cfbe21c82a44eaaa366a4db4518ca7ce17bd1dd6
4620 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Andrii Nakryiko
|
cfbe21c82a |
UPSTREAM: kbuild: handle old pahole more gracefully when generating BTF
When CONFIG_DEBUG_INFO_BTF is enabled but available version of pahole is too
old to support BTF generation, build script is supposed to emit warning and
proceed with the build. Due to using exit instead of return from BASH function,
existing handling code prematurely exits exit code 0, not completing some of
the build steps. This patch fixes issue by correctly returning just from
gen_btf() function only.
Fixes: e83b9f55448a ("kbuild: add ability to generate BTF type info for vmlinux")
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Alexei Starovoitov <ast@fb.com>
Cc: Yonghong Song <yhs@fb.com>
Cc: Martin KaFai Lau <kafai@fb.com>
Change-Id: If817e5a03a739213cecde92b827550b1de86d296
Signed-off-by: Andrii Nakryiko <andriin@fb.com>
Acked-by: Song Liu <songliubraving@fb.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
||
|
Andrii Nakryiko
|
3a0362fdcb |
UPSTREAM: kbuild: tolerate missing pahole when generating BTF
When BTF generation is enabled through CONFIG_DEBUG_INFO_BTF, scripts/link-vmlinux.sh detects if pahole version is too old and gracefully continues build process, skipping BTF generation build step. But if pahole is not available, build will still fail. This patch adds check for whether pahole exists at all and bails out gracefully, if not. Cc: Alexei Starovoitov <ast@fb.com> Reported-by: Yonghong Song <yhs@fb.com> Fixes: e83b9f55448a ("kbuild: add ability to generate BTF type info for vmlinux") Change-Id: I89e477f03aba8e16789b2a330469b2ac562df4d5 Signed-off-by: Andrii Nakryiko <andriin@fb.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> |
||
|
Andrii Nakryiko
|
05d1fd7b25 |
BACKPORT: kbuild: add ability to generate BTF type info for vmlinux
This patch adds new config option to trigger generation of BTF type information from DWARF debuginfo for vmlinux and kernel modules through pahole, which in turn relies on libbpf for btf_dedup() algorithm. The intent is to record compact type information of all types used inside kernel, including all the structs/unions/typedefs/etc. This enables BPF's compile-once-run-everywhere ([0]) approach, in which tracing programs that are inspecting kernel's internal data (e.g., struct task_struct) can be compiled on a system running some kernel version, but would be possible to run on other kernel versions (and configurations) without recompilation, even if the layout of structs changed and/or some of the fields were added, removed, or renamed. This is only possible if BPF loader can get kernel type info to adjust all the offsets correctly. This patch is a first time in this direction, making sure that BTF type info is part of Linux kernel image in non-loadable ELF section. BTF deduplication ([1]) algorithm typically provides 100x savings compared to DWARF data, so resulting .BTF section is not big as is typically about 2MB in size. [0] http://vger.kernel.org/lpc-bpf2018.html#session-2 [1] https://facebookmicrosites.github.io/bpf/blog/2018/11/14/btf-enhancement.html Cc: Masahiro Yamada <yamada.masahiro@socionext.com> Cc: Arnaldo Carvalho de Melo <acme@redhat.com> Cc: Daniel Borkmann <daniel@iogearbox.net> Cc: Alexei Starovoitov <ast@fb.com> Cc: Yonghong Song <yhs@fb.com> Cc: Martin KaFai Lau <kafai@fb.com> Change-Id: Id935f6e3ac658d9a92d55acd39e8287c644c941d Signed-off-by: Andrii Nakryiko <andriin@fb.com> Acked-by: David S. Miller <davem@davemloft.net> Acked-by: Alexei Starovoitov <ast@kernel.org> Acked-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> |
||
|
Matthew Wilcox
|
42426e3314 |
UPSTREAM: mm: split page_type out from _mapcount
We're already using a union of many fields here, so stop abusing the _mapcount and make page_type its own field. That implies renaming some of the machinery that creates PageBuddy, PageBalloon and PageKmemcg; bring back the PG_buddy, PG_balloon and PG_kmemcg names. As suggested by Kirill, make page_type a bitmask. Because it starts out life as -1 (thanks to sharing the storage with _mapcount), setting a page flag means clearing the appropriate bit. This gives us space for probably twenty or so extra bits (depending how paranoid we want to be about _mapcount underflow). Link: http://lkml.kernel.org/r/20180518194519.3820-3-willy@infradead.org Change-Id: I8804ac88e4c2c772df02ae1a3b07e0e87cc5e05e Signed-off-by: Matthew Wilcox <mawilcox@microsoft.com> Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Acked-by: Vlastimil Babka <vbabka@suse.cz> Cc: Christoph Lameter <cl@linux.com> Cc: Dave Hansen <dave.hansen@linux.intel.com> Cc: Jérôme Glisse <jglisse@redhat.com> Cc: Lai Jiangshan <jiangshanlai@gmail.com> Cc: Martin Schwidefsky <schwidefsky@de.ibm.com> Cc: Pekka Enberg <penberg@kernel.org> Cc: Randy Dunlap <rdunlap@infradead.org> Cc: Andrey Ryabinin <aryabinin@virtuozzo.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Quentin Monnet
|
8ff8cb0d1c |
BACKPORT: bpf: add script and prepare bpf.h for new helpers documentation
Remove previous "overview" of eBPF helpers from user bpf.h header.
Replace it by a comment explaining how to process the new documentation
(to come in following patches) with a Python script to produce RST, then
man page documentation.
Also add the aforementioned Python script under scripts/. It is used to
process include/uapi/linux/bpf.h and to extract helper descriptions, to
turn it into a RST document that can further be processed with rst2man
to produce a man page. The script takes one "--filename <path/to/file>"
option. If the script is launched from scripts/ in the kernel root
directory, it should be able to find the location of the header to
parse, and "--filename <path/to/file>" is then optional. If it cannot
find the file, then the option becomes mandatory. RST-formatted
documentation is printed to standard output.
Typical workflow for producing the final man page would be:
$ ./scripts/bpf_helpers_doc.py \
--filename include/uapi/linux/bpf.h > /tmp/bpf-helpers.rst
$ rst2man /tmp/bpf-helpers.rst > /tmp/bpf-helpers.7
$ man /tmp/bpf-helpers.7
Note that the tool kernel-doc cannot be used to document eBPF helpers,
whose signatures are not available directly in the header files
(pre-processor directives are used to produce them at the beginning of
the compilation process).
v4:
- Also remove overviews for newly added bpf_xdp_adjust_tail() and
bpf_skb_get_xfrm_state().
- Remove vague statement about what helpers are restricted to GPL
programs in "LICENSE" section for man page footer.
- Replace license boilerplate with SPDX tag for Python script.
v3:
- Change license for man page.
- Remove "for safety reasons" from man page header text.
- Change "packets metadata" to "packets" in man page header text.
- Move and fix comment on helpers introducing no overhead.
- Remove "NOTES" section from man page footer.
- Add "LICENSE" section to man page footer.
- Edit description of file include/uapi/linux/bpf.h in man page footer.
Change-Id: If9d8969ee15f4712c88ff3631acfe5e9ba1fef3d
Signed-off-by: Quentin Monnet <quentin.monnet@netronome.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
||
|
Alexander Winkowski
|
79131226e0 |
Revert "ANDROID: modpost: add an exception for CFI stubs"
This reverts commit
|
||
|
Michael Bestas
|
879c3c8219 |
Merge branch 'linux-4.14.y' of github.com:openela/kernel-lts into android-msm-pixel-4.14
* 'linux-4.14.y' of github.com:openela/kernel-lts: (342 commits) LTS: Update to 4.14.355 Revert "parisc: Use irq_enter_rcu() to fix warning at kernel/context_tracking.c:367" netns: restore ops before calling ops_exit_list cx82310_eth: fix error return code in cx82310_bind() rtmutex: Drop rt_mutex::wait_lock before scheduling locking/rtmutex: Handle non enqueued waiters gracefully in remove_waiter() drm/i915/fence: Mark debug_fence_free() with __maybe_unused ACPI: processor: Fix memory leaks in error paths of processor_add() ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add() netns: add pre_exit method to struct pernet_operations net: Add comment about pernet_operations methods and synchronization nilfs2: protect references to superblock parameters exposed in sysfs nilfs2: replace snprintf in show functions with sysfs_emit nilfs2: use time64_t internally tracing: Avoid possible softlockup in tracing_iter_reset() ring-buffer: Rename ring_buffer_read() to read_buffer_iter_advance() uprobes: Use kzalloc to allocate xol area clocksource/drivers/imx-tpm: Fix next event not taking effect sometime clocksource/drivers/imx-tpm: Fix return -ETIME when delta exceeds INT_MAX VMCI: Fix use-after-free when removing resource in vmci_resource_remove() ... Conflicts: drivers/mmc/core/mmc_test.c drivers/net/usb/usbnet.c fs/f2fs/inode.c fs/f2fs/namei.c include/linux/overflow.h Change-Id: Icfff2ec3039c2ce40ed7a9c1d9a6a99269ff4c83 |
||
|
Nathan Chancellor
|
6bd6cf1374 |
kbuild: Fix '-S -c' in x86 stack protector scripts
commit 3415b10a03945b0da4a635e146750dfe5ce0f448 upstream.
After a recent change in clang to stop consuming all instances of '-S'
and '-c' [1], the stack protector scripts break due to the kernel's use
of -Werror=unused-command-line-argument to catch cases where flags are
not being properly consumed by the compiler driver:
$ echo | clang -o - -x c - -S -c -Werror=unused-command-line-argument
clang: error: argument unused during compilation: '-c' [-Werror,-Wunused-command-line-argument]
This results in CONFIG_STACKPROTECTOR getting disabled because
CONFIG_CC_HAS_SANE_STACKPROTECTOR is no longer set.
'-c' and '-S' both instruct the compiler to stop at different stages of
the pipeline ('-S' after compiling, '-c' after assembling), so having
them present together in the same command makes little sense. In this
case, the test wants to stop before assembling because it is looking at
the textual assembly output of the compiler for either '%fs' or '%gs',
so remove '-c' from the list of arguments to resolve the error.
All versions of GCC continue to work after this change, along with
versions of clang that do or do not contain the change mentioned above.
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Michael Bestas
|
868d400d41 |
Merge branch 'linux-4.14.y' of github.com:openela/kernel-lts into android-msm-pixel-4.14
* 'linux-4.14.y' of github.com:openela/kernel-lts: (90 commits)
LTS: Update to 4.14.352
filelock: Fix fcntl/close race recovery compat path
jfs: don't walk off the end of ealist
ocfs2: add bounds checking to ocfs2_check_dir_entry()
net: relax socket state check at accept time.
ACPI: processor_idle: Fix invalid comparison with insertion sort for latency
ARM: 9324/1: fix get_user() broken with veneer
filelock: Remove locks reliably when fcntl/close race is detected
hfsplus: fix uninit-value in copy_name
selftests/vDSO: fix clang build errors and warnings
spi: imx: Don't expect DMA for i.MX{25,35,50,51,53} cspi devices
fs: better handle deep ancestor chains in is_subdir()
Bluetooth: hci_core: cancel all works upon hci_unregister_dev()
net: mac802154: Fix racy device stats updates by DEV_STATS_INC() and DEV_STATS_ADD()
net: usb: qmi_wwan: add Telit FN912 compositions
ALSA: dmaengine_pcm: terminate dmaengine before synchronize
s390/sclp: Fix sclp_init() cleanup on failure
Input: elantech - fix touchpad state on resume for Lenovo N24
wifi: cfg80211: wext: add extra SIOCSIWSCAN data check
mei: demote client disconnect warning on suspend to debug
...
Conflicts:
arch/arm/include/asm/uaccess.h
Change-Id: I102ef6a6b70c7a09e953ca8ed5d44d87952ee5d8
|
||
|
Masahiro Yamada
|
692c2ebeac |
kconfig: remove wrong expr_trans_bool()
[ Upstream commit 77a92660d8fe8d29503fae768d9f5eb529c88b36 ]
expr_trans_bool() performs an incorrect transformation.
[Test Code]
config MODULES
def_bool y
modules
config A
def_bool y
select C if B != n
config B
def_tristate m
config C
tristate
[Result]
CONFIG_MODULES=y
CONFIG_A=y
CONFIG_B=m
CONFIG_C=m
This output is incorrect because CONFIG_C=y is expected.
Documentation/kbuild/kconfig-language.rst clearly explains the function
of the '!=' operator:
If the values of both symbols are equal, it returns 'n',
otherwise 'y'.
Therefore, the statement:
select C if B != n
should be equivalent to:
select C if y
Or, more simply:
select C
Hence, the symbol C should be selected by the value of A, which is 'y'.
However, expr_trans_bool() wrongly transforms it to:
select C if B
Therefore, the symbol C is selected by (A && B), which is 'm'.
The comment block of expr_trans_bool() correctly explains its intention:
* bool FOO!=n => FOO
^^^^
If FOO is bool, FOO!=n can be simplified into FOO. This is correct.
However, the actual code performs this transformation when FOO is
tristate:
if (e->left.sym->type == S_TRISTATE) {
^^^^^^^^^^
While it can be fixed to S_BOOLEAN, there is no point in doing so
because expr_tranform() already transforms FOO!=n to FOO when FOO is
bool. (see the "case E_UNEQUAL" part)
expr_trans_bool() is wrong and unnecessary.
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
Acked-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
(cherry picked from commit b366d89859fe7b58894b3698844b551fe32f892a)
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
|
||
|
Masahiro Yamada
|
265ba671aa |
kconfig: gconf: give a proper initial state to the Save button
[ Upstream commit 46edf4372e336ef3a61c3126e49518099d2e2e6d ] Currently, the initial state of the "Save" button is always active. If none of the CONFIG options are changed while loading the .config file, the "Save" button should be greyed out. This can be fixed by calling conf_read() after widget initialization. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org> (cherry picked from commit b6d6a91b584a022424d99264741bdfa6b336c83b) Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com> |
||
|
Kees Cook
|
c133012a81 |
gcc-plugins: Rename last_stmt() for GCC 14+
commit 2e3f65ccfe6b0778b261ad69c9603ae85f210334 upstream. In GCC 14, last_stmt() was renamed to last_nondebug_stmt(). Add a helper macro to handle the renaming. Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook <keescook@chromium.org> Cc: Thomas Meyer <thomas@m3y3r.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> (cherry picked from commit 2d05669ce1f18c1bc51476980a0e8bd107682546) Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com> |
||
|
Michael Bestas
|
a3f7e6e9e2 |
Merge branch 'linux-4.14.y' of github.com:openela/kernel-lts into android-msm-pixel-4.14
* 'linux-4.14.y' of github.com:openela/kernel-lts:
LTS: Update to 4.14.350
SUNRPC: Fix RPC client cleaned up the freed pipefs dentries
arm64: dts: rockchip: Add sound-dai-cells for RK3368
tcp: Fix data races around icsk->icsk_af_ops.
ipv6: Fix data races around sk->sk_prot.
ipv6: annotate some data-races around sk->sk_prot
pwm: stm32: Refuse too small period requests
ftruncate: pass a signed offset
batman-adv: Don't accept TT entries for out-of-spec VIDs
batman-adv: include gfp.h for GFP_* defines
drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes
drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes
hexagon: fix fadvise64_64 calling conventions
tty: mcf: MCF54418 has 10 UARTS
usb: atm: cxacru: fix endpoint checking in cxacru_bind()
usb: musb: da8xx: fix a resource leak in probe()
usb: gadget: printer: SS+ support
net: usb: ax88179_178a: improve link status logs
iio: adc: ad7266: Fix variable checking bug
mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos
x86: stop playing stack games in profile_pc()
i2c: ocores: set IACK bit after core is enabled
i2c: ocores: stop transfer on timeout
nvme: fixup comment for nvme RDMA Provider Type
soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message
media: dvbdev: Initialize sbuf
ALSA: emux: improve patch ioctl data validation
net/iucv: Avoid explicit cpumask var allocation on stack
netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers
ASoC: fsl-asoc-card: set priv->pdev before using it
drm/amdgpu: fix UBSAN warning in kv_dpm.c
pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set
pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins
pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins
pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER
usb: xhci: do not perform Soft Retry for some xHCI hosts
xhci: Set correct transferred length for cancelled bulk transfers
xhci: Use soft retry to recover faster from transaction errors
usb: xhci: Remove ep_trb from xhci_cleanup_halted_endpoint()
scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory
scsi: mpt3sas: Gracefully handle online firmware update
scsi: mpt3sas: Add ioc_<level> logging macros
iio: dac: ad5592r: fix temperature channel scaling value
iio: dac: ad5592r: un-indent code-block for scale read
iio: dac: ad5592r-base: Replace indio_dev->mlock with own device lock
x86/amd_nb: Check for invalid SMN reads
PCI: Add PCI_ERROR_RESPONSE and related definitions
ARM: dts: samsung: smdk4412: fix keypad no-autorepeat
ARM: dts: samsung: exynos4412-origen: fix keypad no-autorepeat
ARM: dts: samsung: smdkv310: fix keypad no-autorepeat
gcov: add support for GCC 14
drm/radeon: fix UBSAN warning in kv_dpm.c
ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine."
