero
perf intel-pt: Fix last_ip usage
perf intel-pt: Ensure IP is zero when state is INTEL_PT_STATE_NO_IP
perf intel-pt: Fix missing stack clear
perf intel-pt: Improve sample timestamp
perf intel-pt: Move decoder error setting into one condition
NFC: Add sockaddr length checks before accessing sa_family in bind handlers
nfc: Fix the sockaddr length sanitization in llcp_sock_connect
nfc: Ensure presence of required attributes in the activate_target handler
NFC: nfcmrvl: fix firmware-management initialisation
NFC: nfcmrvl: use nfc-device for firmware download
NFC: nfcmrvl: do not use device-managed resources
NFC: nfcmrvl_uart: add missing tty-device sanity check
NFC: fix broken device allocation
ath9k: fix an invalid pointer dereference in ath9k_rng_stop()
ath9k: fix tx99 bus error
ath9k: fix tx99 use after free
thermal: cpu_cooling: Avoid accessing potentially freed structures
thermal: max77620: fix device-node reference imbalance
s5p-jpeg: don't return a random width/height
dm mpath: cleanup -Wbool-operation warning in choose_pgpath()
ir-core: fix gcc-7 warning on bool arithmetic
disable new gcc-7.1.1 warnings for now
Use %zu to print resid (size_t).
ANDROID: keychord: Fix a slab out-of-bounds read.
UPSTREAM: af_key: Fix sadb_x_ipsecrequest parsing
ANDROID: lowmemorykiller: Add tgid to kill message
Revert "ANDROID: proc: smaps: Allow smaps access for CAP_SYS_RESOURCE"
4.9.39
kvm: vmx: allow host to access guest MSR_IA32_BNDCFGS
kvm: vmx: Check value written to IA32_BNDCFGS
kvm: x86: Guest BNDCFGS requires guest MPX support
kvm: vmx: Do not disable intercepts for BNDCFGS
tracing: Use SOFTIRQ_OFFSET for softirq dectection for more accurate results
PM / QoS: return -EINVAL for bogus strings
PM / wakeirq: Convert to SRCU
sched/topology: Fix overlapping sched_group_mask
sched/topology: Optimize build_group_mask()
sched/topology: Fix building of overlapping sched-groups
sched/fair, cpumask: Export for_each_cpu_wrap()
Revert "sched/core: Optimize SCHED_SMT"
crypto: caam - fix signals handling
crypto: caam - properly set IV after {en,de}crypt
crypto: sha1-ssse3 - Disable avx2
crypto: atmel - only treat EBUSY as transient if backlog
crypto: talitos - Extend max key length for SHA384/512-HMAC and AEAD
mm: fix overflow check in expand_upwards()
selftests/capabilities: Fix the test_execve test
mnt: Make propagate_umount less slow for overlapping mount propagation trees
mnt: In propgate_umount handle visiting mounts in any order
mnt: In umount propagation reparent in a separate pass
nvmem: core: fix leaks on registration errors
rcu: Add memory barriers for NOCB leader wakeup
vt: fix unchecked __put_user() in tioclinux ioctls
ARM64: dts: marvell: armada37xx: Fix timer interrupt specifiers
exec: Limit arg stack to at most 75% of _STK_LIM
s390: reduce ELF_ET_DYN_BASE
powerpc: move ELF_ET_DYN_BASE to 4GB / 4MB
arm64: move ELF_ET_DYN_BASE to 4GB / 4MB
arm: move ELF_ET_DYN_BASE to 4MB
binfmt_elf: use ELF_ET_DYN_BASE only for PIE
checkpatch: silence perl 5.26.0 unescaped left brace warnings
fs/dcache.c: fix spin lockup issue on nlru->lock
mm/list_lru.c: fix list_lru_count_node() to be race free
kernel/extable.c: mark core_kernel_text notrace
thp, mm: fix crash due race in MADV_FREE handling
tools/lib/lockdep: Reduce MAX_LOCK_DEPTH to avoid overflowing lock_chain/: Depth
parisc/mm: Ensure IRQs are off in switch_mm()
parisc: DMA API: return error instead of BUG_ON for dma ops on non dma devs
parisc: use compat_sys_keyctl()
parisc: Report SIGSEGV instead of SIGBUS when running out of stack
irqchip/gic-v3: Fix out-of-bound access in gic_set_affinity
cfg80211: Check if NAN service ID is of expected size
cfg80211: Check if PMKID attribute is of expected size
cfg80211: Validate frequencies nested in NL80211_ATTR_SCAN_FREQUENCIES
cfg80211: Define nla_policy for NL80211_ATTR_LOCAL_MESH_POWER_MODE
sfc: don't read beyond unicast address list
brcmfmac: Fix glom_skb leak in brcmf_sdiod_recv_chain
brcmfmac: Fix a memory leak in error handling path in 'brcmf_cfg80211_attach'
brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()
rds: tcp: use sock_create_lite() to create the accept socket
vrf: fix bug_on triggered by rx when destroying a vrf
net: ipv6: Compare lwstate in detecting duplicate nexthops
net: core: Fix slab-out-of-bounds in netdev_stats_to_stats64
vxlan: fix hlist corruption
ipv6: dad: don't remove dynamic addresses if link is down
net/mlx5e: Fix TX carrier errors report in get stats ndo
liquidio: fix bug in soft reset failure detection
net/mlx5: Cancel delayed recovery work when unloading the driver
net: handle NAPI_GRO_FREE_STOLEN_HEAD case also in napi_frags_finish()
bpf: prevent leaking pointer via xadd on unpriviledged
rocker: move dereference before free
bridge: mdb: fix leak on complete_info ptr on fail path
net: prevent sign extension in dev_get_stats()
tcp: reset sk_rx_dst in tcp_disconnect()
net: dp83640: Avoid NULL pointer dereference.