dmaengine: ioatdma: Fix missing kmem_cache_destroy()
regulator: core: Fix modpost error "regulator_get_regmap" undefined
net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings
virtio_net: checksum offloading handling fix
xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()
netrom: Fix a memory leak in nr_heartbeat_expiry()
cipso: fix total option length computation
MIPS: Routerboard 532: Fix vendor retry check code
MIPS: Octeon: Add PCIe link status check
udf: udftime: prevent overflow in udf_disk_stamp_to_time()
udf: Simplify calls to udf_disk_stamp_to_time
udf: Sanitize nanoseconds for time stamps
usb: misc: uss720: check for incompatible versions of the Belkin F5U002
powerpc/io: Avoid clang null pointer arithmetic warnings
powerpc/pseries: Enforce hcall result buffer validity and size
scsi: qedi: Fix crash while reading debugfs attribute
batman-adv: bypass empty buckets in batadv_purge_orig_ref()
rcutorture: Fix rcu_torture_one_read() pipe_count overflow comment
usb-storage: alauda: Check whether the media is initialized
hugetlb_encode.h: fix undefined behaviour (34 << 26)
mm/hugetlb: add mmap() encodings for 32MB and 512MB page sizes
hv_utils: drain the timesync packets on onchannelcallback
nilfs2: fix potential kernel bug due to lack of writeback flag waiting
intel_th: pci: Add Lunar Lake support
intel_th: pci: Add Meteor Lake-S support
intel_th: pci: Add Sapphire Rapids SOC support
intel_th: pci: Add Granite Rapids SOC support
intel_th: pci: Add Granite Rapids support
dmaengine: axi-dmac: fix possible race in remove()
ocfs2: fix races between hole punching and AIO+DIO
ocfs2: use coarse time for new created files
fs/proc: fix softlockup in __read_vmcore
vmci: prevent speculation leaks by sanitizing event in event_deliver()
drm/exynos/vidi: fix memory leak in .get_modes()
drivers: core: synchronize really_probe() and dev_uevent()
net/ipv6: Fix the RT cache flush via sysctl using a previous delay
ipv6/route: Add a missing check on proc_dointvec
Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ
tcp: fix race in tcp_v6_syn_recv_sock()
drm/bridge/panel: Fix runtime warning on panel bridge release
iommu/amd: Fix sysfs leak in iommu init
HID: core: remove unnecessary WARN_ON() in implement()
Input: try trimming too long modalias strings
xhci: Apply broken streams quirk to Etron EJ188 xHCI host
xhci: Apply reset resume quirk to Etron EJ188 xHCI host
jfs: xattr: fix buffer overflow for invalid xattr
mei: me: release irq in mei_me_pci_resume error path
USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages
nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors
nilfs2: return the mapped address from nilfs_get_page()
nilfs2: Remove check for PageError
selftests/mm: compaction_test: fix bogus test success on Aarch64
selftests/mm: conform test to TAP format output
selftests/mm: compaction_test: fix incorrect write of zero to nr_hugepages
media: mc: mark the media devnode as registered from the, start
serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler
serial: sc16is7xx: replace hardcoded divisor value with BIT() macro
usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete
af_unix: Annotate data-race of sk->sk_shutdown in sk_diag_fill().
af_unix: Use skb_queue_len_lockless() in sk_diag_show_rqlen().
af_unix: Use unix_recvq_full_lockless() in unix_stream_connect().
af_unix: Annotate data-race of net->unx.sysctl_max_dgram_qlen.
af_unix: Annotate data-races around sk->sk_state in UNIX_DIAG.
af_unix: Annotate data-races around sk->sk_state in sendmsg() and recvmsg().
af_unix: Annotate data-races around sk->sk_state in unix_write_space() and poll().
af_unix: Fix data races around sk->sk_shutdown.
af_unix: Annotate data-race of sk->sk_state in unix_inq_len().
af_unix: Fix a data-race in unix_dgram_peer_wake_me().
af_unix: ensure POLLOUT on remote close() for connected dgram socket
ptp: Fix error message on failed pin verification
tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB
vxlan: Fix regression when dropping packets due to invalid src addresses
ipv6: sr: block BH in seg6_output_core() and seg6_input_core()
wifi: iwlwifi: mvm: don't read past the mfuart notifcation
wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup()
wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects
tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets
Revert "tcp: remove redundant check on tskb"
Revert "tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets"
Revert "scsi: target: Fix SELinux error when systemd-modules loads the target module"
LTS: Update to 4.14.349
x86/kvm: Disable all PV features on crash
x86/kvm: Disable kvmclock on all CPUs on shutdown
x86/kvm: Teardown PV features on boot CPU as well
crypto: algif_aead - fix uninitialized ctx->init
nfs: fix undefined behavior in nfs_block_bits()
ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find()
sparc: move struct termio to asm/termios.h
kdb: Use format-specifiers rather than memset() for padding in kdb_read()
kdb: Merge identical case statements in kdb_read()
kdb: Fix console handling when editing and tab-completing commands
kdb: Use format-strings rather than '\0' injection in kdb_read()
kdb: Fix buffer overflow during tab-complete
sparc64: Fix number of online CPUs
intel_th: pci: Add Meteor Lake-S CPU support
net/9p: fix uninit-value in p9_client_rpc()
crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak
KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode
netfilter: nft_dynset: relax superfluous check on set updates
netfilter: nft_dynset: report EOPNOTSUPP on missing set feature
netfilter: nf_tables: don't skip expired elements during walk
netfilter: nf_tables: drop map element references from preparation phase
netfilter: nf_tables: pass ctx to nf_tables_expr_destroy()
netfilter: nftables: rename set element data activation/deactivation functions
netfilter: nf_tables: pass context to nft_set_destroy()
netfilter: nf_tables: fix set double-free in abort path
netfilter: nf_tables: add nft_set_is_anonymous() helper
fbdev: savage: Handle err return when savagefb_check_var failed
media: v4l2-core: hold videodev_lock until dev reg, finishes
media: mxl5xx: Move xpt structures off stack
arm64: dts: hi3798cv200: fix the size of GICR
md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING
arm64: tegra: Correct Tegra132 I2C alias
ata: pata_legacy: make legacy_exit() work again
neighbour: fix unaligned access to pneigh_entry
vxlan: Fix regression when dropping packets due to invalid src addresses
nilfs2: fix use-after-free of timer for log writer thread
fs/nilfs2: convert timers to use timer_setup()
mmc: core: Do not force a retune before RPMB switch
binder: fix max_thread type inconsistency
ALSA: timer: Set lower bound of start tick time
ALSA: timer: Simplify timer hw resolution calls
ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound
ipvlan: add ipvlan_route_v6_outbound() helper
ipvlan: properly track tx_errors
net: add DEV_STATS_READ() helper
kconfig: fix comparison to constant symbols, 'm', 'n'
net:fec: Add fec_enet_deinit()
net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM
smsc95xx: use usbnet->driver_priv
smsc95xx: remove redundant function arguments
enic: Validate length of nl attributes in enic_set_vf_port
dma-buf/sw-sync: don't enable IRQ from sync_print_obj()
net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer exhaustion
nvmet: fix ns enable/disable possible hang
spi: Don't mark message DMA mapped when no transfer in it is
netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()
nfc: nci: Fix handling of zero-length payload packets in nci_rx_work()
nfc: nci: Fix kcov check in nci_rx_work()
net: fec: avoid lock evasion when reading pps_enable
net: fec: remove redundant variable 'inc'
virtio: delete vq in vp_find_vqs_msix() when request_irq() fails
arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY
openvswitch: Set the skbuff pkt_type for proper pmtud support.
tcp: Fix shift-out-of-bounds in dctcp_update_alpha().
params: lift param_set_uint_minmax to common code
ipv6: sr: fix memleak in seg6_hmac_init_algo
nfc: nci: Fix uninit-value in nci_rx_work
x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when UNWINDER_FRAME_POINTER=y
null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION()
media: cec: cec-api: add locking in cec_release()
um: Fix the -Wmissing-prototypes warning for __switch_mm
powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp
media: stk1160: fix bounds checking in stk1160_copy_video()
um: Add winch to winch_handlers before registering winch IRQ
um: Fix return value in ubd_init()
Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation
Input: ims-pcu - fix printf string overflow
libsubcmd: Fix parse-options memory leak
f2fs: add error prints for debugging mount failure
extcon: max8997: select IRQ_DOMAIN instead of depending on it
ppdev: Add an error check in register_device
stm class: Fix a double free in stm_register_device()
usb: gadget: u_audio: Clear uac pointer when freed.
greybus: arche-ctrl: move device table to its right location
serial: max3100: Fix bitwise types
serial: max3100: Update uart_driver_registered on driver removal
serial: max3100: Lock port->lock when calling uart_handle_cts_change()
firmware: dmi-id: add a release callback function
dmaengine: idma64: Add check for dma_set_max_seg_size
greybus: lights: check return of get_channel_from_mode
sched/fair: Allow disabling sched_balance_newidle with sched_relax_domain_level
sched/topology: Don't set SD_BALANCE_WAKE on cpuset domain relax
af_packet: do not call packet_read_pending() from tpacket_destruct_skb()
netrom: fix possible dead-lock in nr_rt_ioctl()
RDMA/IPoIB: Fix format truncation compilation errors
RDMA/ipoib: Fix use of sizeof()
selftests/kcmp: remove unused open mode
selftests/kcmp: Make the test output consistent and clear
ext4: avoid excessive credit estimate in ext4_tmpfile()
x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map
ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value
fbdev: sh7760fb: allow modular build
media: radio-shark2: Avoid led_names truncations
media: ngene: Add dvb_ca_en50221_init return value check
powerpc/fsl-soc: hide unused const variable
drm/mediatek: Add 0 size check to mtk_drm_gem_obj
fbdev: shmobile: fix snprintf truncation
mtd: rawnand: hynix: fixed typo
ipv6: sr: fix invalid unregister error path
ipv6: sr: fix incorrect unregister order
ipv6: sr: add missing seg6_local_exit
net: openvswitch: fix overwriting ct original tuple for ICMPv6
net: usb: smsc95xx: stop lying about skb->truesize
af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg
m68k: mac: Fix reboot hang on Mac IIci
m68k/mac: Use '030 reset method on SE/30
m68k: Fix spinlock race in kernel thread creation
net: usb: sr9700: stop lying about skb->truesize
wifi: mwl8k: initialize cmd->addr[] properly
scsi: qedf: Ensure the copied buf is NUL terminated
scsi: bfa: Ensure the copied buf is NUL terminated
Revert "sh: Handle calling csum_partial with misaligned data"
sh: kprobes: Merge arch_copy_kprobe() into arch_prepare_kprobe()
wifi: ar5523: enable proper endpoint verification
wifi: carl9170: add a proper sanity check for endpoints
macintosh/via-macii: Fix "BUG: sleeping function called from invalid context"
macintosh/via-macii, macintosh/adb-iop: Clean up whitespace
m68k/mac: Add mutual exclusion for IOP interrupt polling
macintosh/via-macii: Remove BUG_ON assertions
wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger()
scsi: hpsa: Fix allocation size for Scsi_Host private data
scsi: libsas: Fix the failure of adding phy with zero-address to port
ACPI: disable -Wstringop-truncation
irqchip/alpine-msi: Fix off-by-one in allocation error path
scsi: ufs: core: Perform read back after disabling UIC_COMMAND_COMPL
scsi: ufs: core: Perform read back after disabling interrupts
scsi: ufs: qcom: Perform read back after writing reset bit
x86/boot: Ignore relocations in .notes sections in walk_relocs() too
wifi: ath10k: poll service ready message before failing
nfsd: drop st_mutex before calling move_to_close_lru()
null_blk: Fix missing mutex_destroy() at module removal
jffs2: prevent xattr node from overflowing the eraseblock
crypto: ccp - drop platform ifdef checks
crypto: ccp - Remove forward declaration
parisc: add missing export of __cmpxchg_u8()
nilfs2: fix out-of-range warning
ecryptfs: Fix buffer size for tag 66 packet
firmware: raspberrypi: Use correct device for DMA mappings
crypto: bcm - Fix pointer arithmetic
ASoC: da7219-aad: fix usage of device_get_named_child_node()
ASoC: dt-bindings: rt5645: add cbj sleeve gpio property
ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating
net: usb: qmi_wwan: add Telit FN920C04 compositions
wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class
tty: n_gsm: fix possible out-of-bounds in gsm0_receive()
nilfs2: fix potential hang in nilfs_detach_log_writer()
nilfs2: fix unexpected freezing of nilfs_segctor_sync()
ring-buffer: Fix a race between readers and resize checks
speakup: Fix sizeof() vs ARRAY_SIZE() bug
Conflicts:
fs/f2fs/segment.c
fs/f2fs/super.c
Change-Id: I4f2f98e18345d5bd4994049b4dea3d98f36f5d8c
|
||
|
Masahiro Yamada
|
c00f30ffce |
kconfig: fix comparison to constant symbols, 'm', 'n'
[ Upstream commit aabdc960a283ba78086b0bf66ee74326f49e218e ]
Currently, comparisons to 'm' or 'n' result in incorrect output.
[Test Code]
config MODULES
def_bool y
modules
config A
def_tristate m
config B
def_bool A > n
CONFIG_B is unset, while CONFIG_B=y is expected.
The reason for the issue is because Kconfig compares the tristate values
as strings.
Currently, the .type fields in the constant symbol definitions,
symbol_{yes,mod,no} are unspecified, i.e., S_UNKNOWN.
When expr_calc_value() evaluates 'A > n', it checks the types of 'A' and
'n' to determine how to compare them.
The left-hand side, 'A', is a tristate symbol with a value of 'm', which
corresponds to a numeric value of 1. (Internally, 'y', 'm', and 'n' are
represented as 2, 1, and 0, respectively.)
The right-hand side, 'n', has an unknown type, so it is treated as the
string "n" during the comparison.
expr_calc_value() compares two values numerically only when both can
have numeric values. Otherwise, they are compared as strings.
symbol numeric value ASCII code
-------------------------------------
y 2 0x79
m 1 0x6d
n 0 0x6e
'm' is greater than 'n' if compared numerically (since 1 is greater
than 0), but smaller than 'n' if compared as strings (since the ASCII
code 0x6d is smaller than 0x6e).
Specifying .type=S_TRISTATE for symbol_{yes,mod,no} fixes the above
test code.
Doing so, however, would cause a regression to the following test code.
[Test Code 2]
config MODULES
def_bool n
modules
config A
def_tristate n
config B
def_bool A = m
You would get CONFIG_B=y, while CONFIG_B should not be set.
The reason is because sym_get_string_value() turns 'm' into 'n' when the
module feature is disabled. Consequently, expr_calc_value() evaluates
'A = n' instead of 'A = m'. This oddity has been hidden because the type
of 'm' was previously S_UNKNOWN instead of S_TRISTATE.
sym_get_string_value() should not tweak the string because the tristate
value has already been correctly calculated. There is no reason to
return the string "n" where its tristate value is mod.
Fixes:
|
||
|
Michael Bestas
|
6be06baf80 |
Merge branch 'linux-4.14.y' of github.com:openela/kernel-lts into android-msm-pixel-4.14
* 'linux-4.14.y' of github.com:openela/kernel-lts:
LTS: Update to 4.14.348
docs: kernel_include.py: Cope with docutils 0.21
serial: kgdboc: Fix NMI-safety problems from keyboard reset code
btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks()
dm: limit the number of targets and parameter size area
Revert "selftests: mm: fix map_hugetlb failure on 64K page size systems"
LTS: Update to 4.14.347
rds: Fix build regression.
RDS: IB: Use DEFINE_PER_CPU_SHARED_ALIGNED for rds_ib_stats
af_unix: Suppress false-positive lockdep splat for spin_lock() in __unix_gc().
net: fix out-of-bounds access in ops_init
drm/vmwgfx: Fix invalid reads in fence signaled events
dyndbg: fix old BUG_ON in >control parser
tipc: fix UAF in error path
usb: gadget: f_fs: Fix a race condition when processing setup packets.
usb: gadget: composite: fix OS descriptors w_value logic
firewire: nosy: ensure user_length is taken into account when fetching packet contents
af_unix: Fix garbage collector racing against connect()
af_unix: Do not use atomic ops for unix_sk(sk)->inflight.
ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()
net/ipv6: Refactor fib6_rule_action
net: bridge: fix corrupted ethernet header on multicast-to-unicast
net: bridge: use DEV_STATS_INC()
phonet: fix rtm_phonet_notify() skb allocation
rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation
Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout
Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout
tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets
tcp: remove redundant check on tskb
net:usb:qmi_wwan: support Rolling modules
fs/9p: drop inodes immediately on non-.L too
gpio: crystalcove: Use -ENOTSUPP consistently
gpio: wcove: Use -ENOTSUPP consistently
9p: explicitly deny setlease attempts
fs/9p: translate O_TRUNC into OTRUNC
fs/9p: only translate RWX permissions for plain 9P2000
selftests: timers: Fix valid-adjtimex signed left-shift undefined behavior
scsi: target: Fix SELinux error when systemd-modules loads the target module
tools/power turbostat: Fix Bzy_MHz documentation typo
tools/power turbostat: Fix added raw MSR output
firewire: ohci: mask bus reset interrupts between ISR and bottom half
ata: sata_gemini: Check clk_enable() result
net: bcmgenet: Reset RBUF on first open
ALSA: line6: Zero-initialize message buffers
scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload
net: mark racy access on sk->sk_rcvbuf
wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc
scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic
tipc: fix a possible memleak in tipc_buf_append
net: bridge: fix multicast-to-unicast with fraglist GSO
net: dsa: mv88e6xxx: Fix number of databases for 88E6141 / 88E6341
net: dsa: mv88e6xxx: Fix name of switch 88E6141
net: dsa: mv88e6xxx: Add number of MACs in the ATU
net l2tp: drop flow hash on forward
nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment().
bna: ensure the copied buf is NUL terminated
pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()
power: rt9455: hide unused rt9455_boost_voltage_values
pinctrl: core: delete incorrect free in pinctrl_enable()
ethernet: Add helper for assigning packet type when dest address does not match device address
ethernet: add a helper for assigning port addresses
net: create netdev->dev_addr assignment helpers
net: slightly optimize eth_type_trans
wifi: nl80211: don't free NULL coalescing rule
dmaengine: Revert "dmaengine: pl330: issue_pending waits until WFP state"
dmaengine: pl330: issue_pending waits until WFP state
LTS: Update to 4.14.346
Simplify major/minor non-dynamic logic
net: fix unused variable warning in do_tcp_setsockopt()
serial: core: fix kernel-doc for uart_port_unlock_irqrestore()
HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up
i2c: smbus: fix NULL function pointer dereference
i2c: add param sanity check to i2c_transfer()
idma64: Don't try to serve interrupts when device is powered off
mtd: diskonchip: work around ubsan link failure
stackdepot: respect __GFP_NOLOCKDEP allocation flag
net: b44: set pause params only when interface is up
irqchip/gic-v3-its: Prevent double free on error
arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 Puma
btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker together
tracing: Show size of requested perf buffer
Revert "crypto: api - Disallow identical driver names"
drm/amdgpu: validate the parameters of bo mapping operations more clearly
amdgpu: validate offset_in_bo of drm_amdgpu_gem_va
drm/amdgpu: restrict bo mapping within gpu address limits
serial: mxs-auart: add spinlock around changing cts state
serial: core: Provide port lock wrappers
i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
ipvs: Fix checksumming on GSO of SCTP packets
bpf: fix bpf_skb_adjust_net/bpf_skb_proto_xlat to deal with gso sctp skbs
docs: segmentation-offloads.txt: add SCTP info
net: gtp: Fix Use-After-Free in gtp_dellink
net: usb: ax88179_178a: stop lying about skb->truesize
NFC: trf7970a: disable all regulators on removal
mlxsw: core: Unregister EMAD trap using FORWARD action
vxlan: drop packets from invalid src-address
ARC: [plat-hsdk]: Remove misplaced interrupt-cells property
arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for RK3399 Puma
arm64: dts: rockchip: fix alphabetical ordering RK3399 puma
nilfs2: fix OOB in nilfs_set_de_type
fs: sysfs: Fix reference leak in sysfs_break_active_protection()
speakup: Avoid crash on very long word
usb: dwc2: host: Fix dereference issue in DDMA completion flow.
Revert "usb: cdc-wdm: close race between read and workqueue"
USB: serial: option: add Telit FN920C04 rmnet compositions
USB: serial: option: add Rolling RW101-GL and RW135-GL support
USB: serial: option: support Quectel EM060K sub-models
USB: serial: option: add Lonsung U8300/U9300 product
USB: serial: option: add support for Fibocom FM650/FG650
USB: serial: option: add Fibocom FM135-GL variants
serial/pmac_zilog: Remove flawed mitigation for rx irq flood
comedi: vmk80xx: fix incomplete endpoint checking
drm: nv04: Fix out of bounds access
tun: limit printing rate when illegal packet received by tun dev
netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()
netfilter: nf_tables: __nft_expr_type_get() selects specific family type
Revert "tracing/trigger: Fix to return error if failed to alloc snapshot"
kprobes: Fix possible use-after-free issue on kprobe registration
selftests/ftrace: Limit length in subsystem-enable tests
x86/apic: Force native_apic_mem_read() to use the MOV instruction
selftests: timers: Fix abs() warning in posix_timers test
vhost: Add smp_rmb() in vhost_vq_avail_empty()
tracing: hide unused ftrace_event_id_fops
net/mlx5: Properly link new fs rules into the tree
ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr
ipv4/route: avoid unused-but-set-variable warning
geneve: fix header validation in geneve[6]_xmit_skb
nouveau: fix function cast warning
Bluetooth: Fix memory leak in hci_req_sync_complete()
batman-adv: Avoid infinite loop trying to resize local TT
LTS: Update to 4.14.345
net: check vlan filter feature in vlan_vids_add_by_dev() and vlan_vids_del_by_dev()
Revert "net: check vlan filter feature in vlan_vids_add_by_dev() and vlan_vids_del_by_dev()"
netfilter: nftables: exthdr: fix 4-byte stack OOB write
ext4: fix to check return value of freeze_bdev() in ext4_shutdown()
Revert "ext4: fix to check return value of freeze_bdev() in ext4_shutdown()"
VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler()
Bluetooth: btintel: Fixe build regression
x86/mm/pat: fix VM_PAT handling in COW mappings
virtio: reenable config if freezing device failed
tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
fbmon: prevent division by zero in fb_videomode_from_videomode()
fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2
usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined
tools: iio: replace seekdir() in iio_generic_buffer
block: prevent division by zero in blk_rq_stat_sum()
SUNRPC: increase size of rpc_wait_queue.qlen from unsigned short to unsigned int
media: sta2x11: fix irq handler cast
isofs: handle CDs with bad root inode but good Joliet root directory
scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()
sysv: don't call sb_bread() with pointers_lock held
Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails
Bluetooth: btintel: Fix null ptr deref in btintel_read_version
btrfs: send: handle path ref underflow in header iterate_inode_ref()
btrfs: export: handle invalid inode or root reference in btrfs_get_parent()
btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()
tools/power x86_energy_perf_policy: Fix file leak in get_pkg_num()
arm64: dts: rockchip: fix rk3399 hdmi ports node
VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
wifi: ath9k: fix LNA selection in ath_ant_try_scan()
ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone
ata: sata_mv: Fix PCI device ID table declaration compilation warning
ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit
ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw
init: open /initrd.image with O_LARGEFILE
staging: vc04_services: fix information leak in create_component()
staging: vc04_services: changen strncpy() to strscpy_pad()
staging: mmal-vchiq: Fix client_component for 64 bit kernel
staging: mmal-vchiq: Allocate and free components as required
staging: mmal-vchiq: Avoid use of bool in structures
ipv6: Fix infinite recursion in fib6_dump_done().
selftests: reuseaddr_conflict: add missing new line at the end of the output
net/sched: act_skbmod: prevent kernel-infoleak
net: stmmac: fix rx queue priority assignment
net: stmmac: Fix issues when number of Queues >= 4
mm, vmscan: prevent infinite loop for costly GFP_NOIO | __GFP_RETRY_MAYFAIL allocations
Revert "x86/mm/ident_map: Use gbpages only where full GB page should be mapped."
netfilter: nf_tables: disallow timeout for anonymous sets
Bluetooth: Fix TOCTOU in HCI debugfs implementation
Bluetooth: hci_event: set the conn encrypted before conn establishes
tcp: properly terminate timers for kernel sockets
mptcp: add sk_stop_timer_sync helper
nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
USB: core: Fix deadlock in usb_deauthorize_interface()
scsi: lpfc: Correct size for wqe for memset()
x86/cpu: Enable STIBP on AMD if Automatic IBRS is enabled
scsi: qla2xxx: Fix command flush on cable pull
usb: udc: remove warning when queue disabled ep
usb: dwc2: host: Fix ISOC flow in DDMA mode
usb: dwc2: host: Fix hibernation flow
powerpc: xor_vmx: Add '-mhard-float' to CFLAGS
efivarfs: Request at most 512 bytes for variable names
perf/core: Fix reentry problem in perf_output_read_group()
loop: Call loop_config_discard() only after new config is applied
Revert "loop: Check for overflow while configuring loop"
btrfs: allocate btrfs_ioctl_defrag_range_args on stack
btrfs: add define for oldest generation
printk: Update @console_may_schedule in console_trylock_spinning()
fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion
ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs
ALSA: aica: Fix a long-time build breakage
ALSA: sh: aica: Convert timers to use timer_setup()
usb: cdc-wdm: close race between read and workqueue
USB: cdc-wdm: Fix use after free in service_outstanding_interrupt().
exec: Fix NOMMU linux_binprm::exec in transfer_args_to_stack()
wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes
mm/migrate: set swap entry values of THP tail pages properly.
mm/memory-failure: fix an incorrect use of tail pages
vt: fix memory overlapping when deleting chars in the buffer
tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled
usb: port: Don't try to peer unused USB ports based on location
usb: gadget: ncm: Fix handling of zero block length packets
USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command
ALSA: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897 platform
xfrm: Avoid clang fortify warning in copy_to_user_tmpl()
netfilter: nf_tables: reject constant set with timeout
netfilter: nf_tables: disallow anonymous set with timeout flag
comedi: comedi_test: Prevent timers rescheduling during deletion
ahci: asm1064: asm1166: don't limit reported ports
ahci: asm1064: correct count of reported ports
nilfs2: prevent kernel bug at submit_bh_wbc()
nilfs2: use a more common logging style
nilfs2: fix failure to detect DAT corruption in btree and direct mappings
memtest: use {READ,WRITE}_ONCE in memory scanning
drm/vc4: hdmi: do not return negative values from .get_modes()
drm/imx/ipuv3: do not return negative values from .get_modes()
s390/zcrypt: fix reference counting on zcrypt card objects
soc: fsl: qbman: Use raw spinlock for cgr_lock
soc: fsl: qbman: Add CGR update function
soc: fsl: qbman: Add helper for sanity checking cgr ops
soc: fsl: qbman: Always disable interrupts when taking cgr_lock
vfio/platform: Disable virqfds on cleanup
kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1
speakup: Fix 8bit characters from direct synth
ext4: fix corruption during on-line resize
hwmon: (amc6821) add of_match table
mmc: core: Fix switch on gp3 partition
dm-raid: fix lockdep waring in "pers->hot_add_disk"
Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d""
PCI/PM: Drain runtime-idle callbacks before driver removal
PCI: Drop pci_device_remove() test of pci_dev->driver
fuse: don't unhash root
mmc: tmio: avoid concurrent runs of mmc_request_done()
PM: sleep: wakeirq: fix wake irq warning in system suspend
USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M
USB: serial: option: add MeiG Smart SLM320 product
USB: serial: cp210x: add ID for MGP Instruments PDS100
USB: serial: add device ID for VeriFone adapter
USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB
powerpc/fsl: Fix mfpmr build errors with newer binutils
clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays
clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays
PM: suspend: Set mem_sleep_current during kernel command line setup
parisc: Strip upper 32 bit of sum in csum_ipv6_magic for 64-bit builds
parisc: Fix csum_ipv6_magic on 64-bit systems
parisc: Fix csum_ipv6_magic on 32-bit systems
parisc: Fix ip_fast_csum
parisc: Do not hardcode registers in checksum functions
ubi: correct the calculation of fastmap size
ubi: Check for too small LEB size in VTBL code
ubifs: Set page uptodate in the correct place
fat: fix uninitialized field in nostale filehandles
crypto: qat - resolve race condition during AER recovery
crypto: qat - fix double free during reset
sparc64: NMI watchdog: fix return value of __setup handler
KVM: Always flush async #PF workqueue when vCPU is being destroyed
media: xc4000: Fix atomicity violation in xc4000_get_frequency
arm: dts: marvell: Fix maxium->maxim typo in brownstone dts
ARM: dts: mmp2-brownstone: Don't redeclare phandle references
smack: Handle SMACK64TRANSMUTE in smack_inode_setsecurity()
smack: Set SMACK64TRANSMUTE only for dirs in smack_inode_setxattr()
wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
x86/bugs: Use sysfs_emit()
x86/pti: Don't report XenPV as vulnerable
x86/cpu: Support AMD Automatic IBRS
Documentation/hw-vuln: Update spectre doc
LTS: Update to 4.14.344
binder: signal epoll threads of self-work
ANDROID: binder: Add thread->process_todo flag.
scsi: bnx2fc: Fix skb double free in bnx2fc_rcv()
scsi: bnx2fc: Remove set but not used variable 'oxid'
net: check dev->gso_max_size in gso_features_check()
driver: staging: count ashmem_range into SLAB_RECLAIMBLE
net: warn if gso_type isn't set for a GSO SKB
staging: android: ashmem: Remove use of unlikely()
ALSA: hda/realtek: Enable headset on Lenovo M90 Gen5
ALSA: hda/realtek: Enable headset onLenovo M70/M90
ALSA: hda/realtek: Add quirk for Lenovo TianYi510Pro-14IOB
ALSA: hda/realtek - ALC897 headset MIC no sound
ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform
ALSA: hda/realtek: Fix the mic type detection issue for ASUS G551JW
ALSA: hda/realtek - The front Mic on a HP machine doesn't work
ALSA: hda/realtek - Enable the headset of Acer N50-600 with ALC662
ALSA: hda/realtek - Enable headset mic of Acer X2660G with ALC662
ALSA: hda/realtek - Add Headset Mic supported for HP cPC
ALSA: hda/realtek - More constifications
Add Acer Aspire Ethos 8951G model quirk
devcoredump: Send uevent once devcd is ready
devcoredump : Serialize devcd_del work
netfilter: xt_owner: Fix for unsafe access of sk->sk_socket
netfilter: xt_owner: Add supplementary groups option
mtd: cfi_cmdset_0001: Byte swap OTP info
mtd: cfi_cmdset_0001: Support the absence of protection registers
s390/cmma: fix detection of DAT pages
s390/mm: fix phys vs virt confusion in mark_kernel_pXd() functions family
ALSA: hda/realtek: Headset Mic VREF to 100%
hfsplus: unmap the page in the "fail_page" label
ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS
ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887
ALSA: hda/realtek - Add quirk for Tuxedo XC 1509
ALSA: hda/realtek - Headset microphone and internal speaker support for System76 oryp5
ALSA: hda/realtek - Clevo P950ER ALC1220 Fixup
ALSA: hda/realtek - Add support for ALC1220
hv_netvsc: Fix race of register_netdevice_notifier and VF register
hv_netvsc: use reciprocal divide to speed up percent calculation
pwm: sti: Reduce number of allocations and drop usage of chip_data
pwm: sti: Avoid conditional gotos
tools: iio: iio_generic_buffer ensure alignment
tools: iio: iio_generic_buffer: Fix some integer type and calculation
tools: iio: privatize globals and functions in iio_generic_buffer.c file
leds: trigger: ledtrig-cpu:: Fix 'output may be truncated' issue for 'cpu'
ledtrig-cpu: Limit to 8 CPUs
leds: pwm: Don't disable the PWM when the LED should be off
leds: pwm: convert to atomic PWM API
leds: pwm: simplify if condition
regmap: debugfs: Fix a erroneous check after snprintf()
regmap: Allow missing device in regmap_name_read_file()
tcp_metrics: add missing barriers on delete
tcp: batch tcp_net_metrics_exit
tcp: fix excessive TLP and RACK timeouts from HZ rounding
tcp: Namespace-ify sysctl_tcp_early_retrans
net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()
ata: libata-core: Do not register PM operations for SAS ports
libata: make ata_port_type const
libata: Add new med_power_with_dipm link_power_management_policy setting
ALSA: hda: Disable power save for solving pop issue on Lenovo ThinkCentre M70q
ALSA: hda - add Lenovo IdeaCentre B550 to the power_save_blacklist
ALSA: hda: Add Intel NUC7i3BNB to the power_save blacklist
ext4: mark group as trimmed only if it was fully scanned
ext4: add new helper interface ext4_try_to_trim_range()
ext4: remove the 'group' parameter of ext4_trim_extent
scsi: qla2xxx: Remove unsupported ql2xenabledif option
scsi: qla2xxx: Add protection mask module parameters
scsi: qla2xxx: Add option for use reserve exch for ELS
scsi: qla2xxx: Reinstate module parameter ql2xenablemsix
scsi: lpfc: remove redundant null check on eqe
usb: typec: tcpci: clear the fault status bit
usb: typec: add fwnode to tcpc
staging: typec: fix endianness mismatch identified by sparse
staging: typec: tcpm: Document data structures
serial: sc16is7xx: fix broken port 0 uart init
sc16is7xx: Set iobase to device index
dlm: fix plock lookup when using multiple lockspaces
drm/tegra: dpaux: Fix incorrect return value of platform_get_irq
drm/tegra: Remove superfluous error messages around platform_get_irq()
ARM: dts: BCM53573: Drop nonexistent #usb-cells
ARM: dts: BCM5301X: Harmonize EHCI/OHCI DT nodes name
wifi: ath9k: fix races between ath9k_wmi_cmd and ath9k_wmi_ctrl_rx
ath9k: use irqsave() in USB's complete callback
wifi: mwifiex: fix error recovery in PCIE buffer descriptor management
mwifiex: switch from 'pci_' to 'dma_' API
mwifiex: drop 'set_consistent_dma_mask' log message
bonding: fix macvlan over alb bond support
net: remove bond_slave_has_mac_rcu()
fbdev: fix potential OOB read in fast_imageblit()
fbdev: Fix sys_imageblit() for arbitrary image widths
fbdev: Improve performance of sys_imageblit()
tty: serial: fsl_lpuart: add earlycon for imx8ulp platform
Revert "tty: serial: fsl_lpuart: drop earlycon entry for i.MX8QXP"
MIPS: cpu-features: Use boot_cpu_type for CPU type based features
MIPS: cpu-features: Enable octeon_cache by cpu_type
fs: dlm: fix mismatch of plock results from userspace
fs: dlm: use dlm_plock_info for do_unlock_close
fs: dlm: change plock interrupted message to debug again
fs: dlm: add pid to debug log
dlm: replace usage of found with dedicated list iterator variable
dlm: improve plock logging if interrupted
nfsd: Remove incorrect check in nfsd4_validate_stateid
nfsd4: kill warnings on testing stateids with mismatched clientids
mmc: meson-gx: remove redundant mmc_request_done() call from irq context
mmc: meson-gx: remove useless lock
PM: sleep: wakeirq: fix wake irq arming
PM / wakeirq: support enabling wake-up irq after runtime_suspend called
scsi: zfcp: Defer fc_rport blocking until after ADISC response
scsi: zfcp: workqueue: set description for port work items with their WWPN as context
btrfs: check for commit error at btrfs_attach_transaction_barrier()
btrfs: simplify IS_ERR/PTR_ERR checks
fs: dlm: interrupt posix locks only when process is killed
dlm: rearrange async condition return
dlm: cleanup plock_op vs plock_xop
ext4: Fix reusing stale buffer heads from last failed mounting
ext4: rename journal_dev to s_journal_dev inside ext4_sb_info
tcp: annotate data-races around tp->linger2
net: Replace the limit of TCP_LINGER2 with TCP_FIN_TIMEOUT_MAX
ceph: don't let check_caps skip sending responses for revoke msgs
ceph: define argument structure for handle_cap_grant
net: bcmgenet: Ensure MDIO unregistration has clocks enabled
net: bcmgenet: Avoid calling platform_device_put() twice in bcmgenet_mii_exit()
net: tcp_input: Neaten DBGUNDO
i2c: xiic: Don't try to handle more interrupt events after error
i2c: xiic: Defer xiic_wakeup() and __xiic_start_xfer() in xiic_process()
i2c: xiic: Fix broken locking on tx_msg
i2c: xiic: Change code alignment to 1 space only
i2c: xiic: Add timeout to the rx fifo wait loop
i2c: xiic: Fix kerneldoc warnings
hwrng: virtio - Fix race on data_avail and actual data
hwrng: virtio - always add a pending request
hwrng: virtio - don't waste entropy
hwrng: virtio - don't wait on cleanup
hwrng: virtio - add an internal buffer
nfc: llcp: fix possible use of uninitialized variable in nfc_llcp_send_connect()
nfc: constify several pointers to u8, char and sk_buff
irqchip/jcore-aic: Fix missing allocation of IRQ descriptors
irqchip/jcore-aic: Kill use of irq_create_strict_mappings()
Documentation: fix little inconsistencies
usb: musb: fix MUSB_QUIRK_B_DISCONNECT_99 handling
net/rose: fix races in rose_kill_by_device()
reset: Fix crash when freeing non-existent optional resets
ksmbd: fix wrong name of SMB2_CREATE_ALLOCATION_SIZE
PCI: keystone: Don't discard .probe() callback
PCI: keystone: Don't discard .remove() callback
can: dev: can_restart(): fix race condition between controller restart and netif_carrier_on()
can: dev: can_restart(): don't crash kernel if carrier is OK
r8169: fix the KCSAN reported data-race in rtl_tx while reading TxDescArray[entry].opts1
xen-netback: use default TX queue size for vifs
MIPS: Alchemy: only build mmc support helpers if au1xmmc is enabled
arm64: dts: qcom: msm8996: Add missing interrupt to the USB2 controller
sched/rt: pick_next_rt_entity(): check list_entry
regmap: Account for register length in SMBus I/O limits
x86/topology: Fix erroneous smp_num_siblings on Intel Hybrid platforms
ASoC: cs42l51: fix driver to properly autoload with automatic module loading
PCI: qcom: Disable write access to read only registers for IP v2.3.3
pinctrl: amd: Only use special debounce behavior for GPIO 0
IB/hfi1: Fix sdma.h tx->num_descs off-by-one error
usb: fotg210-hcd: delete an incorrect bounds test
smb: client: fix OOB in smbCalcSize()
btrfs: do not allow non subvolume root targets for snapshot
pinctrl: at91-pio4: use dedicated lock class for IRQ
net: check vlan filter feature in vlan_vids_add_by_dev() and vlan_vids_del_by_dev()
arm64: dts: mediatek: mt8173-evb: Fix regulator-fixed node names
IB/isert: Fix unaligned immediate-data handling
fbdev: stifb: Make the STI next font pointer a 32-bit signed offset
smb3: fix touch -h of symlink
MIPS: KVM: Fix a build warning about variable set but not used
cifs: spnego: add ';' in HOST_KEY_LEN
macvlan: Don't propagate promisc change to lower dev in passthru
ppp: limit MRU to 64K
ptp: annotate data-race around q->head and q->tail
xen/events: fix delayed eoi list handling
tipc: Fix kernel-infoleak due to uninitialized TLV value
tty: Fix uninit-value access in ppp_sync_receive()
iio: exynos-adc: request second interupt only when touchscreen mode is used
selftests/ftrace: Add new test case which checks non unique symbol
media: v4l2-fwnode: fix v4l2_fwnode_parse_link handling
block: fix signed int overflow in Amiga partition support
iio: addac: stx104: Fix race condition for stx104_write_raw()
ext4: fix to check return value of freeze_bdev() in ext4_shutdown()
btrfs: fix extent buffer leak after tree mod log failure at split_node()
pinctrl: amd: Detect internal GPIO0 debounce handling
ALSA: jack: Fix mutex call in snd_jack_report()
IB/hfi1: Fix sdma.h tx->num_descs off-by-one errors
ARM: 9303/1: kprobes: avoid missing-declaration warnings
LTS: Update to 4.14.343
crypto: af_alg - Work around empty control messages without MSG_MORE
crypto: af_alg - Fix regression on empty requests
spi: spi-mt65xx: Fix NULL pointer access in interrupt handler
net/bnx2x: Prevent access to a freed page in page_pool
hsr: Handle failures in module init
rds: introduce acquire/release ordering in acquire/release_in_xmit()
hsr: Fix uninit-value access in hsr_get_node()
net: hsr: fix placement of logical operator in a multi-line statement
usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin
staging: greybus: fix get_channel_from_mode() failure path
serial: 8250_exar: Don't remove GPIO device on suspend
rtc: mt6397: select IRQ_DOMAIN instead of depending on it
rtc: mediatek: enhance the description for MediaTek PMIC based RTC
tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT
serial: max310x: fix syntax error in IRQ error message
clk: qcom: gdsc: Add support to update GDSC transition delay
NFS: Fix an off by one in root_nfs_cat()
net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr()
scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn
scsi: csiostor: Avoid function pointer casts
ALSA: usb-audio: Stop parsing channels bits when all channels are found.