ipv6: avoid unregistering inet6_dev for loopback
net/phy: micrel: configure intterupts after autoneg workaround
net: sched: Fix one possible panic when no destroy callback
net_sched: fix error recovery at qdisc creation
xen-netfront: Rework the fix for Rx stall during OOM and network stress
ANDROID: android-verity: mark dev as rw for linear target
ANDROID: sdcardfs: Remove unnecessary lock
ANDROID: binder: don't check prio permissions on restore.
Add BINDER_GET_NODE_DEBUG_INFO ioctl
ANDROID: binder: add RT inheritance flag to node.
ANDROID: binder: improve priority inheritance.
ANDROID: binder: add min sched_policy to node.
ANDROID: binder: add support for RT prio inheritance.
ANDROID: binder: push new transactions to waiting threads.
ANDROID: binder: remove proc waitqueue
Conflicts:
drivers/staging/android/lowmemorykiller.c
Change-Id: I2954e47d7e4fc74cf9bb5033fc151537958b78af
Signed-off-by: Kyle Yan <kyan@codeaurora.org>
|
||
|
Alban Browaeys
|
05e165e9bc |
net: core: Fix slab-out-of-bounds in netdev_stats_to_stats64
commit 9af9959e142c274f4a30fefb71d97d2b028b337f upstream.
commit
|
||
|
Michal Kubeček
|
067328078d |
net: handle NAPI_GRO_FREE_STOLEN_HEAD case also in napi_frags_finish()
commit e44699d2c28067f69698ccb68dd3ddeacfebc434 upstream.
Recently I started seeing warnings about pages with refcount -1. The
problem was traced to packets being reused after their head was merged into
a GRO packet by skb_gro_receive(). While bisecting the issue pointed to
commit c21b48cc1bbf ("net: adjust skb->truesize in ___pskb_trim()") and
I have never seen it on a kernel with it reverted, I believe the real
problem appeared earlier when the option to merge head frag in GRO was
implemented.
Handling NAPI_GRO_FREE_STOLEN_HEAD state was only added to GRO_MERGED_FREE
branch of napi_skb_finish() so that if the driver uses napi_gro_frags()
and head is merged (which in my case happens after the skb_condense()
call added by the commit mentioned above), the skb is reused including the
head that has been merged. As a result, we release the page reference
twice and eventually end up with negative page refcount.
To fix the problem, handle NAPI_GRO_FREE_STOLEN_HEAD in napi_frags_finish()
the same way it's done in napi_skb_finish().
Fixes:
|
||
|
Eric Dumazet
|
3f04c32bf4 |
net: prevent sign extension in dev_get_stats()
commit 6f64ec74515925cced6df4571638b5a099a49aae upstream.
Similar to the fix provided by Dominik Heidler in commit
9b3dc0a17d73 ("l2tp: cast l2tp traffic counter to unsigned")
we need to take care of 32bit kernels in dev_get_stats().
When using atomic_long_read(), we add a 'long' to u64 and
might misinterpret high order bit, unless we cast to unsigned.