sparc32: Fix section mismatch in leon_pci_grpci
backlight: lp8788: Fully initialize backlight_properties during probe
backlight: lm3639: Fully initialize backlight_properties during probe
backlight: da9052: Fully initialize backlight_properties during probe
backlight: lm3630a: Don't set bl->props.brightness in get_brightness
backlight: lm3630a: Initialize backlight_properties on init
powerpc/embedded6xx: Fix no previous prototype for avr_uart_send() etc.
powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks
drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip
media: go7007: fix a memleak in go7007_load_encoder
media: dvb-frontends: avoid stack overflow warnings with clang
media: pvrusb2: fix uaf in pvr2_context_set_notify
drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int()
mtd: rawnand: lpc32xx_mlc: fix irq handler prototype
crypto: arm/sha - fix function cast warnings
crypto: arm - Rename functions to avoid conflict with crypto/sha256.h
mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref
drm/tegra: put drm_gem_object ref on error in tegra_fb_create
clk: hisilicon: hi3519: Release the correct number of gates in hi3519_clk_unregister()
PCI: Mark 3ware-9650SE Root Port Extended Tags as broken
drm/mediatek: dsi: Fix DSI RGB666 formats and definitions
media: pvrusb2: fix pvr2_stream_callback casts
media: go7007: add check of return value of go7007_read_addr()
ALSA: seq: fix function cast warnings
drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode()
perf thread_map: Free strlist on normal path in thread_map__new_by_tid_str()
quota: Fix rcu annotations of inode dquot pointers
quota: Fix potential NULL pointer dereference
quota: simplify drop_dquot_ref()
quota: check time limit when back out space/inode change
fs/quota: erase unused but set variable warning
quota: code cleanup for __dquot_alloc_space()
clk: qcom: reset: Ensure write completion on reset de/assertion
clk: qcom: reset: Commonize the de/assert functions
clk: qcom: reset: support resetting multiple bits
clk: qcom: reset: Allow specifying custom reset delay
media: edia: dvbdev: fix a use-after-free
media: dvb-core: Fix use-after-free due to race at dvb_register_device()
media: dvbdev: convert DVB device types into an enum
media: dvbdev: fix error logic at dvb_register_device()
media: dvbdev: Fix memleak in dvb_register_device
media: media/dvb: Use kmemdup rather than duplicating its implementation
media: dvbdev: remove double-unlock
media: v4l2-tpg: fix some memleaks in tpg_alloc
media: em28xx: annotate unchecked call to media_device_register()
media: tc358743: register v4l2 async device only after successful setup
drm: Don't treat 0 as -1 in drm_fixp2int_ceil
drm/rockchip: inno_hdmi: Fix video timing
drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path of tegra_dsi_probe()
drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe()
drm/tegra: dsi: Make use of the helper function dev_err_probe()
gpu: host1x: mipi: Update tegra_mipi_request() to be node based
drm/tegra: dsi: Add missing check for of_find_device_by_node
dm: call the resume method on internal suspend
dm raid: fix false positive for requeue needed during reshape
net/x25: fix incorrect parameter validation in the x25_getsockopt() function
net: kcm: fix incorrect parameter validation in the kcm_getsockopt) function
udp: fix incorrect parameter validation in the udp_lib_getsockopt() function
l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function
tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function
ipv6: fib6_rules: flush route cache when rule is changed
bpf: Fix stackmap overflow check on 32-bit arches
bpf: Fix hashtab overflow check on 32-bit arches
sr9800: Add check for usbnet_get_endpoints
Bluetooth: hci_core: Fix possible buffer overflow
Bluetooth: Remove superfluous call to hci_conn_check_pending()
igb: Fix missing time sync events
igb: move PEROUT and EXTTS isr logic to separate functions
mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove function
SUNRPC: fix some memleaks in gssx_dec_option_array
x86, relocs: Ignore relocations in .notes section
ACPI: scan: Fix device check notification handling
ARM: dts: arm: realview: Fix development chip ROM compatible value
wifi: brcmsmac: avoid function pointer casts
iommu/amd: Mark interrupt as managed
bus: tegra-aconnect: Update dependency to ARCH_TEGRA
ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()
wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()
af_unix: Annotate data-race of gc_in_progress in wait_for_unix_gc().
sock_diag: annotate data-races around sock_diag_handlers[family]
sock_diag: request _diag module only when the family or proto has been registered
wifi: mwifiex: debugfs: Drop unnecessary error check for debugfs_create_dir()
wifi: b43: Disable QoS for bcm4331
wifi: b43: Stop correct queue in DMA worker when QoS is disabled
b43: main: Fix use true/false for bool type
wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled
wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled
b43: dma: Fix use true/false for bool type variable
timekeeping: Fix cross-timestamp interpolation for non-x86
timekeeping: Fix cross-timestamp interpolation corner case decision
timekeeping: Fix cross-timestamp interpolation on counter wrap
aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
md: Don't clear MD_CLOSING when the raid is about to stop
md: implement ->set_read_only to hook into BLKROSET processing
block: add a new set_read_only method
md: switch to ->check_events for media change notifications
fs/select: rework stack allocation hack for clang
do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
crypto: algif_aead - Only wake up when ctx->more is zero
crypto: af_alg - make some functions static
ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll
ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode
ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC
Input: gpio_keys_polled - suppress deferred probe error for gpio
firewire: core: use long bus reset on gap count error
Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
scsi: mpt3sas: Prevent sending diag_reset when the controller is ready
dm-verity, dm-crypt: align "struct bvec_iter" correctly
block: sed-opal: handle empty atoms when parsing response
net/iucv: fix the allocation size of iucv_path_table array
MIPS: Clear Cause.BD in instruction_pointer_set
x86/xen: Add some null pointer checking to smp.c
x86/xen: Fix memory leak in xen_smp_intr_init{_pv}()
xen/events: only register debug interrupt for 2-level events
LTS: Update to 4.14.342
selftests/vm: fix map_hugetlb length used for testing read and write
selftests/vm: fix display of page size in map_hugetlb
getrusage: use sig->stats_lock rather than lock_task_sighand()
getrusage: use __for_each_thread()
getrusage: move thread_group_cputime_adjusted() outside of lock_task_sighand()
getrusage: add the "signal_struct *sig" local variable
hv_netvsc: use netif_is_bond_master() instead of open code
um: allow not setting extra rpaths in the linux binary
selftests: mm: fix map_hugetlb failure on 64K page size systems
tools/selftest/vm: allow choosing mem size and page size in map_hugetlb
netrom: Fix data-races around sysctl_net_busy_read
netrom: Fix a data-race around sysctl_netrom_link_fails_count
netrom: Fix a data-race around sysctl_netrom_routing_control
netrom: Fix a data-race around sysctl_netrom_transport_no_activity_timeout
netrom: Fix a data-race around sysctl_netrom_transport_requested_window_size
netrom: Fix a data-race around sysctl_netrom_transport_busy_delay
netrom: Fix a data-race around sysctl_netrom_transport_acknowledge_delay
netrom: Fix a data-race around sysctl_netrom_transport_maximum_tries
netrom: Fix a data-race around sysctl_netrom_transport_timeout
netrom: Fix data-races around sysctl_netrom_network_ttl_initialiser
netrom: Fix a data-race around sysctl_netrom_obsolescence_count_initialiser
netrom: Fix a data-race around sysctl_netrom_default_path_quality
netfilter: nf_conntrack_h323: Add protection for bmp length out of range
netfilter: nf_ct_h323: Extend nf_h323_error_boundary to work on bits as well
netfilter: nf_ct_h323: Convert CHECK_BOUND macro to function
netfilter: nf_ct_h323: Out Of Bound Read in Netfilter Conntrack
netfilter: nf_conntrack_h323: Remove typedef struct
geneve: make sure to pull inner header in geneve_rx()
net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb
net: move definition of pcpu_lstats to header file
net: lan78xx: fix runtime PM count underflow on link stop
lan78xx: Fix race conditions in suspend/resume handling
lan78xx: Fix partial packet errors on suspend/resume
lan78xx: Add missing return code checks
lan78xx: Fix white space and style issues
net: usb: lan78xx: Remove lots of set but unused 'ret' variables
net: usb: lan78xx: Disable interrupts before calling generic_handle_irq()
net: lan78xx: Allow for VLAN headers in timeout calcs
ip: validate header length on virtual device xmit
LTS: Update to 4.14.341
gpio: 74x164: Enable output pins after registers are reset
cachefiles: fix memory leak in cachefiles_add_cache()
mmc: core: Fix eMMC initialization with 1-bit bus connection
btrfs: dev-replace: properly validate device names
wifi: nl80211: reject iftype change with mesh ID change
gtp: fix use-after-free and null-ptr-deref in gtp_newlink()
ALSA: Drop leftover snd-rtctimer stuff from Makefile
power: supply: bq27xxx-i2c: Do not free non existing IRQ
efi/capsule-loader: fix incorrect allocation size
Bluetooth: Enforce validation on max value of connection interval
Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST
Bluetooth: Avoid potential use-after-free in hci_error_reset
net: usb: dm9601: fix wrong return value in dm9601_mdio_read
lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected
netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
Conflicts:
drivers/android/binder.c
drivers/block/loop.c
drivers/mmc/host/meson-gx-mmc.c
drivers/staging/typec/tcpm.h
drivers/usb/typec/tcpm/tcpm.c
fs/aio.c
fs/select.c
include/net/netns/ipv4.h
mm/page_alloc.c
net/core/filter.c
net/ipv4/sysctl_net_ipv4.c
net/ipv4/tcp_ipv4.c
sound/usb/stream.c
Change-Id: I90aff1a1b88379a959c6dda1c89e5efb48af5450
|
||
|
Danny Lin
|
5d98800fe6 |
dtc: Silence warnings
Signed-off-by: Danny Lin <danny@kdrag0n.dev> Change-Id: I3e7cca00d5f9b1e9866a5948beea1b60ac317416 |
||
|
Nathan Chancellor
|
49362eca81 |
kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1
[ Upstream commit 75b5ab134bb5f657ef7979a59106dce0657e8d87 ]
Clang enables -Wenum-enum-conversion and -Wenum-compare-conditional
under -Wenum-conversion. A recent change in Clang strengthened these
warnings and they appear frequently in common builds, primarily due to
several instances in common headers but there are quite a few drivers
that have individual instances as well.
include/linux/vmstat.h:508:43: warning: arithmetic between different enumeration types ('enum zone_stat_item' and 'enum numa_stat_item') [-Wenum-enum-conversion]
508 | return vmstat_text[NR_VM_ZONE_STAT_ITEMS +
| ~~~~~~~~~~~~~~~~~~~~~ ^
509 | item];
| ~~~~
drivers/net/wireless/intel/iwlwifi/mvm/mac-ctxt.c:955:24: warning: conditional expression between different enumeration types ('enum iwl_mac_beacon_flags' and 'enum iwl_mac_beacon_flags_v1') [-Wenum-compare-conditional]
955 | flags |= is_new_rate ? IWL_MAC_BEACON_CCK
| ^ ~~~~~~~~~~~~~~~~~~
956 | : IWL_MAC_BEACON_CCK_V1;
| ~~~~~~~~~~~~~~~~~~~~~
drivers/net/wireless/intel/iwlwifi/mvm/mac-ctxt.c:1120:21: warning: conditional expression between different enumeration types ('enum iwl_mac_beacon_flags' and 'enum iwl_mac_beacon_flags_v1') [-Wenum-compare-conditional]
1120 | 0) > 10 ?
| ^
1121 | IWL_MAC_BEACON_FILS :
| ~~~~~~~~~~~~~~~~~~~
1122 | IWL_MAC_BEACON_FILS_V1;
| ~~~~~~~~~~~~~~~~~~~~~~
Doing arithmetic between or returning two different types of enums could
be a bug, so each of the instance of the warning needs to be evaluated.
Unfortunately, as mentioned above, there are many instances of this
warning in many different configurations, which can break the build when
CONFIG_WERROR is enabled.
To avoid introducing new instances of the warnings while cleaning up the
disruption for the majority of users, disable these warnings for the
default build while leaving them on for W=1 builds.
Cc: stable@vger.kernel.org
Closes: https://github.com/ClangBuiltLinux/linux/issues/2002
Link:
|
||
|
Michael Bestas
|
769a5055e3 |
Merge tag 'ASB-2024-01-05_4.14-stable' of https://android.googlesource.com/kernel/common into android-msm-pixel-4.14
https://source.android.com/docs/security/bulletin/2024-01-01 * tag 'ASB-2024-01-05_4.14-stable' of https://android.googlesource.com/kernel/common: Linux 4.14.335 block: Don't invalidate pagecache for invalid falloc modes dm-integrity: don't modify bio's immutable bio_vec in integrity_metadata() net: rfkill: gpio: set GPIO direction net: 9p: avoid freeing uninit memory in p9pdu_vreadf Bluetooth: hci_event: Fix not checking if HCI_OP_INQUIRY has been sent USB: serial: option: add Quectel RM500Q R13 firmware support USB: serial: option: add Foxconn T99W265 with new baseline USB: serial: option: add Quectel EG912Y module support USB: serial: ftdi_sio: update Actisense PIDs constant names wifi: cfg80211: fix certs build to not depend on file order wifi: cfg80211: Add my certificate iio: common: ms_sensors: ms_sensors_i2c: fix humidity conversion time table Input: ipaq-micro-keys - add error handling for devm_kmemdup iio: imu: inv_mpu6050: fix an error code problem in inv_mpu6050_read_raw ethernet: atheros: fix a memleak in atl1e_setup_ring_resources net: sched: ife: fix potential use-after-free wifi: mac80211: mesh_plink: fix matches_local logic s390/vx: fix save/restore of fpu kernel context ARM: OMAP2+: Fix null pointer dereference and memory leak in omap_soc_device_init Linux 4.14.334 powerpc/ftrace: Fix stack teardown in ftrace_no_trace powerpc/ftrace: Create a dummy stackframe to fix stack unwind ring-buffer: Fix memory leak of free page team: Fix use-after-free when an option instance allocation fails ext4: prevent the normalized size from exceeding EXT_MAX_BLOCKS HID: hid-asus: add const to read-only outgoing usb buffer net: usb: qmi_wwan: claim interface 4 for ZTE MF290 asm-generic: qspinlock: fix queued_spin_value_unlocked() implementation HID: multitouch: Add quirk for HONOR GLO-GXXX touchpad HID: hid-asus: reset the backlight brightness level on resume platform/x86: intel_telemetry: Fix kernel doc descriptions bcache: add code comments for bch_btree_node_get() and __bch_btree_node_alloc() blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock required!" cred: switch to using atomic_long_t appletalk: Fix Use-After-Free in atalk_ioctl vsock/virtio: Fix unsigned integer wrap around in virtio_transport_has_space() sign-file: Fix incorrect return values check net: Remove acked SYN flag from packet in the transmit queue correctly qed: Fix a potential use-after-free in qed_cxt_tables_alloc net/rose: Fix Use-After-Free in rose_ioctl atm: Fix Use-After-Free in do_vcc_ioctl atm: solos-pci: Fix potential deadlock on &tx_queue_lock atm: solos-pci: Fix potential deadlock on &cli_queue_lock qca_spi: Fix reset behavior qca_debug: Fix ethtool -G iface tx behavior qca_debug: Prevent crash on TX ring changes ANDROID: Snapshot Mainline's version of checkpatch.pl Linux 4.14.333 drop_monitor: Require 'CAP_SYS_ADMIN' when joining "events" group psample: Require 'CAP_NET_ADMIN' when joining "packets" group genetlink: add CAP_NET_ADMIN test for multicast bind netlink: don't call ->netlink_bind with table lock held nilfs2: fix missing error check for sb_set_blocksize call KVM: s390/mm: Properly reset no-dat serial: 8250_omap: Add earlycon support for the AM654 UART controller serial: sc16is7xx: address RX timeout interrupt errata parport: Add support for Brainboxes IX/UC/PX parallel cards packet: Move reference count in packet_sock to atomic_long_t tracing: Fix a possible race when disabling buffered events tracing: Fix incomplete locking when disabling buffered events tracing: Always update snapshot buffer size nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage() ALSA: pcm: fix out-of-bounds in snd_pcm_state_names scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() tracing: Fix a warning when allocating buffered events fails hwmon: (acpi_power_meter) Fix 4.29 MW bug RDMA/bnxt_re: Correct module description string tcp: do not accept ACK of bytes we never sent net: hns: fix fake link up on xge port drm/amdgpu: correct chunk_ptr to a pointer to chunk. tg3: Increment tx_dropped in tg3_tso_bug() tg3: Move the [rt]x_dropped counters to tg3_napi Linux 4.14.332 driver core: Release all resources during unbind before updating device links net: ravb: Start TX queues after HW initialization succeeded ravb: Fix races between ravb_tx_timeout_work() and net related ops ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet btrfs: send: ensure send_fd is writable btrfs: fix off-by-one when checking chunk map includes logical address powerpc: Don't clobber f0/vs0 during fp|altivec register save dm verity: don't perform FEC for failed readahead IO dm-verity: align struct dm_verity_fec_io properly firewire: core: fix possible memory leak in create_units() pinctrl: avoid reload of p state in list iteration usb: dwc3: set the dma max_seg_size USB: serial: option: don't claim interface 4 for ZTE MF290 USB: serial: option: fix FM101R-GL defines USB: serial: option: add Fibocom L7xx modules bcache: prevent potential division by zero error bcache: check return value from btree_node_alloc_replacement() USB: serial: option: add Luat Air72*U series products s390/dasd: protect device queue against concurrent access mtd: rawnand: brcmnand: Fix ecc chunk calculation for erased page bitfips net: axienet: Fix check for partial TX checksum amd-xgbe: propagate the correct speed and duplex status amd-xgbe: handle corner-case during sfp hotplug arm/xen: fix xen_vcpu_info allocation alignment net: usb: ax88179_178a: fix failed operations during ax88179_reset ipv4: Correct/silence an endian warning in __ip_do_redirect drm/rockchip: vop: Fix color for RGB888/BGR888 format on VOP full ata: pata_isapnp: Add missing error check for devm_ioport_map() drm/panel: simple: Fix Innolux G101ICE-L01 timings RDMA/irdma: Prevent zero-length STAG registration Conflicts: drivers/usb/dwc3/core.c scripts/checkpatch.pl Change-Id: I7c64fbcf060d509e628639d3f2dcc49e66d1d8dd |
||
|
Greg Kroah-Hartman
|
25592b1ed2 |
Merge 4.14.334 into android-4.14-stable
Changes in 4.14.334 qca_debug: Prevent crash on TX ring changes qca_debug: Fix ethtool -G iface tx behavior qca_spi: Fix reset behavior atm: solos-pci: Fix potential deadlock on &cli_queue_lock atm: solos-pci: Fix potential deadlock on &tx_queue_lock atm: Fix Use-After-Free in do_vcc_ioctl net/rose: Fix Use-After-Free in rose_ioctl qed: Fix a potential use-after-free in qed_cxt_tables_alloc net: Remove acked SYN flag from packet in the transmit queue correctly sign-file: Fix incorrect return values check vsock/virtio: Fix unsigned integer wrap around in virtio_transport_has_space() appletalk: Fix Use-After-Free in atalk_ioctl cred: switch to using atomic_long_t blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock required!" bcache: add code comments for bch_btree_node_get() and __bch_btree_node_alloc() platform/x86: intel_telemetry: Fix kernel doc descriptions HID: hid-asus: reset the backlight brightness level on resume HID: multitouch: Add quirk for HONOR GLO-GXXX touchpad asm-generic: qspinlock: fix queued_spin_value_unlocked() implementation net: usb: qmi_wwan: claim interface 4 for ZTE MF290 HID: hid-asus: add const to read-only outgoing usb buffer ext4: prevent the normalized size from exceeding EXT_MAX_BLOCKS team: Fix use-after-free when an option instance allocation fails ring-buffer: Fix memory leak of free page powerpc/ftrace: Create a dummy stackframe to fix stack unwind powerpc/ftrace: Fix stack teardown in ftrace_no_trace Linux 4.14.334 Change-Id: I3b539f2e4f9295c6c4bbcd0b7c6929da7ffc3928 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Yusong Gao
|
1a455a1ddb |
sign-file: Fix incorrect return values check
[ Upstream commit 829649443e78d85db0cff0c37cadb28fbb1a5f6f ]
There are some wrong return values check in sign-file when call OpenSSL
API. The ERR() check cond is wrong because of the program only check the
return value is < 0 which ignored the return val is 0. For example:
1. CMS_final() return 1 for success or 0 for failure.
2. i2d_CMS_bio_stream() returns 1 for success or 0 for failure.
3. i2d_TYPEbio() return 1 for success and 0 for failure.
4. BIO_free() return 1 for success and 0 for failure.
Link: https://www.openssl.org/docs/manmaster/man3/
Fixes:
|
||
|
Lee Jones
|
f7b745e624 |
ANDROID: Snapshot Mainline's version of checkpatch.pl
Nothing fancy here. Keeping full history is not required. `git checkout mainline/master -- scripts/checkpatch.pl` This may need to be done periodically. Bug: 316492624 Signed-off-by: Lee Jones <joneslee@google.com> Change-Id: I4c90b50197ca7277c59e96bf332ecf795c4f3d12 |
||
|
Michael Bestas
|
f1fa46ded9 |
Merge tag 'ASB-2023-12-05_4.14-stable' of https://android.googlesource.com/kernel/common into android-msm-pixel-4.14
https://source.android.com/docs/security/bulletin/2023-12-01 * tag 'ASB-2023-12-05_4.14-stable' of https://android.googlesource.com/kernel/common: Linux 4.14.331 net: sched: fix race condition in qdisc_graft() scsi: virtio_scsi: limit number of hw queues by nr_cpu_ids ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks ext4: correct return value of ext4_convert_meta_bg ext4: correct offset of gdb backup in non meta_bg group to update_backups ext4: apply umask if ACL support is disabled media: venus: hfi: fix the check to handle session buffer requirement media: sharp: fix sharp encoding i2c: i801: fix potential race in i801_block_transaction_byte_by_byte net: dsa: lan9303: consequently nested-lock physical MDIO ALSA: info: Fix potential deadlock at disconnection parisc/pgtable: Do not drop upper 5 address bits of physical address parisc: Prevent booting 64-bit kernels on PA1.x machines mcb: fix error handling for different scenarios when parsing jbd2: fix potential data lost in recovering journal raced with synchronizing fs bdev genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware mmc: meson-gx: Remove setting of CMD_CFG_ERROR PM: hibernate: Clean up sync_read handling in snapshot_write_next() PM: hibernate: Use __get_safe_page() rather than touching the list mmc: vub300: fix an error code PCI/sysfs: Protect driver's D3cold preference from user space hvc/xen: fix error path in xen_hvc_init() to always register frontend driver audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare() audit: don't take task_lock() in audit_exe_compare() code path KVM: x86: Ignore MSR_AMD64_TW_CFG access randstruct: Fix gcc-plugin performance mode to stay in group media: venus: hfi: add checks to perform sanity on queue pointers pwm: Fix double shift bug gfs2: ignore negated quota changes media: vivid: avoid integer overflow media: gspca: cpia1: shift-out-of-bounds in set_flicker i2c: sun6i-p2wi: Prevent potential division by zero tty: vcc: Add check for kstrdup() in vcc_probe() scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() atm: iphase: Do PCI error checks on own line ALSA: hda: Fix possible null-ptr-deref when assigning a stream jfs: fix array-index-out-of-bounds in diAlloc jfs: fix array-index-out-of-bounds in dbFindLeaf fs/jfs: Add validity check for db_maxag and db_agpref fs/jfs: Add check for negative db_l2nbperpage RDMA/hfi1: Use FIELD_GET() to extract Link Width crypto: pcrypt - Fix hungtask for PADATA_RESET selftests/efivarfs: create-read: fix a resource leak drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 net: annotate data-races around sk->sk_dst_pending_confirm wifi: ath10k: fix clang-specific fortify warning wifi: ath9k: fix clang-specific fortify warnings wifi: mac80211: don't return unset power in ieee80211_get_tx_power() x86/mm: Drop the 4 MB restriction on minimal NUMA node memory size clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware clocksource/drivers/timer-imx-gpt: Fix potential memory leak locking/ww_mutex/test: Fix potential workqueue corruption Linux 4.14.330 btrfs: use u64 for buffer sizes in the tree search ioctls Revert "mmc: core: Capture correct oemid-bits for eMMC cards" fbdev: fsl-diu-fb: mark wr_reg_wa() static netfilter: xt_recent: fix (increase) ipv6 literal buffer length tg3: power down device only on SYSTEM_POWER_OFF dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses. dccp: Call security_inet_conn_request() after setting IPv4 addresses. tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING llc: verify mac len before reading mac header pwm: brcmstb: Utilize appropriate clock APIs in suspend/resume media: dvb-usb-v2: af9035: fix missing unlock media: s3c-camif: Avoid inappropriate kfree() pcmcia: ds: fix possible name leak in error path in pcmcia_device_add() pcmcia: ds: fix refcount leak in pcmcia_device_add() pcmcia: cs: fix possible hung task and memory leak pccardd() dmaengine: pxa_dma: Remove an erroneous BUG_ON() in pxad_free_desc() USB: usbip: fix stub_dev hub disconnect misc: st_core: Do not call kfree_skb() under spin_lock_irqsave() dmaengine: ti: edma: handle irq_of_parse_and_map() errors usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency tty: tty_jobctrl: fix pid memleak in disassociate_ctty() mfd: dln2: Fix double put in dln2_probe ASoC: Intel: Skylake: Fix mem leak when parsing UUIDs fails sh: bios: Revive earlyprintk support RDMA/hfi1: Workaround truncation compilation error ext4: move 'ix' sanity check to corrent position ARM: 9321/1: memset: cast the constant byte to unsigned char hwrng: geode - fix accessing registers firmware: ti_sci: Mark driver as non removable ARM: dts: qcom: mdm9615: populate vsdcc fixed regulator drm/rockchip: cdn-dp: Fix some error handling paths in cdn_dp_probe() drm/radeon: possible buffer overflow drm/rockchip: vop: Fix reset of state in duplicate state crtc funcs platform/x86: wmi: Fix probe failure when failing to register WMI devices clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data clk: keystone: pll: fix a couple NULL vs IS_ERR() checks clk: qcom: clk-rcg2: Fix clock rate overflow for high parent frequencies ipv6: avoid atomic fragment on GSO packets ACPI: sysfs: Fix create_pnp_modalias() and create_of_modalias() thermal: core: prevent potential string overflow wifi: rtlwifi: fix EDCA limit set by BT coexistence tcp_metrics: do not create an entry from tcp_init_metrics() tcp_metrics: properly set tp->snd_ssthresh in tcp_init_metrics() i40e: fix potential memory leaks in i40e_remove() Linux 4.14.329 tty: 8250: Add support for Intashield IS-100 tty: 8250: Add support for Brainboxes UP cards tty: 8250: Add support for additional Brainboxes UC cards tty: 8250: Remove UC-257 and UC-431 usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF remove the sx8 block driver ata: ahci: fix enum constants for gcc-13 net: chelsio: cxgb4: add an error code check in t4_load_phy_fw platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to 0x2e scsi: mpt3sas: Fix in error path fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() ASoC: rt5650: fix the wrong result of key button netfilter: nfnetlink_log: silence bogus compiler warning fbdev: atyfb: only use ioremap_uc() on i386 and ia64 Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe irqchip/stm32-exti: add missing DT IRQ flag translation ASoC: simple-card: fixup asoc_simple_probe() error handling x86: Fix .brk attribute in linker script rpmsg: Fix possible refcount leak in rpmsg_register_device_override() rpmsg: glink: Release driver_override rpmsg: Fix calling device_lock() on non-initialized device rpmsg: Fix kfree() of static memory on setting driver_override driver: platform: Add helper for safer setting of driver_override x86/mm: Fix RESERVE_BRK() for older binutils x86/mm: Simplify RESERVE_BRK() x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility nfsd: lock_rename() needs both directories to live on the same fs f2fs: fix to do sanity check on inode type during garbage collection kobject: Fix slab-out-of-bounds in fill_kobj_path() drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() ARM: 8933/1: replace Sun/Solaris style flag on section directive NFS: Don't call generic_error_remove_page() while holding locks perf/core: Fix potential NULL deref i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR gtp: uapi: fix GTPA_MAX tcp: fix wrong RTO timeout when received SACK reneging r8152: Increase USB control msg timeout to 5000ms as per spec igb: Fix potential memory leak in igb_add_ethtool_nfc_entry treewide: Spelling fix in comment virtio_balloon: Fix endless deflation and inflation on arm64 mcb-lpc: Reallocate memory region to avoid memory overlapping mcb: Return actual parsed size when reading chameleon table Conflicts: drivers/thermal/thermal_core.c fs/f2fs/gc.c Change-Id: I569f299ba1ad3b7e86b113637e117519bf3685a0 |
||
|
Greg Kroah-Hartman
|
52d13de272 |
Merge 4.14.331 into android-4.14-stable
Changes in 4.14.331 locking/ww_mutex/test: Fix potential workqueue corruption clocksource/drivers/timer-imx-gpt: Fix potential memory leak clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware x86/mm: Drop the 4 MB restriction on minimal NUMA node memory size wifi: mac80211: don't return unset power in ieee80211_get_tx_power() wifi: ath9k: fix clang-specific fortify warnings wifi: ath10k: fix clang-specific fortify warning net: annotate data-races around sk->sk_dst_pending_confirm drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga selftests/efivarfs: create-read: fix a resource leak crypto: pcrypt - Fix hungtask for PADATA_RESET RDMA/hfi1: Use FIELD_GET() to extract Link Width fs/jfs: Add check for negative db_l2nbperpage fs/jfs: Add validity check for db_maxag and db_agpref jfs: fix array-index-out-of-bounds in dbFindLeaf jfs: fix array-index-out-of-bounds in diAlloc ALSA: hda: Fix possible null-ptr-deref when assigning a stream atm: iphase: Do PCI error checks on own line scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() tty: vcc: Add check for kstrdup() in vcc_probe() i2c: sun6i-p2wi: Prevent potential division by zero media: gspca: cpia1: shift-out-of-bounds in set_flicker media: vivid: avoid integer overflow gfs2: ignore negated quota changes pwm: Fix double shift bug media: venus: hfi: add checks to perform sanity on queue pointers randstruct: Fix gcc-plugin performance mode to stay in group KVM: x86: Ignore MSR_AMD64_TW_CFG access audit: don't take task_lock() in audit_exe_compare() code path audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare() hvc/xen: fix error path in xen_hvc_init() to always register frontend driver PCI/sysfs: Protect driver's D3cold preference from user space mmc: vub300: fix an error code PM: hibernate: Use __get_safe_page() rather than touching the list PM: hibernate: Clean up sync_read handling in snapshot_write_next() mmc: meson-gx: Remove setting of CMD_CFG_ERROR genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware jbd2: fix potential data lost in recovering journal raced with synchronizing fs bdev mcb: fix error handling for different scenarios when parsing parisc: Prevent booting 64-bit kernels on PA1.x machines parisc/pgtable: Do not drop upper 5 address bits of physical address ALSA: info: Fix potential deadlock at disconnection net: dsa: lan9303: consequently nested-lock physical MDIO i2c: i801: fix potential race in i801_block_transaction_byte_by_byte media: sharp: fix sharp encoding media: venus: hfi: fix the check to handle session buffer requirement ext4: apply umask if ACL support is disabled ext4: correct offset of gdb backup in non meta_bg group to update_backups ext4: correct return value of ext4_convert_meta_bg ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks scsi: virtio_scsi: limit number of hw queues by nr_cpu_ids net: sched: fix race condition in qdisc_graft() Linux 4.14.331 Change-Id: I1a1bce75363d3b2c731f3e947543c6506bed9817 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Kees Cook
|
9d63a62588 |
randstruct: Fix gcc-plugin performance mode to stay in group
commit 381fdb73d1e2a48244de7260550e453d1003bb8e upstream.