Fixes:
|
||
|
Kyle Yan
|
6c3873f1eb |
Merge remote-tracking branch '4.9/tmp-184ce81' into msm-4.9
* 4.9/tmp-184ce81: Linux 4.9.36 KVM: nVMX: Fix exception injection KVM: x86: zero base3 of unusable segments KVM: x86/vPMU: fix undefined shift in intel_pmu_refresh() KVM: x86: fix emulation of RSM and IRET instructions arm64: fix NULL dereference in have_cpu_die() mtd: nand: brcmnand: Check flash #WP pin status before nand erase/program i2c: brcmstb: Fix START and STOP conditions brcmfmac: avoid writing channel out of allocated array infiniband: hns: avoid gcc-7.0.1 warning for uninitialized data objtool: Fix another GCC jump table detection issue clk: scpi: don't add cpufreq device if the scpi dvfs node is disabled cpufreq: s3c2416: double free on driver init error path iommu/amd: Fix interrupt remapping when disable guest_mode iommu/amd: Fix incorrect error handling in amd_iommu_bind_pasid() iommu/dma: Don't reserve PCI I/O windows iommu: Handle default domain attach failure iommu/vt-d: Don't over-free page table directories ocfs2: o2hb: revert hb threshold to keep compatible x86/mm: Fix flush_tlb_page() on Xen x86/mpx: Correctly report do_mpx_bt_fault() failures to user-space x86/boot/KASLR: Fix kexec crash due to 'virt_addr' calculation bug tools arch: Sync arch/x86/lib/memcpy_64.S with the kernel ARM: 8685/1: ensure memblock-limit is pmd-aligned ARM64/ACPI: Fix BAD_MADT_GICC_ENTRY() macro implementation ARM: dts: OMAP3: Fix MFG ID EEPROM ARM: OMAP2+: omap_device: Sync omap_device and pm_runtime after probe defer regulator: tps65086: Fix DT node referencing in of_parse_cb regulator: tps65086: Fix expected switch DT node names spi: fix device-node leaks spi: When no dma_chan map buffers with spi_master's parent sched/loadavg: Avoid loadavg spikes caused by delayed NO_HZ accounting watchdog: bcm281xx: Fix use of uninitialized spinlock. netfilter: use skb_to_full_sk in ip_route_me_harder xfrm: Oops on error in pfkey_msg2xfrm_state() xfrm: NULL dereference on allocation failure xfrm: fix stack access out of bounds with CONFIG_XFRM_SUB_POLICY mm/vmalloc.c: huge-vmap: fail gracefully on unexpected huge vmap mappings ravb: Fix use-after-free on `ifconfig eth0 down` ip6_tunnel, ip6_gre: fix setting of DSCP on encapsulated packets sctp: check af before verify address in sctp_addr_id2transport net/mlx4_core: Eliminate warning messages for SRQ_LIMIT under SRIOV perf probe: Fix to probe on gcc generated functions in modules tipc: allocate user memory with GFP_KERNEL flag net: phy: dp83867: allow RGMII_TXID/RGMII_RXID interface types perf probe: Fix to show correct locations for events on modules be2net: fix MAC addr setting on privileged BE3 VFs be2net: don't delete MAC on close on unprivileged BE3 VFs be2net: fix status check in be_cmd_pmac_add() usb: dwc2: gadget: Fix GUSBCFG.USBTRDTIM value s390/ctl_reg: make __ctl_load a full memory barrier swiotlb: ensure that page-sized mappings are page-aligned coredump: Ensure proper size of sparse core files aio: fix lock dep warning perf/x86: Reject non sampling events with precise_ip perf/core: Fix sys_perf_event_open() vs. hotplug x86/mpx: Use compatible types in comparison to fix sparse error x86/tsc: Add the Intel Denverton Processor to native_calibrate_tsc() mac80211: initialize SMPS field in HT capabilities pmem: return EIO on read_pmem() failure drm/amd/powerplay: refine vce dpm update code on Cz. drm/amd/powerplay: fix vce cg logic error on CZ/St. drm/radeon/si: load special ucode for certain MC configs net: thunderx: acpi: fix LMAC initialization arm64: assembler: make adr_l work in modules under KASLR spi: davinci: use dma_mapping_error() scsi: lpfc: avoid double free of resource identifiers HID: i2c-hid: Add sleep between POWER ON and RESET perf/x86/intel: Use ULL constant to prevent undefined shift behaviour mac80211: recalculate min channel width on VHT opmode changes net: phy: marvell: fix Marvell 88E1512 used in SGMII mode pinctrl: intel: Set pin direction properly perf/x86/intel/uncore: Fix hardcoded socket 0 assumption in the Haswell init code drm/etnaviv: trick drm_mm into giving out a low IOVA Documentation: devicetree: change the mediatek ethernet compatible string kernel/panic.c: add missing \n ibmveth: Add a proper check for the availability of the checksum features vxlan: do not age static remote mac entries ip6_tunnel: must reload ipv6h in ip6ip6_tnl_xmit() virtio_net: fix PAGE_SIZE > 64k mlxsw: spectrum_router: Correctly reallocate adjacency entries vfio/spapr: fail tce_iommu_attach_group() when iommu_data is null drm/amdgpu: check ring being ready before using net: dsa: Check return value of phy_connect_direct() amd-xgbe: Check xgbe_init() return code platform/x86: ideapad-laptop: handle ACPI event 1 iwlwifi: fix kernel crash when unregistering thermal zone scsi: virtio_scsi: Reject commands when virtqueue is broken xen-netfront: Fix Rx stall during network stress and OOM swiotlb-xen: update dev_addr after swapping pages virtio_console: fix a crash in config_work_handler Btrfs: fix truncate down when no_holes feature is enabled Btrfs: Fix deadlock between direct IO and fast fsync gianfar: Do not reuse pages from emergency reserve objtool: Fix IRET's opcode bpf: don't trigger OOM killer under