The performance mode of the gcc-plugin randstruct was shuffling struct
members outside of the cache-line groups. Limit the range to the
specified group indexes.
Cc: linux-hardening@vger.kernel.org
Cc: stable@vger.kernel.org
Reported-by: Lukas Loidolt <e1634039@student.tuwien.ac.at>
Closes: https://lore.kernel.org/all/f3ca77f0-e414-4065-83a5-ae4c4d25545d@student.tuwien.ac.at
Fixes:
|
||
|
Michael Bestas
|
124ce4c9c3 |
Merge tag 'ASB-2023-11-05_4.14-stable' of https://android.googlesource.com/kernel/common into android-msm-pixel-4.14
https://source.android.com/docs/security/bulletin/2023-11-01 * tag 'ASB-2023-11-05_4.14-stable' of https://android.googlesource.com/kernel/common: Linux 4.14.328 Bluetooth: hci_event: Fix using memcmp when comparing keys Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name Bluetooth: hci_sock: fix slab oob read in create_monitor_event gpio: vf610: set value before the direction to avoid a glitch s390/pci: fix iommu bitmap allocation perf: Disallow mis-matched inherited group reads USB: serial: option: add Fibocom to DELL custom modem FM101R-GL USB: serial: option: add entry for Sierra EM9191 with new firmware USB: serial: option: add Telit LE910C4-WWX 0x1035 composition ACPI: irq: Fix incorrect return value in acpi_register_gsi() Revert "pinctrl: avoid unsafe code pattern in find_pinctrl()" mmc: core: Capture correct oemid-bits for eMMC cards sky2: Make sure there is at least one frag_addr available wifi: cfg80211: avoid leaking stack data into trace wifi: mac80211: allow transmitting EAPOL frames with tainted key Bluetooth: hci_core: Fix build warnings Bluetooth: Avoid redundant authentication HID: holtek: fix slab-out-of-bounds Write in holtek_kbd_input_event tracing: relax trace_event_eval_update() execution with cond_resched() ata: libata-eh: Fix compilation warning in ata_eh_link_report() gpio: timberdale: Fix potential deadlock on &tgpio->lock overlayfs: set ctime when setting mtime and atime i2c: mux: Avoid potential false error message in i2c_mux_add_adapter btrfs: initialize start_slot in btrfs_log_prealloc_extents ARM: dts: ti: omap: Fix noisy serial with overrun-throttle-ms for mapphone i40e: prevent crash on probe if hw registers have invalid values net: usb: smsc95xx: Fix an error code in smsc95xx_reset() net: rfkill: gpio: prevent value glitch during probe net: ipv6: fix return value check in esp_remove_trailer net: ipv4: fix return value check in esp_remove_trailer xfrm: fix a data-race in xfrm_gen_index() netfilter: nft_payload: fix wrong mac header matching KVM: x86: Mask LVTPC when handling a PMI regmap: fix NULL deref on lookup nfc: nci: fix possible NULL pointer dereference in send_acknowledge() Bluetooth: avoid memcmp() out of bounds warning Bluetooth: hci_event: Fix coding style Bluetooth: vhci: Fix race when opening vhci device Bluetooth: Fix a refcnt underflow problem for hci_conn Bluetooth: Reject connection with the device which has same BD_ADDR Bluetooth: hci_event: Ignore NULL link key usb: hub: Guard against accesses to uninitialized BOS descriptors x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call usb: gadget: udc-xilinx: replace memcpy with memcpy_toio pinctrl: avoid unsafe code pattern in find_pinctrl() cgroup: Remove duplicates in cgroup v1 tasks file Input: xpad - add PXN V900 support Input: powermate - fix use-after-free in powermate_config_complete ceph: fix incorrect revoked caps assert in ceph_fill_file_size() mcb: remove is_added flag from mcb_device struct iio: pressure: ms5611: ms5611_prom_is_valid false negative bug iio: pressure: bmp280: Fix NULL pointer exception usb: musb: Modify the "HWVers" register address usb: musb: Get the musb_qh poniter after musb_giveback net: usb: dm9601: fix uninitialized variable use in dm9601_mdio_read usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer workqueue: Override implicit ordered attribute in workqueue_apply_unbound_cpumask() nfc: nci: assert requested protocol is valid ixgbe: fix crash with empty VF macvlan list drm/vmwgfx: fix typo of sizeof argument ieee802154: ca8210: Fix a potential UAF in ca8210_probe drm: etvnaviv: fix bad backport leading to warning HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect RDMA/cxgb4: Check skb value for failure to allocate Linux 4.14.327 xen/events: replace evtchn_rwlock with RCU rtnetlink: Reject negative ifindexes in RTM_NEWLINK Revert "rtnetlink: Reject negative ifindexes in RTM_NEWLINK" parisc: Restore __ldcw_align for PA-RISC 2.0 processors RDMA/mlx5: Fix NULL string error RDMA/cma: Fix truncation compilation warning in make_cma_ports gpio: aspeed: fix the GPIO number passed to pinctrl_gpio_set_config() IB/mlx4: Fix the size of a buffer in add_port_entries() cpupower: add Makefile dependencies for install targets sctp: update hb timer immediately after users change hb_interval sctp: update transport state when processing a dupcook packet tcp: fix delayed ACKs for MSS boundary condition net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() modpost: add missing else to the "of" check scsi: target: core: Fix deadlock due to recursive locking regmap: rbtree: Fix wrong register marked as in-cache when creating new node drivers/net: process the result of hdlc_open() and add call of hdlc_close() in uhdlc_close() wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet ubi: Refuse attaching if mtd's erasesize is 0 wifi: mwifiex: Fix tlv_buf_left calculation scsi: zfcp: Fix a double put in zfcp_port_enqueue() media: dvb: symbol fixup for dvb_attach() - again ata: libata: disallow dev-initiated LPM transitions to unsupported states net/sched: sch_hfsc: Ensure inner classes have fsc curve ext4: fix rec_len verify error vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF fs: binfmt_elf_efpic: fix personality for ELF-FDPIC ata: libata-sata: increase PMP SRST timeout to 10s ata: libata-core: Fix port and device removal ata: libata-core: Fix ata_port_request_pm() locking btrfs: properly report 0 avail for very full file systems i2c: i801: unregister tco_pdev in i801_probe() error path ata: libata-scsi: ignore reserved bits for REPORT SUPPORTED OPERATION CODES nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() serial: 8250_port: Check IRQ data before use watchdog: iTCO_wdt: Set NO_REBOOT if the watchdog is not already running watchdog: iTCO_wdt: No need to stop the timer in probe ata: libahci: clear pending interrupt status ata: ahci: Drop pointless VPRINTK() calls and convert the remaining ones fbdev/sh7760fb: Depend on FB=y ata: libata-eh: do not clear ATA_PFLAG_EH_PENDING in ata_eh_reset() ring-buffer: Avoid softlockup in ring_buffer_resize() selftests/ftrace: Correctly enable event in instance-event.tc parisc: irq: Make irq_stack_union static to avoid sparse warning parisc: iosapic.c: Fix sparse warnings parisc: sba: Fix compile warning wrt list of SBA devices xtensa: boot/lib: fix function prototypes xtensa: boot: don't add include-dirs clk: tegra: fix error return case for recalc_rate i2c: mux: demux-pinctrl: check the return value of devm_kstrdup() gpio: tb10x: Fix an error handling path in tb10x_gpio_probe() team: fix null-ptr-deref when team device type is changed dccp: fix dccp_v4_err()/dccp_v6_err() again powerpc/perf/hv-24x7: Update domain value check ipv4: fix null-deref in ipv4_link_failure NFS/pNFS: Report EINVAL errors from connect() to the server Conflicts: kernel/events/core.c Change-Id: I46917834f3c71ba65e9194d2bdd3234fe6a4dd2c |
||
|
Greg Kroah-Hartman
|
27c2ecdf37 |
Merge 4.14.327 into android-4.14-stable
Changes in 4.14.327
NFS/pNFS: Report EINVAL errors from connect() to the server
ipv4: fix null-deref in ipv4_link_failure
powerpc/perf/hv-24x7: Update domain value check
dccp: fix dccp_v4_err()/dccp_v6_err() again
team: fix null-ptr-deref when team device type is changed
gpio: tb10x: Fix an error handling path in tb10x_gpio_probe()
i2c: mux: demux-pinctrl: check the return value of devm_kstrdup()
clk: tegra: fix error return case for recalc_rate
xtensa: boot: don't add include-dirs
xtensa: boot/lib: fix function prototypes
parisc: sba: Fix compile warning wrt list of SBA devices
parisc: iosapic.c: Fix sparse warnings
parisc: irq: Make irq_stack_union static to avoid sparse warning
selftests/ftrace: Correctly enable event in instance-event.tc
ring-buffer: Avoid softlockup in ring_buffer_resize()
ata: libata-eh: do not clear ATA_PFLAG_EH_PENDING in ata_eh_reset()
fbdev/sh7760fb: Depend on FB=y
ata: ahci: Drop pointless VPRINTK() calls and convert the remaining ones
ata: libahci: clear pending interrupt status
watchdog: iTCO_wdt: No need to stop the timer in probe
watchdog: iTCO_wdt: Set NO_REBOOT if the watchdog is not already running
serial: 8250_port: Check IRQ data before use
nilfs2: fix potential use after free in nilfs_gccache_submit_read_data()
ata: libata-scsi: ignore reserved bits for REPORT SUPPORTED OPERATION CODES
i2c: i801: unregister tco_pdev in i801_probe() error path
btrfs: properly report 0 avail for very full file systems
ata: libata-core: Fix ata_port_request_pm() locking
ata: libata-core: Fix port and device removal
ata: libata-sata: increase PMP SRST timeout to 10s
fs: binfmt_elf_efpic: fix personality for ELF-FDPIC
vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF
ext4: fix rec_len verify error
net/sched: sch_hfsc: Ensure inner classes have fsc curve
ata: libata: disallow dev-initiated LPM transitions to unsupported states
media: dvb: symbol fixup for dvb_attach() - again
scsi: zfcp: Fix a double put in zfcp_port_enqueue()
wifi: mwifiex: Fix tlv_buf_left calculation
ubi: Refuse attaching if mtd's erasesize is 0
wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet
drivers/net: process the result of hdlc_open() and add call of hdlc_close() in uhdlc_close()
regmap: rbtree: Fix wrong register marked as in-cache when creating new node
scsi: target: core: Fix deadlock due to recursive locking
modpost: add missing else to the "of" check
ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()
net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg
tcp: fix delayed ACKs for MSS boundary condition
sctp: update transport state when processing a dupcook packet
sctp: update hb timer immediately after users change hb_interval
cpupower: add Makefile dependencies for install targets
IB/mlx4: Fix the size of a buffer in add_port_entries()
gpio: aspeed: fix the GPIO number passed to pinctrl_gpio_set_config()
RDMA/cma: Fix truncation compilation warning in make_cma_ports
RDMA/mlx5: Fix NULL string error
parisc: Restore __ldcw_align for PA-RISC 2.0 processors
Revert "rtnetlink: Reject negative ifindexes in RTM_NEWLINK"
rtnetlink: Reject negative ifindexes in RTM_NEWLINK
xen/events: replace evtchn_rwlock with RCU
Linux 4.14.327
Change-Id: Id05d43bbb2482e858390f6cb31f43ba16c669675
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Mauricio Faria de Oliveira
|
c8d3048246 |
modpost: add missing else to the "of" check
[ Upstream commit cbc3d00cf88fda95dbcafee3b38655b7a8f2650a ]
Without this 'else' statement, an "usb" name goes into two handlers:
the first/previous 'if' statement _AND_ the for-loop over 'devtable',
but the latter is useless as it has no 'usb' device_id entry anyway.
Tested with allmodconfig before/after patch; no changes to *.mod.c:
git checkout v6.6-rc3
make -j$(nproc) allmodconfig
make -j$(nproc) olddefconfig
make -j$(nproc)
find . -name '*.mod.c' | cpio -pd /tmp/before
# apply patch
make -j$(nproc)
find . -name '*.mod.c' | cpio -pd /tmp/after
diff -r /tmp/before/ /tmp/after/
# no difference
Fixes:
|
||
|
Greg Kroah-Hartman
|
3b3807ea9f |
Merge 4.14.326 into android-4.14-stable
Changes in 4.14.326
ARM: pxa: remove use of symbol_get()
mmc: au1xmmc: force non-modular build and remove symbol_get usage
rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
USB: serial: option: add Quectel EM05G variant (0x030e)
USB: serial: option: add FOXCONN T99W368/T99W373 product
HID: wacom: remove the battery when the EKR is off
Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition
serial: sc16is7xx: fix bug when first setting GPIO direction
nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
pinctrl: amd: Don't show `Invalid config param` errors
lib/ubsan: remove returns-nonnull-attribute checks
9p: virtio: make sure 'offs' is initialized in zc_request
ASoC: da7219: Flush pending AAD IRQ when suspending
ethernet: atheros: fix return value check in atl1c_tso_csum()
m68k: Fix invalid .section syntax
s390/dasd: use correct number of retries for ERP requests
fs/nls: make load_nls() take a const parameter
ASoc: codecs: ES8316: Fix DMIC config
security: keys: perform capable check only on privileged operations
net: usb: qmi_wwan: add Quectel EM05GV2
idmaengine: make FSL_EDMA and INTEL_IDMA64 depends on HAS_IOMEM
scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock
netlabel: fix shift wrapping bug in netlbl_catmap_setlong()
bnx2x: fix page fault following EEH recovery
sctp: handle invalid error codes without calling BUG()
cifs: add a warning when the in-flight count goes negative
ALSA: seq: oss: Fix racy open/close of MIDI devices
powerpc/32: Include .branch_lt in data section
powerpc/32s: Fix assembler warning about r0
udf: Check consistency of Space Bitmap Descriptor
udf: Handle error when adding extent to a file
Revert "net: macsec: preserve ingress frame ordering"
reiserfs: Check the return value from __getblk()
fs: Fix error checking for d_hash_and_lookup()
cpufreq: powernow-k8: Use related_cpus instead of cpus in driver.exit()
regmap: rbtree: Use alloc_flags for memory allocations
spi: tegra20-sflash: fix to check return value of platform_get_irq() in tegra_sflash_probe()
can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also in case of OOM
wifi: mwifiex: Fix OOB and integer underflow when rx packets
Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe()
net: tcp: fix unexcepted socket die when snd_wnd is 0
crypto: caam - fix unchecked return value error
lwt: Check LWTUNNEL_XMIT_CONTINUE strictly
fs: ocfs2: namei: check return value of ocfs2_add_entry()
wifi: mwifiex: fix memory leak in mwifiex_histogram_read()
wifi: mwifiex: Fix missed return in oob checks failed path
wifi: ath9k: protect WMI command response buffer replacement with a lock
wifi: mwifiex: avoid possible NULL skb pointer dereference
wifi: ath9k: use IS_ERR() with debugfs_create_dir()
net: arcnet: Do not call kfree_skb() under local_irq_disable()
netrom: Deny concurrent connect().
ARM: dts: BCM53573: Add cells sizes to PCIe node
ARM: dts: samsung: s3c6410-mini6410: correct ethernet reg addresses (split)
ARM: dts: samsung: s5pv210-smdkv210: correct ethernet reg addresses (split)
drm: adv7511: Fix low refresh rate register for ADV7533/5
of: unittest: fix null pointer dereferencing in of_unittest_find_node_by_name()
smackfs: Prevent underflow in smk_set_cipso()
audit: fix possible soft lockup in __audit_inode_child()
ALSA: ac97: Fix possible error value of *rac97
drivers: clk: keystone: Fix parameter judgment in _of_pll_clk_init()
clk: sunxi-ng: Modify mismatched function name
PCI: Mark NVIDIA T4 GPUs to avoid bus reset
PCI: pciehp: Use RMW accessors for changing LNKCTL
wifi: ath10k: Use RMW accessors for changing LNKCTL
nfs/blocklayout: Use the passed in gfp flags
powerpc/iommu: Fix notifiers being shared by PCI and VIO buses
jfs: validate max amount of blocks before allocation.
fs: lockd: avoid possible wrong NULL parameter
NFSD: da_addr_body field missing in some GETDEVICEINFO replies
drivers: usb: smsusb: fix error handling code in smsusb_init_device
media: dib7000p: Fix potential division by zero
media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()
media: cx24120: Add retval check for cx24120_message_send()
media: mediatek: vcodec: Return NULL if no vdec_fb is found
usb: phy: mxs: fix getting wrong state with mxs_phy_is_otg_host()
scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param()
scsi: be2iscsi: Add length check when parsing nlattrs
scsi: qla4xxx: Add length check when parsing nlattrs
x86/APM: drop the duplicate APM_MINOR_DEV macro
scsi: qedf: Do not touch __user pointer in qedf_dbg_stop_io_on_error_cmd_read() directly
scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read() directly
dma-buf/sync_file: Fix docs syntax
media: go7007: Remove redundant if statement
USB: gadget: f_mass_storage: Fix unused variable warning
cgroup:namespace: Remove unused cgroup_namespaces_init()
scsi: core: Use 32-bit hostnum in scsi_host_lookup()
scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock
serial: tegra: handle clk prepare error in tegra_uart_hw_init()
amba: bus: fix refcount leak
Revert "IB/isert: Fix incorrect release of isert connection"
HID: multitouch: Correct devm device reference for hidinput input_dev name
rpmsg: glink: Add check for kstrdup
dmaengine: ste_dma40: Add missing IRQ check in d40_probe
igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
netfilter: xt_u32: validate user space input
netfilter: xt_sctp: validate the flag_info count
igb: set max size RX buffer when store bad packet is enabled
PM / devfreq: Fix leak in devfreq_dev_release()
ALSA: pcm: Fix missing fixup call in compat hw_refine ioctl
ARM: OMAP2+: Fix -Warray-bounds warning in _pwrdm_state_switch()
backlight/gpio_backlight: Compare against struct fb_info.device
backlight/bd6107: Compare against struct fb_info.device
backlight/lv5207lp: Compare against struct fb_info.device
media: dvb: symbol fixup for dvb_attach()
ntb: Drop packets when qp link is down
ntb: Clean up tx tail index on link down
ntb: Fix calculation ntb_transport_tx_free_entry()
Revert "PCI: Mark NVIDIA T4 GPUs to avoid bus reset"
procfs: block chmod on /proc/thread-self/comm
parisc: Fix /proc/cpuinfo output for lscpu
dccp: Fix out of bounds access in DCCP error handler
X.509: if signature is unsupported skip validation
net: handle ARPHRD_PPP in dev_is_mac_header_xmit()
pstore/ram: Check start of empty przs during init
crypto: stm32 - fix loop iterating through scatterlist for DMA
scsi: qla2xxx: fix inconsistent TMF timeout
scsi: qla2xxx: Turn off noisy message log
fbdev/ep93xx-fb: Do not assign to struct fb_info.dev
drm/ast: Fix DRAM init on AST2200
parisc: led: Fix LAN receive and transmit LEDs
parisc: led: Reduce CPU overhead for disk & lan LED computation
clk: qcom: gcc-mdm9615: use proper parent for pll0_vote clock
NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info
x86/virt: Drop unnecessary check on extended CPUID level in cpu_has_svm()
watchdog: intel-mid_wdt: add MODULE_ALIAS() to allow auto-load
pwm: lpc32xx: Remove handling of PWM channels
net: read sk->sk_family once in sk_mc_loop()
igb: disable virtualization features on 82580
net: ipv6/addrconf: avoid integer underflow in ipv6_create_tempaddr
af_unix: Fix data-races around user->unix_inflight.