pressure with map alloc bnxt_en: Fix "uninitialized variable" bug in TPA code path. xen-netback: protect resource cleaning on XenBus disconnect xen-netback: fix memory leaks on XenBus disconnect net: ethtool: Initialize buffer when querying device channel settings powerpc/eeh: Enable IO path on permanent error net: korina: Fix NAPI versus resources freeing perf/x86/intel: Handle exclusive threadid correctly on CPU hotplug net: phy: dp83848: add DP83620 PHY support drm/amdgpu: add support for new hainan variants drm/amdgpu: fix program vce instance logic error. qla2xxx: Fix erroneous invalid handle message qla2xxx: Terminate exchange if corrupted scsi: lpfc: Set elsiocb contexts to NULL after freeing it stmmac: add missing of_node_put scsi: sd: Fix wrong DPOFUA disable in sd_read_cache_type KVM: x86: fix fixing of hypercalls xen/blkback: don't free be structure too early ARM64: dts: meson-gxbb-odroidc2: fix GbE tx link breakage dt: bindings: net: use boolean dt properties for eee broken modes net: phy: use boolean dt properties for eee broken modes net: phy: fix sign type error in genphy_config_eee_advert dt-bindings: net: add EEE capability constants net: phy: add an option to disable EEE advertisement net: ethtool: add support for 2500BaseT and 5000BaseT link modes sparc64: Zero pages on allocation for mondo and error queues. sparc64: Handle PIO & MEM non-resumable errors. mm: numa: avoid waiting on freed migrated pages l2tp: take a reference on sessions used in genetlink handlers l2tp: hold session while sending creation notifications l2tp: fix duplicate session creation l2tp: ensure session can't get removed during pppol2tp_session_ioctl() l2tp: fix race in l2tp_recv_common() usb: gadget: f_fs: Fix possibe deadlock x86/mm: Fix boot crash caused by incorrect loop count calculation in sync_global_pgds() dm thin: do not queue freed thin mapping for next stage processing drm/vmwgfx: Free hash table allocated by cmdbuf managed res mgr gpiolib: fix filtering out unwanted events NFSv4.1: Fix a race in nfs4_proc_layoutget ALSA: hda - set input_path bitmap to zero after moving it to new place ALSA: hda - Fix endless loop of codec configure MIPS: Fix IRQ tracing & lockdep when rescheduling MIPS: pm-cps: Drop manual cache-line alignment of ready_count MIPS: Avoid accidental raw backtrace MIPS: head: Reorder instructions missing a delay slot mm, swap_cgroup: reschedule when neeed in swap_cgroup_swapoff() drm/ast: Handle configuration without P2A bridge xen/blkback: don't use xen_blkif_get() in xen-blkback kthread NFSv4.x/callback: Create the callback service through svc_create_pooled NFSv4: fix a reference leak caused WARNING messages netfilter: synproxy: fix conntrackd interaction netfilter: xt_TCPMSS: add more sanity tests on tcph->doff rtnetlink: add IFLA_GROUP to ifla_policy ipv6: Do not leak throw route references sfc: provide dummy definitions of vswitch functions net: 8021q: Fix one possible panic caused by BUG_ON in free_netdev decnet: always not take dst->__refcnt when inserting dst into hash table net/mlx5e: Fix timestamping capabilities reporting net/mlx5: Wait for FW readiness before initializing command interface net/mlx5e: Avoid doing a cleanup call if the profile doesn't have it sctp: return next obj by passing pos + 1 into sctp_transport_get_idx ipv6: fix calling in6_ifa_hold incorrectly for dad work igmp: add a missing spin_lock_init() igmp: acquire pmc lock for ip_mc_clear_src() proc: snmp6: Use correct type in memset net/mlx5e: Fix wrong indications in DIM due to counter wraparound net/mlx5e: Added BW check for DIM decision mechanism net: tipc: Fix a sleep-in-atomic bug in tipc_msg_reverse net: caif: Fix a sleep-in-atomic bug in cfpkt_create_pfx sctp: disable BH in sctp_for_each_endpoint Fix an intermittent pr_emerg warning about lo becoming free. af_unix: Add sockaddr length checks before accessing sa_family in bind and connect handlers net: vrf: Make add_fib_rules per network namespace flag net: Zero ifla_vf_info in rtnl_fill_vfinfo() decnet: dn_rtmsg: Improve input length sanitization in dnrmg_receive_user_skb net: don't call strlen on non-terminated string in dev_set_alias() ipv6: release dst on error in ip6_dst_lookup_tail UPSTREAM: selinux: enable genfscon labeling for tracefs Change-Id: I85271d5ce79a499d0398f7d3cb32bc2d43fe7dc5 Signed-off-by: Kyle Yan <kyan@codeaurora.org> |
||
|
Alexander Potapenko
|
d2f459e3fe |
net: don't call strlen on non-terminated string in dev_set_alias()
[ Upstream commit c28294b941232931fbd714099798eb7aa7e865d7 ] KMSAN reported a use of uninitialized memory in dev_set_alias(), which was caused by calling strlcpy() (which in turn called strlen()) on the user-supplied non-terminated string. Signed-off-by: Alexander Potapenko <glider@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Subash Abhinov Kasiviswanathan
|
717d339853 |
skb: printing port numbers with gso trace events
Adding source and destination port number info in the gso trace events to differentiate between the flows. CRs-Fixed: 2062245 Change-Id: Idbae7f95dfd56293805b58e3c6626f5f6e07d08a Signed-off-by: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org> |
||
|
Subash Abhinov Kasiviswanathan
|
b3ce449ff7 |
skb: Adding trace event for gso.
This patch adds trace events to help with debug for gso feature by identifying the packets(and their lenghts) that are using the segmentation offload feature. CRs-Fixed: 2062245 Change-Id: Ibfe1194cc63e74c75047040b0c540713d539992e Signed-off-by: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org> |
||
|
Linux Build Service Account
|
3f7c6a725b | Merge "net: Reset NAPI bit if IPI failed" | ||
|
Subash Abhinov Kasiviswanathan
|
c659549390 |
net: Reset NAPI bit if IPI failed
During hotplug if an RPS CPU goes offline, then there is a possibility that the IPI delivery to the RPS core might fail, this happens in the cases when unruly drivers use netif_rx API in the wrong context. This happens due to two reasons a) Firstly using netif_rx API in non preemptive context leads to enough latencies that the IPI delivery might fail to an RPS core. This is because the softIRQ trigger will become unpredictable. b) by using netif_rx it becomes an architectural issue where we are trying to do two things in two different contexts. We set the NAPI bit in context and sent the IPI in other context. Now since the context switch is allowed, the remote CPU is allowed to go finish its hotplug. If there was no context switch in the first place, which typically happens by either using the correct version of netif_rx or switching to NAPI framework, then the remote CPU is not allowed to go to CPU DOWN state. This is by design since hotplug framework causes the remote dying CPU to wait until atleast one context switch happens on all other CPUS. If preemption is disabled then the dying CPU has to wait until preemption is enabled and a context switch happens. This patch catches these unruly drivers and handles IPI misses by clearing NAPI sate on remote RPS CPUs Please refere here for more documentation on hotplug and preemption cases https://lwn.net/Articles/569686/ CRs-Fixed: 2062245 Change-Id: I072f91bdb4d7e444e3624e8e010ef1b66a67b1ed Signed-off-by: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org> |
||
|
Subash Abhinov Kasiviswanathan
|
27cfd4edee |
net: add a per-cpu counter for the number of frames coalesced in GRO
A low cost method of determining GRO statistics is required. This change introduces a new counter which tracks whenever GRO coalesces ingress packets. The counter is per-CPU and exposed in /proc/net/softnet_stat as the last column of data. No user space impact is expected as a result of this change. However, this change should be reverted if legacy tools have problems with the new column in softnet_stat. CRs-Fixed: 2062245 Change-Id: I05965c0cb150947935d5977884cc4d583b37131d Signed-off-by: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org> |
||
|
Kyle Yan
|
110cce4ad4 |
Merge remote-tracking branch '4.9/tmp-82ab074' into 4.9
* 4.9/tmp-82ab074: Linux 4.9.17 crypto: powerpc - Fix initialisation of crc32c context locking/rwsem: Fix down_write_killable() for CONFIG_RWSEM_GENERIC_SPINLOCK=y futex: Add missing error handling to FUTEX_REQUEUE_PI futex: Fix potential use-after-free in FUTEX_REQUEUE_PI x86/perf: Fix CR4.PCE propagation to use active_mm instead of mm x86/kasan: Fix boot with KASAN=y and PROFILE_ANNOTATED_BRANCHES=y x86/tsc: Fix ART for TSC_KNOWN_FREQ irqchip/gicv3-its: Add workaround for QDF2400 ITS erratum 0065 arm64: KVM: VHE: Clear HCR_TGE when invalidating guest TLBs drm/vc4: Fix ->clock_select setting for the VEC encoder drm/vc4: Fix race between page flip completion event and clean-up clk: bcm2835: Fix ->fixed_divider of pllh_aux powerpc/mm: Fix build break when CMA=n && SPAPR_TCE_IOMMU=y usb: gadget: udc: atmel: remove memory leak serial: 8250_pci: Detach low-level driver during PCI error recovery ACPI / blacklist: Make Dell Latitude 3350 ethernet work ACPI / blacklist: add _REV quirks for Dell Precision 5520 and 3520 slub: move synchronize_sched out of slab_mutex on shrink uvcvideo: uvc_scan_fallback() for webcams with broken chain s390/zcrypt: Introduce CEX6 toleration block: allow WRITE_SAME commands with the SG_IO ioctl drm/nouveau/disp/nv50-: specify ctrl/user separately when constructing classes drm/nouveau/disp/nv50-: split chid into chid.ctrl and chid.user drm/nouveau/disp/gp102: fix cursor/overlay immediate channel indices vfio/spapr: Postpone default window creation vfio/spapr: Add a helper to create default DMA window powerpc/mm/iommu, vfio/spapr: Put pages on VFIO container shutdown vfio/spapr: Reference mm in tce_container powerpc/iommu: Stop using @current in mm_iommu_xxx powerpc/iommu: Pass mm_struct to init/cleanup helpers vfio/spapr: Postpone allocation of userspace version of TCE table Drivers: hv: ring_buffer: count on wrap around mappings in get_next_pkt_raw() (v2) ibmveth: calculate gso_segs for large packets PCI: Do any VF BAR updates before enabling the BARs PCI: Ignore BAR updates on virtual functions PCI: Update BARs using property bits appropriate for type PCI: Don't update VF BARs