af_unix: Fix data-race around unix_tot_inflight.
af_unix: Fix data-races around sk->sk_shutdown.
af_unix: Fix data race around sk->sk_err.
net: sched: sch_qfq: Fix UAF in qfq_dequeue()
kcm: Destroy mutex in kcm_exit_net()
igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80
igb: Change IGB_MIN to allow set rx/tx value between 64 and 80
ata: sata_gemini: Add missing MODULE_DESCRIPTION
ata: pata_ftide010: Add missing MODULE_DESCRIPTION
net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in mtk_hwlro_get_fdir_all()
kcm: Fix memory leak in error path of kcm_sendmsg()
ixgbe: fix timestamp configuration code
kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg().
parisc: Drop loops_per_jiffy from per_cpu struct
autofs: fix memory leak of waitqueues in autofs_catatonic_mode
btrfs: output extra debug info if we failed to find an inline backref
ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer
ACPI: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470
hw_breakpoint: fix single-stepping when using bpf_overflow_handler
wifi: ath9k: fix printk specifier
wifi: mwifiex: fix fortify warning
crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui()
tpm_tis: Resend command to recover from data transfer errors
alx: fix OOB-read compiler warning
drm/exynos: fix a possible null-pointer dereference due to data race in exynos_drm_crtc_atomic_disable()
md: raid1: fix potential OOB in raid1_remove_disk()
ext2: fix datatype of block number in ext2_xattr_set2()
fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount()
jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount
powerpc/pseries: fix possible memory leak in ibmebus_bus_init()
media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer
media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()
media: af9005: Fix null-ptr-deref in af9005_i2c_xfer
media: anysee: fix null-ptr-deref in anysee_master_xfer
media: az6007: Fix null-ptr-deref in az6007_i2c_xfer()
iio: core: Use min() instead of min_t() to make code more robust
media: tuners: qt1010: replace BUG_ON with a regular error
media: pci: cx23885: replace BUG with error return
usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc
scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()
serial: cpm_uart: Avoid suspicious locking
kobject: Add sanity check for kset->kobj.ktype in kset_register()
md/raid1: fix error: ISO C90 forbids mixed declarations
attr: block mode changes of symlinks
btrfs: fix lockdep splat and potential deadlock after failure running delayed items
nfsd: fix change_info in NFSv4 RENAME replies
mtd: rawnand: brcmnand: Fix crash during the panic_write
mtd: rawnand: brcmnand: Fix potential false time out warning
mtd: rawnand: brcmnand: Fix ECC level field setting for v7.2 controller
mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write
net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
net/sched: Retire rsvp classifier
Linux 4.14.326
Change-Id: I22815ecf1b4b346f889ccaa561b7cb9a20f204ce
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Andrey Ryabinin
|
2da066a76c |
lib/ubsan: remove returns-nonnull-attribute checks
commit bac7a1fff7926fb9891a18fe33650884b0e13e41 upstream. Similarly to type mismatch checks, new GCC 8.x and Clang also changed for ABI for returns_nonnull checks. While we can update our code to conform the new ABI it's more reasonable to just remove it. Because it's just dead code, we don't have any single user of returns_nonnull attribute in the whole kernel. And AFAIU the advantage that this attribute could bring would be mitigated by -fno-delete-null-pointer-checks cflag that we use to build the kernel. So it's unlikely we will have a lot of returns_nonnull attribute in future. So let's just remove the code, it has no use. [aryabinin@virtuozzo.com: fix warning] Link: http://lkml.kernel.org/r/20180122165711.11510-1-aryabinin@virtuozzo.com Link: http://lkml.kernel.org/r/20180119152853.16806-2-aryabinin@virtuozzo.com Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com> Cc: Sodagudi Prasad <psodagud@codeaurora.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Cc: Lukas Bulwahn <lukas.bulwahn@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Michael Bestas
|
4b1f3533e2 |
Merge tag 'ASB-2023-09-05_4.14-stable' of https://android.googlesource.com/kernel/common into android-msm-pixel-4.14
https://source.android.com/docs/security/bulletin/2023-09-01 * tag 'ASB-2023-09-05_4.14-stable' of https://android.googlesource.com/kernel/common: Linux 4.14.325 Revert "ARM: ep93xx: fix missing-prototype warnings" Revert "MIPS: Alchemy: fix dbdma2" Linux 4.14.324 dma-buf/sw_sync: Avoid recursive lock during fence signal scsi: core: raid_class: Remove raid_component_add() scsi: snic: Fix double free in snic_tgt_create() rtnetlink: Reject negative ifindexes in RTM_NEWLINK x86/fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4 media: vcodec: Fix potential array out-of-bounds in encoder queue_setup lib/clz_ctz.c: Fix __clzdi2() and __ctzdi2() for 32-bit kernels batman-adv: Fix batadv_v_ogm_aggr_send memory leak batman-adv: Fix TT global entry leak when client roamed back batman-adv: Do not get eth header before batadv_check_management_packet batman-adv: Trigger events for auto adjusted MTU ibmveth: Use dcbf rather than dcbfl ipvs: fix racy memcpy in proc_do_sync_threshold ipvs: Improve robustness to the ipvs sysctl igb: Avoid starting unnecessary workqueues sock: annotate data-races around prot->memory_pressure tracing: Fix memleak due to race between current_tracer and trace net: phy: broadcom: stub c45 read/write for 54810 net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure net: fix the RTO timer retransmitting skb every 1ms if linear option is enabled af_unix: Fix null-ptr-deref in unix_stream_sendpage(). ASoC: rt5665: add missed regulator_bulk_disable netfilter: set default timeout to 3 secs for sctp shutdown send and recv state test_firmware: prevent race conditions by a correct implementation of locking binder: fix memory leak in binder_init() serial: 8250: Fix oops for port->pm on uart_change_pm() mmc: wbsd: fix double mmc_free_host() in wbsd_init() cifs: Release folio lock on fscache read hit. ALSA: usb-audio: Add support for Mythware XA001AU capture and playback interfaces. net: do not allow gso_size to be set to GSO_BY_FRAGS sock: Fix misuse of sk_under_memory_pressure() i40e: fix misleading debug logs team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves netfilter: nft_dynset: disallow object maps xfrm: add NULL check in xfrm_update_ae_params ip_vti: fix potential slab-use-after-free in decode_session6 ip6_vti: fix slab-use-after-free in decode_session6 net: af_key: fix sadb_x_filter validation net: xfrm: Fix xfrm_address_filter OOB read fbdev: mmp: fix value check in mmphw_probe() drm/amdgpu: Fix potential fence use-after-free v2 Bluetooth: L2CAP: Fix use-after-free pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() gfs2: Fix possible data races in gfs2_show_options() media: platform: mediatek: vpu: fix NULL ptr dereference media: v4l2-mem2mem: add lock to protect parameter num_rdy FS: JFS: Check for read-only mounted filesystem in txBegin FS: JFS: Fix null-ptr-deref Read in txBegin MIPS: dec: prom: Address -Warray-bounds warning fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev udf: Fix uninitialized array access for some pathnames quota: fix warning in dqgrab() quota: Properly disable quotas when add_dquot_ref() fails ALSA: emu10k1: roll up loops in DSP setup code for Audigy drm/radeon: Fix integer overflow in radeon_cs_parser_init lib/mpi: Eliminate unused umul_ppmm definitions for MIPS UPSTREAM: media: usb: siano: Fix warning due to null work_func_t function pointer UPSTREAM: Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb UPSTREAM: net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free UPSTREAM: net/sched: cls_fw: Fix improper refcount update leads to use-after-free UPSTREAM: net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free Linux 4.14.323 alpha: remove __init annotation from exported page_is_ram() scsi: core: Fix possible memory leak if device_add() fails scsi: snic: Fix possible memory leak if device_add() fails scsi: 53c700: Check that command slot is not NULL scsi: storvsc: Fix handling of virtual Fibre Channel timeouts scsi: core: Fix legacy /proc parsing buffer overflow netfilter: nf_tables: report use refcount overflow btrfs: don't stop integrity writeback too early IB/hfi1: Fix possible panic during hotplug remove drivers: net: prevent tun_build_skb() to exceed the packet size limit dccp: fix data-race around dp->dccps_mss_cache bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves net/packet: annotate data-races around tp->status drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes x86: Move gds_ucode_mitigated() declaration to header x86/mm: Fix VDSO and VVAR placement on 5-level paging machines usb: dwc3: Properly handle processing of pending events usb-storage: alauda: Fix uninit-value in alauda_check_media() iio: cros_ec: Fix the allocation size for cros_ec_command test_firmware: return ENOMEM instead of ENOSPC on failed memory allocation nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput radix tree test suite: fix incorrect allocation size for pthreads dmaengine: pl330: Return DMA_PAUSED when transaction is paused ipv6: adjust ndisc_is_useropt() to also return true for PIO mmc: moxart: read scr register without changing byte order sparc: fix up arch_cpu_finalize_init() build breakage. Linux 4.14.322 drm/edid: fix objtool warning in drm_cvt_modes() mtd: rawnand: omap_elm: Fix incorrect type in assignment test_firmware: fix a memory leak with reqs buffer ext2: Drop fragment support net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb fs/sysv: Null check to prevent null-ptr-deref bug USB: zaurus: Add ID for A-300/B-500/C-700 libceph: fix potential hang in ceph_osdc_notify() loop: Select I/O scheduler 'none' from inside add_disk() tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen tcp_metrics: annotate data-races around tm->tcpm_net tcp_metrics: annotate data-races around tm->tcpm_vals[] tcp_metrics: annotate data-races around tm->tcpm_lock tcp_metrics: annotate data-races around tm->tcpm_stamp tcp_metrics: fix addr_same() helper ip6mr: Fix skb_under_panic in ip6mr_cache_report() net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free net: add missing data-race annotation for sk_ll_usec net: add missing data-race annotations around sk->sk_peek_off perf test uprobe_from_different_cu: Skip if there is no gcc net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer() word-at-a-time: use the same return type for has_zero regardless of endianness perf: Fix function pointer case net/sched: cls_u32: Fix reference counter leak leading to overflow net/sched: sch_qfq: account for stab overhead in qfq_enqueue net/sched: cls_fw: Fix improper refcount update leads to use-after-free drm/client: Fix memory leak in drm_client_target_cloned dm cache policy smq: ensure IO doesn't prevent cleaner policy progress ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register s390/dasd: fix hanging device after quiesce/resume irq-bcm6345-l1: Do not assume a fixed block to cpu mapping tpm_tis: Explicitly check for error code hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() Documentation: security-bugs.rst: update preferences when dealing with the linux-distros group usb: xhci-mtk: set the dma max_seg_size usb: ohci-at91: Fix the unhandle interrupt when resume can: gs_usb: gs_can_close(): add missing set of CAN state to CAN_STATE_STOPPED USB: serial: simple: sort driver entries USB: serial: simple: add Kaufmann RKS+CAN VCP USB: serial: option: add Quectel EC200A module support USB: serial: option: support Quectel EM060K_128 tracing: Fix warning in trace_buffered_event_disable() ring-buffer: Fix wrong stat of cpu_buffer->read ata: pata_ns87415: mark ns87560_tf_read static dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths block: Fix a source code comment in include/uapi/linux/blkzoned.h ASoC: fsl_spdif: Silence output on stop benet: fix return value check in be_lancer_xmit_workarounds() platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100 team: reset team's flags when down link is P2P device bonding: reset bond's flags when down link is P2P device tcp: Reduce chance of collisions in inet6_hashfn(). ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new temporary address ethernet: atheros: fix return value check in atl1e_tso_csum() i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir() gpio: tps68470: Make tps68470_gpio_output() always set the initial value tcp: annotate data-races around fastopenq.max_qlen tcp: annotate data-races around tp->notsent_lowat tcp: annotate data-races around rskq_defer_accept netfilter: nf_tables: fix spurious set element insertion failure llc: Don't drop packet from non-root netns. fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()/cpsw_ale_set_field() pinctrl: amd: Use amd_pinconf_set() for all config options fbdev: imxfb: warn about invalid left/right margin spi: bcm63xx: fix max prepend length igb: Fix igb_down hung on surprise removal wifi: wext-core: Fix -Wstringop-overflow warning in ioctl_standard_iw_point() bpf: Address KCSAN report on bpf_lru_list sched/fair: Don't balance task to its current running CPU posix-timers: Ensure timer ID search-loop limit is valid md/raid10: prevent soft lockup while flush writes md: fix data corruption for raid456 when reshape restart while grow up nbd: Add the maximum limit of allocated index in nbd_dev_add debugobjects: Recheck debug_objects_enabled before reporting ext4: correct inline offset when handling xattrs in inode body can: bcm: Fix UAF in bcm_proc_show() fuse: revalidate: don't invalidate if interrupted perf probe: Add test for regression introduced by switch to die_get_decl_file() serial: atmel: don't enable IRQs prematurely scsi: qla2xxx: Pointer may be dereferenced scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport() scsi: qla2xxx: Fix potential NULL pointer dereference scsi: qla2xxx: Wait for io return on terminate rport xtensa: ISS: fix call to split_if_spec ring-buffer: Fix deadloop issue on reading trace_pipe tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error Revert "8250: add support for ASIX devices with a FIFO bug" meson saradc: fix clock divider mask length hwrng: imx-rngc - fix the timeout for init and self check fs: dlm: return positive pid value for F_GETLK md/raid0: add discard support for the 'original' layout misc: pci_endpoint_test: Re-init completion for every test PCI: Add function 1 DMA alias quirk for Marvell 88SE9235 jfs: jfs_dmap: Validate db_l2nbperpage while mounting ext4: only update i_reserved_data_blocks on successful block allocation ext4: fix wrong unit use in ext4_mb_clear_bb perf intel-pt: Fix CYC timestamps after standalone CBR SUNRPC: Fix UAF in svc_tcp_listen_data_ready() tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation net/sched: make psched_mtu() RTNL-less safe wifi: airo: avoid uninitialized warning in airo_get_rate() ipv6/addrconf: fix a potential refcount underflow for idev NTB: ntb_transport: fix possible memory leak while device_register() fails ntb: intel: Fix error handling in intel_ntb_pci_driver_init() NTB: amd: Fix error handling in amd_ntb_pci_driver_init() ntb: idt: Fix error handling in idt_pci_driver_init() udp6: fix udp6_ehashfn() typo net: mvneta: fix txq_map in case of txq_number==1 workqueue: clean up WORK_* constant types, clarify masking netfilter: nf_tables: prevent OOB access in nft_byteorder_eval netfilter: conntrack: Avoid nf_ct_helper_hash uses after free netfilter: nf_tables: unbind non-anonymous set if rule construction fails netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE spi: spi-fsl-spi: allow changing bits_per_word while CS is still active spi: spi-fsl-spi: relax message sanity checking a little spi: spi-fsl-spi: remove always-true conditional in fsl_spi_do_one_msg ARM: orion5x: fix d2net gpio initialization btrfs: fix race when deleting quota root from the dirty cow roots list jffs2: reduce stack usage in jffs2_build_xattr_subsystem() integrity: Fix possible multiple allocation in integrity_inode_get() mmc: core: disable TRIM on Micron MTFC4GACAJCN-1M mmc: core: disable TRIM on Kingston EMMC04G-M627 NFSD: add encoding of op_recall flag for write delegation sh: dma: Fix DMA channel offset calculation net/sched: act_pedit: Add size check for TCA_PEDIT_PARMS_EX tcp: annotate data races in __tcp_oow_rate_limited() net: bridge: keep ports without IFF_UNICAST_FLT in BR_PROMISC mode powerpc: allow PPC_EARLY_DEBUG_CPM only when SERIAL_CPM=y mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0 spi: bcm-qspi: return error if neither hif_mspi nor mspi is available Add MODULE_FIRMWARE() for FIRMWARE_TG357766. sctp: fix potential deadlock on &net->sctp.addr_wq_lock rtc: st-lpc: Release some resources in st_rtc_probe() in case of error mfd: stmpe: Only disable the regulators if they are enabled mfd: intel-lpss: Add missing check for platform_get_resource mfd: rt5033: Drop rt5033-battery sub-device usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe() extcon: Fix kernel doc of property capability fields to avoid warnings extcon: Fix kernel doc of property fields to avoid warnings media: usb: siano: Fix warning due to null work_func_t function pointer media: videodev2.h: Fix struct v4l2_input tuner index comment media: usb: Check az6007_read() return value sh: j2: Use ioremap() to translate device tree address into kernel memory w1: fix loop in w1_fini() block: change all __u32 annotations to __be32 in affs_hardblocks.h USB: serial: option: add LARA-R6 01B PIDs modpost: fix off by one in is_executable_section() modpost: fix section mismatch message for R_ARM_{PC24,CALL,JUMP24} modpost: fix section mismatch message for R_ARM_ABS32 crypto: nx - fix build warnings when DEBUG_FS is not enabled pinctrl: at91-pio4: check return value of devm_kasprintf() perf dwarf-aux: Fix off-by-one in die_get_varname() pinctrl: cherryview: Return correct value if pin in push-pull mode PCI: Add pci_clear_master() stub for non-CONFIG_PCI scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe() ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer drm/radeon: fix possible division-by-zero errors fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe() soc/fsl/qe: fix usb.c build errors ASoC: es8316: Increment max value for ALC Capture Target Volume control ARM: ep93xx: fix missing-prototype warnings drm/panel: simple: fix active size for Ampire AM-480272H3TMQW-T01H Input: adxl34x - do not hardcode interrupt trigger type ARM: dts: BCM5301X: Drop "clock-names" from the SPI node Input: drv260x - sleep between polling GO bit radeon: avoid double free in ci_dpm_init() netlink: Add __sock_i_ino() for __netlink_diag_dump(). netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value. lib/ts_bm: reset initial match offset for every block of text gtp: Fix use-after-free in __gtp_encap_destroy(). netlink: do not hard code device address lenth in fdb dumps netlink: fix potential deadlock in netlink_set_err() wifi: ath9k: convert msecs to jiffies where needed wifi: ath9k: Fix possible stall on ath9k_txq_list_has_key() memstick r592: make memstick_debug_get_tpc_name() static kexec: fix a memory leak in crash_shrink_memory() watchdog/perf: more properly prevent false positives with turbo modes watchdog/perf: define dummy watchdog_update_hrtimer_threshold() on correct config wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes wifi: ray_cs: Fix an error handling path in ray_probe() wifi: wl3501_cs: Fix an error handling path in wl3501_probe() wifi: atmel: Fix an error handling path in atmel_probe() wifi: orinoco: Fix an error handling path in orinoco_cs_probe() wifi: orinoco: Fix an error handling path in spectrum_cs_probe() wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx wifi: ath9k: fix AR9003 mac hardware hang check register offset calculation evm: Complete description of evm_inode_setattr() PM: domains: fix integer overflow issues in genpd_parse_state() md/raid10: fix io loss while replacement replace rdev md/raid10: fix wrong setting of max_corr_read_errors md/raid10: fix overflow of md/safe_mode_delay treewide: Remove uninitialized_var() usage drm/amdgpu: Validate VM ioctl flags. scripts/tags.sh: Resolve gtags empty index generation drm/edid: Fix uninitialized variable in drm_cvt_modes() fbdev: imsttfb: Fix use after free bug in imsttfb_probe x86/smp: Use dedicated cache-line for mwait_play_dead() x86/microcode/AMD: Load late on both threads too gfs2: Don't deref jdesc in evict Linux 4.14.321 x86: fix backwards merge of GDS/SRSO bit xen/netback: Fix buffer overrun triggered by unusual packet Documentation/x86: Fix backwards on/off logic about YMM support x86/xen: Fix secondary processors' FPU initialization KVM: Add GDS_NO support to KVM x86/speculation: Add Kconfig option for GDS x86/speculation: Add force option to GDS mitigation x86/speculation: Add Gather Data Sampling mitigation x86/fpu: Move FPU initialization into arch_cpu_finalize_init() x86/fpu: Mark init functions __init x86/fpu: Remove cpuinfo argument from init functions init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init() init: Invoke arch_cpu_finalize_init() earlier init: Remove check_bugs() leftovers um/cpu: Switch to arch_cpu_finalize_init() sparc/cpu: Switch to arch_cpu_finalize_init() sh/cpu: Switch to arch_cpu_finalize_init() mips/cpu: Switch to arch_cpu_finalize_init() m68k/cpu: Switch to arch_cpu_finalize_init() ia64/cpu: Switch to arch_cpu_finalize_init() ARM: cpu: Switch to arch_cpu_finalize_init() x86/cpu: Switch to arch_cpu_finalize_init() init: Provide arch_cpu_finalize_init() Conflicts: drivers/block/loop.c drivers/usb/dwc3/gadget.c Change-Id: I992e9302cd013f55616a3158f5227b263e1c322d |
||
|
Greg Kroah-Hartman
|
fce78edbb4 |
Merge 4.14.322 into android-4.14-stable
Changes in 4.14.322
gfs2: Don't deref jdesc in evict
x86/microcode/AMD: Load late on both threads too
x86/smp: Use dedicated cache-line for mwait_play_dead()
fbdev: imsttfb: Fix use after free bug in imsttfb_probe
drm/edid: Fix uninitialized variable in drm_cvt_modes()
scripts/tags.sh: Resolve gtags empty index generation
drm/amdgpu: Validate VM ioctl flags.