while VF memory space is enabled PCI: Decouple IORESOURCE_ROM_ENABLE and PCI_ROM_ADDRESS_ENABLE PCI: Add comments about ROM BAR updating PCI: Remove pci_resource_bar() and pci_iov_resource_bar() PCI: Separate VF BAR updates from standard BAR updates x86/hyperv: Handle unknown NMIs on one CPU when unknown_nmi_panic scsi: ibmvscsis: Synchronize cmds at remove time scsi: ibmvscsis: Synchronize cmds at tpg_enable_store time scsi: ibmvscsis: Rearrange functions for future patches scsi: ibmvscsis: Clean up properly if target_submit_cmd/tmr fails scsi: ibmvscsis: Return correct partition name/# to client scsi: ibmvscsis: Issues from Dan Carpenter/Smatch igb: add i211 to i210 PHY workaround igb: Workaround for igb i210 firmware issue xen: do not re-use pirq number cached in pci device msi msg data dmaengine: iota: ioat_alloc_chan_resources should not perform sleeping allocations. bpf: fix mark_reg_unknown_value for spilled regs on map value marking bpf: fix regression on verifier pruning wrt map lookups bpf: fix state equivalence bpf: Detect identical PTR_TO_MAP_VALUE_OR_NULL registers dccp: fix memory leak during tear-down of unsuccessful connection request tun: fix premature POLLOUT notification on tun devices dccp/tcp: fix routing redirect race bridge: drop netfilter fake rtable unconditionally ipv6: avoid write to a possibly cloned skb ipv6: make ECMP route replacement less greedy mpls: Do not decrement alive counter for unregister events mpls: Send route delete notifications when router module is unloaded act_connmark: avoid crashing on malformed nlattrs with null parms uapi: fix linux/packet_diag.h userspace compilation error net/tunnel: set inner protocol in network gro hooks vrf: Fix use-after-free in vrf_xmit dccp: fix use-after-free in dccp_feat_activate_values net/sched: act_skbmod: remove unneeded rcu_read_unlock in tcf_skbmod_dump net: fix socket refcounting in skb_complete_tx_timestamp() net: fix socket refcounting in skb_complete_wifi_ack() tcp: fix various issues for sockets morphing to listen state strparser: destroy workqueue on module exit dccp: Unlock sock before calling sk_free() ipv6: orphan skbs in reassembly unit net: net_enable_timestamp() can be called from irq contexts net: don't call strlen() on the user buffer in packet_bind_spkt() net: bridge: allow IPv6 when multicast flood is disabled tcp/dccp: block BH for SYN processing mlxsw: spectrum_router: Avoid potential packets loss geneve: lock RCU on TX path vxlan: lock RCU on TX path net: phy: Avoid deadlock during phy_error() l2tp: avoid use-after-free caused by l2tp_ip_backlog_recv net sched actions: decrement module reference count after table flush. ipv4: mask tos for input route vxlan: don't allow overwrite of config src addr vti6: return GRE_KEY for vti6 vxlan: correctly validate VXLAN ID against VXLAN_N_VID net/mlx5e: Fix wrong CQE decompression net/mlx5e: Do not reduce LRO WQE size when not using build_skb net/mlx5e: Register/unregister vport representors on interface attach/detach ANDROID: mmc: core: export emmc revision ANDROID: sdcardfs: Fix gid issue ANDROID: sdcardfs: Remove uninformative prints ANDROID: sdcardfs: move path_put outside of spinlock ANDROID: sdcardfs: Use case insensitive hash function ANDROID: sdcardfs: declare MODULE_ALIAS_FS ANDROID: sdcardfs: Get the blocksize from the lower fs ANDROID: sdcardfs: Use d_invalidate instead of drop_recurisve ANDROID: sdcardfs: Switch to internal case insensitive compare ANDROID: sdcardfs: Use spin_lock_nested ANDROID: sdcardfs: Replace get/put with d_lock ANDROID: sdcardfs: rate limit warning print ANDROID: sdcardfs: Fix case insensitive lookup ANDROID: sdcardfs: support direct-IO (DIO) operations ANDROID: sdcardfs: implement vm_ops->page_mkwrite ANDROID: sdcardfs: Don't bother deleting freelist ANDROID: sdcardfs: Add missing path_put ANDROID: sdcardfs: Fix incorrect hash ANDROID: export security_path_chown ANDROID: sdcardfs: Switch strcasecmp for internal call ANDROID: sdcardfs: switch to full_name_hash and qstr ANDROID: sdcardfs: Add GID Derivation to sdcardfs ANDROID: sdcardfs: Remove redundant operation ANDROID: sdcardfs: add support for user permission isolation ANDROID: sdcardfs: Refactor configfs interface ANDROID: sdcardfs: Allow non-owners to touch ANDROID: binder: add padding to binder_fd_array_object. ANDROID: binder: use group leader instead of open thread BACKPORT: mmc: core: Export device lifetime information through sysfs ANDROID: android-verity: do not compile as independent module Change-Id: I7d409ec3e84eaa7f499c951d38f4cba2614415f7 Signed-off-by: Kyle Yan <kyan@codeaurora.org> |
||
|
Eric Dumazet
|
3d87dce3df |
net: net_enable_timestamp() can be called from irq contexts
[ Upstream commit 13baa00ad01bb3a9f893e3a08cbc2d072fc0c15d ]
It is now very clear that silly TCP listeners might play with
enabling/disabling timestamping while new children are added
to their accept queue.
Meaning net_enable_timestamp() can be called from BH context
while current state of the static key is not enabled.
Lets play safe and allow all contexts.
The work queue is scheduled only under the problematic cases,
which are the static key enable/disable transition, to not slow down
critical paths.
This extends and improves what we did in commit 5fa8bbda38c6 ("net: use
a work queue to defer net_disable_timestamp() work")
Fixes:
|
||
|
Kyle Yan
|
e682dcb145 |
Merge remote-tracking branch '4.9/tmp-0455ac9' into 4.9
* 4.9/tmp-0455ac9:
Linux 4.9.12
videodev2.h: go back to limited range Y'CbCr for SRGB and, ADOBERGB
bcache: Make gc wakeup sane, remove set_task_state()
ntb_transport: Pick an unused queue
ntb: ntb_perf missing dmaengine_unmap_put
NTB: ntb_transport: fix debugfs_remove_recursive
timekeeping: Use deferred printk() in debug code
printk: use rcuidle console tracepoint
PCI/PME: Restore pcie_pme_driver.remove
Revert "i2c: designware: detect when dynamic tar update is possible"
ARM: 8658/1: uaccess: fix zeroing of 64-bit get_user()
futex: Move futex_init() to core_initcall
drm/dp/mst: fix kernel oops when turning off secondary monitor
drm/radeon: Use mode h/vdisplay fields to hide out of bounds HW cursor
Input: elan_i2c - add ELAN0605 to the ACPI table
Fix missing sanity check in /dev/sg
scsi: don't BUG_ON() empty DMA transfers
powerpc/64: Disable use of radix under a hypervisor
mmc: core: fix multi-bit bus width without high-speed mode
fuse: fix uninitialized flags in pipe_buffer
fuse: fix use after free issue in fuse_dev_do_read()
siano: make it work again with CONFIG_VMAP_STACK
vfs: fix uninitialized flags in splice_to_pipe()
Linux 4.9.11
x86/fpu/xstate: Fix xcomp_bv in XSAVES header
tcp: don't annotate mark on control socket from tcp_v6_send_response()
net/mlx5: Don't unlock fte while still using it
tcp: fix mark propagation with fwmark_reflect enabled
igmp, mld: Fix memory leak in igmpv3/mld_del_delrec()
mld: do not remove mld souce list info when set link down
l2tp: do not use udp_ioctl()
net: dsa: Do not destroy invalid network devices
ping: fix a null pointer dereference
packet: round up linear to header len
net: introduce device min_header_len
sit: fix a double free on error path
lwtunnel: valid encap attr check should return 0 when lwtunnel is disabled
sctp: avoid BUG_ON on sctp_wait_for_sndbuf
mlx4: Invoke softirqs after napi_reschedule
catc: Use heap buffer for memory size test
catc: Combine failure cleanup code in catc_probe()
rtl8150: Use heap buffers for all register access
pegasus: Use heap buffers for all register access
macvtap: read vnet_hdr_size once
tun: read vnet_hdr_sz once
tcp: avoid infinite loop in tcp_splice_read()
ipv6: tcp: add a missing tcp_v6_restore_cb()
ip6_gre: fix ip6gre_err() invalid reads
netlabel: out of bound access in cipso_v4_validate()
ipv4: keep skb->dst around in presence of IP options
net: use a work queue to defer net_disable_timestamp() work
stmmac: Discard masked flags in interrupt status register
tcp: fix 0 divide in __tcp_select_window()
ipv6: pointer math error in ip6_tnl_parse_tlv_enc_lim()
ipv6: fix ip6_tnl_parse_tlv_enc_lim()
net/sched: matchall: Fix configuration race
net/mlx5e: Fix update of hash function/key via ethtool
can: Fix kernel panic at security_sock_rcv_skb
UPSTREAM: arm64: Disable PAN on uaccess_enable()
UPSTREAM: arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN
UPSTREAM: arm64: xen: Enable user access before a privcmd hvc call
UPSTREAM: arm64: Handle faults caused by inadvertent user access with PAN enabled
BACKPORT: arm64: Disable TTBR0_EL1 during normal kernel execution
BACKPORT: arm64: Introduce uaccess_{disable,enable} functionality based on TTBR0_EL1
UPSTREAM: arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro
UPSTREAM: arm64: Factor out PAN enabling/disabling into separate uaccess_* macros
UPSTREAM: cpufreq: schedutil: Add iowait boosting
UPSTREAM: cpufreq / sched: ignore SMT when determining max cpu capacity
BACKPORT: cpufreq / sched: Pass flags to cpufreq_update_util()
UPSTREAM: cpufreq: schedutil: map raw required frequency to driver frequency
UPSTREAM: cpufreq: governor: Create cpufreq_policy_apply_limits()
BACKPORT: cpufreq: governor: Get rid of governor events
UPSTREAM: cpufreq: schedutil: Improve prints messages with pr_fmt
BACKPORT: cpufreq: Call cpufreq_disable_fast_switch() in sugov_exit()
UPSTREAM: cpufreq: schedutil: Make default depend on CONFIG_SMP
UPSTREAM: cpufreq: schedutil: Make it depend on CONFIG_SMP
BACKPORT: cpufreq: schedutil: New governor based on scheduler utilization data
Linux 4.9.10
perf/core: Fix crash in perf_event_read()
perf diff: Fix segfault on 'perf diff -o N' option
perf diff: Fix -o/--order option behavior (again)
stacktrace, lockdep: Fix address, newline ugliness
IB/rxe: Fix mem_check_range integer overflow
IB/rxe: Fix resid update
x86/CPU/AMD: Fix Zen SMT topology
x86/CPU/AMD: Bring back Compute Unit ID
x86/mm/ptdump: Fix soft lockup in page table walker
Revert "ALSA: line6: Only determine control port properties if needed"
ALSA: seq: Don't handle loop timeout at snd_seq_pool_done()
ALSA: seq: Fix race at creating a queue
ALSA: hda - adding a new NV HDMI/DP codec ID in the driver
xen-netfront: Delete rx_refill_timer in xennet_disconnect_backend()
powerpc/powernv: Fix CPU hotplug to handle waking on HVI
powerpc/mm/radix: Update ERAT flushes when invalidating TLB
btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls
scsi: qla2xxx: Avoid that issuing a LIP triggers a kernel crash
scsi: mpt3sas: disable ASPM for MPI2 controllers
scsi: aacraid: Fix INTx/MSI-x issue with older controllers
scsi: zfcp: fix use-after-free by not tracing WKA port open/close on failed send
Drivers: hv: vmbus: finally fix hv_need_to_signal_on_read()
Drivers: hv: vmbus: On the read path cleanup the logic to interrupt the host
Drivers: hv: vmbus: On write cleanup the logic to interrupt the host
Drivers: hv: vmbus: Base host signaling strictly on the ring state
net/mlx5e: Modify TIRs hash only when it's needed
mac80211: Fix adding of mesh vendor IEs
nl80211: Fix mesh HT operation check
drm/i915: Always convert incoming exec offsets to non-canonical
ARM: 8642/1: LPAE: catch pending imprecise abort on unmask
ARM: dts: imx6dl: fix GPIO4 range
target: Fix COMPARE_AND_WRITE ref leak for non GOOD status
target: Fix multi-session dynamic se_node_acl double free OOPs
target: Fix early transport_generic_handle_tmr abort scenario
target: Use correct SCSI status during EXTENDED_COPY exception
target: Don't BUG_ON during NodeACL dynamic -> explicit conversion
drm/atomic: Fix double free in drm_atomic_state_default_clear
drm/i915/bxt: Add MST support when do DPLL calculation
drm/i915: fix use-after-free in page_flip_completed()
ARM: 8643/3: arm/ptrace: Preserve previous registers for short regset write
hns: avoid stack overflow with CONFIG_KASAN
ibmvscsis: Add SGL limit
mm/slub.c: fix random_seq offset destruction
cpumask: use nr_cpumask_bits for parsing functions
rtlwifi: rtl8192ce: Fix loading of incorrect firmware
Revert "x86/ioapic: Restore IO-APIC irq_chip retrigger callback"
selinux: fix off-by-one in setprocattr
Input: uinput - fix crash when mixing old and new init style
ARC: [arcompact] brown paper bag bug in unaligned access delay slot fixup
crypto: ccp - Fix double add when creating new DMA command
crypto: ccp - Fix DMA operations when IOMMU is enabled
crypto: qat - zero esram only for DH85x devices
crypto: qat - fix bar discovery for c62x
crypto: chcr - Check device is allocated before use
crypto: algif_aead - Fix kernel panic on list_del
dm rq: cope with DM device destruction while in dm_old_request_fn()
libnvdimm, pfn: fix memmap reservation size versus 4K alignment
libnvdimm, namespace: do not delete namespace-id 0
acpi, nfit: fix acpi_nfit_flush_probe() crash
cpufreq: intel_pstate: Disable energy efficiency optimization
ANDROID: ext4 crypto: Disables zeroing on truncation when there's no key
ANDROID: Refactor fs readpage/write tracepoints.
Conflicts:
arch/arm64/Kconfig
arch/arm64/include/asm/assembler.h
arch/arm64/include/asm/mmu_context.h
arch/arm64/include/asm/uaccess.h
arch/arm64/kernel/entry.S
arch/arm64/lib/clear_user.S
arch/arm64/lib/copy_from_user.S
arch/arm64/lib/copy_in_user.S
arch/arm64/lib/copy_to_user.S
arch/arm64/xen/hypercall.S
drivers/cpufreq/Kconfig
Change-Id: Ibd6d488060e080e2abaa34b0f038b4a3a3cfa44d
Signed-off-by: Kyle Yan <kyan@codeaurora.org>
|