treewide: Remove uninitialized_var() usage
md/raid10: fix overflow of md/safe_mode_delay
md/raid10: fix wrong setting of max_corr_read_errors
md/raid10: fix io loss while replacement replace rdev
PM: domains: fix integer overflow issues in genpd_parse_state()
evm: Complete description of evm_inode_setattr()
wifi: ath9k: fix AR9003 mac hardware hang check register offset calculation
wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
wifi: orinoco: Fix an error handling path in spectrum_cs_probe()
wifi: orinoco: Fix an error handling path in orinoco_cs_probe()
wifi: atmel: Fix an error handling path in atmel_probe()
wifi: wl3501_cs: Fix an error handling path in wl3501_probe()
wifi: ray_cs: Fix an error handling path in ray_probe()
wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes
watchdog/perf: define dummy watchdog_update_hrtimer_threshold() on correct config
watchdog/perf: more properly prevent false positives with turbo modes
kexec: fix a memory leak in crash_shrink_memory()
memstick r592: make memstick_debug_get_tpc_name() static
wifi: ath9k: Fix possible stall on ath9k_txq_list_has_key()
wifi: ath9k: convert msecs to jiffies where needed
netlink: fix potential deadlock in netlink_set_err()
netlink: do not hard code device address lenth in fdb dumps
gtp: Fix use-after-free in __gtp_encap_destroy().
lib/ts_bm: reset initial match offset for every block of text
netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value.
netlink: Add __sock_i_ino() for __netlink_diag_dump().
radeon: avoid double free in ci_dpm_init()
Input: drv260x - sleep between polling GO bit
ARM: dts: BCM5301X: Drop "clock-names" from the SPI node
Input: adxl34x - do not hardcode interrupt trigger type
drm/panel: simple: fix active size for Ampire AM-480272H3TMQW-T01H
ARM: ep93xx: fix missing-prototype warnings
ASoC: es8316: Increment max value for ALC Capture Target Volume control
soc/fsl/qe: fix usb.c build errors
fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe()
drm/radeon: fix possible division-by-zero errors
ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer
scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe()
PCI: Add pci_clear_master() stub for non-CONFIG_PCI
pinctrl: cherryview: Return correct value if pin in push-pull mode
perf dwarf-aux: Fix off-by-one in die_get_varname()
pinctrl: at91-pio4: check return value of devm_kasprintf()
crypto: nx - fix build warnings when DEBUG_FS is not enabled
modpost: fix section mismatch message for R_ARM_ABS32
modpost: fix section mismatch message for R_ARM_{PC24,CALL,JUMP24}
modpost: fix off by one in is_executable_section()
USB: serial: option: add LARA-R6 01B PIDs
block: change all __u32 annotations to __be32 in affs_hardblocks.h
w1: fix loop in w1_fini()
sh: j2: Use ioremap() to translate device tree address into kernel memory
media: usb: Check az6007_read() return value
media: videodev2.h: Fix struct v4l2_input tuner index comment
media: usb: siano: Fix warning due to null work_func_t function pointer
extcon: Fix kernel doc of property fields to avoid warnings
extcon: Fix kernel doc of property capability fields to avoid warnings
usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()
mfd: rt5033: Drop rt5033-battery sub-device
mfd: intel-lpss: Add missing check for platform_get_resource
mfd: stmpe: Only disable the regulators if they are enabled
rtc: st-lpc: Release some resources in st_rtc_probe() in case of error
sctp: fix potential deadlock on &net->sctp.addr_wq_lock
Add MODULE_FIRMWARE() for FIRMWARE_TG357766.
spi: bcm-qspi: return error if neither hif_mspi nor mspi is available
mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0
powerpc: allow PPC_EARLY_DEBUG_CPM only when SERIAL_CPM=y
net: bridge: keep ports without IFF_UNICAST_FLT in BR_PROMISC mode
tcp: annotate data races in __tcp_oow_rate_limited()
net/sched: act_pedit: Add size check for TCA_PEDIT_PARMS_EX
sh: dma: Fix DMA channel offset calculation
NFSD: add encoding of op_recall flag for write delegation
mmc: core: disable TRIM on Kingston EMMC04G-M627
mmc: core: disable TRIM on Micron MTFC4GACAJCN-1M
integrity: Fix possible multiple allocation in integrity_inode_get()
jffs2: reduce stack usage in jffs2_build_xattr_subsystem()
btrfs: fix race when deleting quota root from the dirty cow roots list
ARM: orion5x: fix d2net gpio initialization
spi: spi-fsl-spi: remove always-true conditional in fsl_spi_do_one_msg
spi: spi-fsl-spi: relax message sanity checking a little
spi: spi-fsl-spi: allow changing bits_per_word while CS is still active
netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain
netfilter: nf_tables: unbind non-anonymous set if rule construction fails
netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
workqueue: clean up WORK_* constant types, clarify masking
net: mvneta: fix txq_map in case of txq_number==1
udp6: fix udp6_ehashfn() typo
ntb: idt: Fix error handling in idt_pci_driver_init()
NTB: amd: Fix error handling in amd_ntb_pci_driver_init()
ntb: intel: Fix error handling in intel_ntb_pci_driver_init()
NTB: ntb_transport: fix possible memory leak while device_register() fails
ipv6/addrconf: fix a potential refcount underflow for idev
wifi: airo: avoid uninitialized warning in airo_get_rate()
net/sched: make psched_mtu() RTNL-less safe
tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation
SUNRPC: Fix UAF in svc_tcp_listen_data_ready()
perf intel-pt: Fix CYC timestamps after standalone CBR
ext4: fix wrong unit use in ext4_mb_clear_bb
ext4: only update i_reserved_data_blocks on successful block allocation
jfs: jfs_dmap: Validate db_l2nbperpage while mounting
PCI: Add function 1 DMA alias quirk for Marvell 88SE9235
misc: pci_endpoint_test: Re-init completion for every test
md/raid0: add discard support for the 'original' layout
fs: dlm: return positive pid value for F_GETLK
hwrng: imx-rngc - fix the timeout for init and self check
meson saradc: fix clock divider mask length
Revert "8250: add support for ASIX devices with a FIFO bug"
tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error
tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk
ring-buffer: Fix deadloop issue on reading trace_pipe
xtensa: ISS: fix call to split_if_spec
scsi: qla2xxx: Wait for io return on terminate rport
scsi: qla2xxx: Fix potential NULL pointer dereference
scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()
scsi: qla2xxx: Pointer may be dereferenced
serial: atmel: don't enable IRQs prematurely
perf probe: Add test for regression introduced by switch to die_get_decl_file()
fuse: revalidate: don't invalidate if interrupted
can: bcm: Fix UAF in bcm_proc_show()
ext4: correct inline offset when handling xattrs in inode body
debugobjects: Recheck debug_objects_enabled before reporting
nbd: Add the maximum limit of allocated index in nbd_dev_add
md: fix data corruption for raid456 when reshape restart while grow up
md/raid10: prevent soft lockup while flush writes
posix-timers: Ensure timer ID search-loop limit is valid
sched/fair: Don't balance task to its current running CPU
bpf: Address KCSAN report on bpf_lru_list
wifi: wext-core: Fix -Wstringop-overflow warning in ioctl_standard_iw_point()
igb: Fix igb_down hung on surprise removal
spi: bcm63xx: fix max prepend length
fbdev: imxfb: warn about invalid left/right margin
pinctrl: amd: Use amd_pinconf_set() for all config options
net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()/cpsw_ale_set_field()
fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe
llc: Don't drop packet from non-root netns.
netfilter: nf_tables: fix spurious set element insertion failure
tcp: annotate data-races around rskq_defer_accept
tcp: annotate data-races around tp->notsent_lowat
tcp: annotate data-races around fastopenq.max_qlen
gpio: tps68470: Make tps68470_gpio_output() always set the initial value
i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir()
ethernet: atheros: fix return value check in atl1e_tso_csum()
ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new temporary address
tcp: Reduce chance of collisions in inet6_hashfn().
bonding: reset bond's flags when down link is P2P device
team: reset team's flags when down link is P2P device
platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100
benet: fix return value check in be_lancer_xmit_workarounds()
ASoC: fsl_spdif: Silence output on stop
block: Fix a source code comment in include/uapi/linux/blkzoned.h
dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths
ata: pata_ns87415: mark ns87560_tf_read static
ring-buffer: Fix wrong stat of cpu_buffer->read
tracing: Fix warning in trace_buffered_event_disable()
USB: serial: option: support Quectel EM060K_128
USB: serial: option: add Quectel EC200A module support
USB: serial: simple: add Kaufmann RKS+CAN VCP
USB: serial: simple: sort driver entries
can: gs_usb: gs_can_close(): add missing set of CAN state to CAN_STATE_STOPPED
usb: ohci-at91: Fix the unhandle interrupt when resume
usb: xhci-mtk: set the dma max_seg_size
Documentation: security-bugs.rst: update preferences when dealing with the linux-distros group
staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()
hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled
tpm_tis: Explicitly check for error code
irq-bcm6345-l1: Do not assume a fixed block to cpu mapping
s390/dasd: fix hanging device after quiesce/resume
ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register
dm cache policy smq: ensure IO doesn't prevent cleaner policy progress
drm/client: Fix memory leak in drm_client_target_cloned
net/sched: cls_fw: Fix improper refcount update leads to use-after-free
net/sched: sch_qfq: account for stab overhead in qfq_enqueue
net/sched: cls_u32: Fix reference counter leak leading to overflow
perf: Fix function pointer case
word-at-a-time: use the same return type for has_zero regardless of endianness
net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
perf test uprobe_from_different_cu: Skip if there is no gcc
net: add missing data-race annotations around sk->sk_peek_off
net: add missing data-race annotation for sk_ll_usec
net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free
ip6mr: Fix skb_under_panic in ip6mr_cache_report()
tcp_metrics: fix addr_same() helper
tcp_metrics: annotate data-races around tm->tcpm_stamp
tcp_metrics: annotate data-races around tm->tcpm_lock
tcp_metrics: annotate data-races around tm->tcpm_vals[]
tcp_metrics: annotate data-races around tm->tcpm_net
tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen
loop: Select I/O scheduler 'none' from inside add_disk()
libceph: fix potential hang in ceph_osdc_notify()
USB: zaurus: Add ID for A-300/B-500/C-700
fs/sysv: Null check to prevent null-ptr-deref bug
Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
ext2: Drop fragment support
test_firmware: fix a memory leak with reqs buffer
mtd: rawnand: omap_elm: Fix incorrect type in assignment
drm/edid: fix objtool warning in drm_cvt_modes()
Linux 4.14.322
Change-Id: Ia25c00bd23a112b634b83577ec7d54569e8b7c70
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Michael Bestas
|
4f0c737494 |
Merge tag 'ASB-2023-08-05_4.14-stable' of https://android.googlesource.com/kernel/common into android-msm-pixel-4.14
https://source.android.com/docs/security/bulletin/2023-08-01 CVE-2023-21264 CVE-2020-29374 * tag 'ASB-2023-08-05_4.14-stable' of https://android.googlesource.com/kernel/common: (1241 commits) UPSTREAM: xfrm: Check if_id in xfrm_migrate Linux 4.14.320 i2c: imx-lpi2c: fix type char overflow issue when calculating the clock cycle x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl drm/exynos: fix race condition UAF in exynos_g2d_exec_ioctl drm/exynos: vidi: fix a wrong error return s390/cio: unregister device when the only path is gone usb: gadget: udc: fix NULL dereference in remove() fbdev: imsttfb: Release framebuffer and dealloc cmap on error path nfcsim.c: Fix error checking for debugfs_create_dir arm64: Add missing Set/Way CMO encodings HID: wacom: Add error check to wacom_parse_and_register() scsi: target: iscsi: Prevent login threads from racing between each other netfilter: nf_tables: disallow element updates of bound anonymous sets be2net: Extend xmit workaround to BE3 chip mmc: usdhi60rol0: fix deferred probing mmc: omap_hsmmc: fix deferred probing mmc: omap: fix deferred probing mmc: mtk-sd: fix deferred probing ... Conflicts: drivers/edac/edac_device.c drivers/mmc/core/block.c drivers/mtd/ubi/wl.c drivers/net/ethernet/stmicro/stmmac/stmmac_hwtstamp.c drivers/usb/core/hub.c drivers/usb/core/quirks.c drivers/usb/dwc3/core.c drivers/usb/gadget/function/f_fs.c fs/ext4/page-io.c fs/incfs/main.c fs/incfs/vfs.c fs/verity/enable.c include/drm/drm_mipi_dsi.h include/net/pkt_sched.h include/uapi/linux/virtio_ids.h kernel/panic.c mm/kasan/report.c Change-Id: I8d87ff356c3d786b122e5addf42282830a6f3260 |
||
|
Dan Carpenter
|
7ee557590b |
modpost: fix off by one in is_executable_section()
[ Upstream commit 3a3f1e573a105328a2cca45a7cfbebabbf5e3192 ]
The > comparison should be >= to prevent an out of bounds array
access.
Fixes:
|
||
|
Masahiro Yamada
|
a2a121a193 |
modpost: fix section mismatch message for R_ARM_{PC24,CALL,JUMP24}
[ Upstream commit 56a24b8ce6a7f9c4a21b2276a8644f6f3d8fc14d ]
addend_arm_rel() processes R_ARM_PC24, R_ARM_CALL, R_ARM_JUMP24 in a
wrong way.
Here, test code.
[test code for R_ARM_JUMP24]
.section .init.text,"ax"
bar:
bx lr
.section .text,"ax"
.globl foo
foo:
b bar
[test code for R_ARM_CALL]
.section .init.text,"ax"
bar:
bx lr
.section .text,"ax"
.globl foo
foo:
push {lr}
bl bar
pop {pc}
If you compile it with ARM multi_v7_defconfig, modpost will show the
symbol name, (unknown).
WARNING: modpost: vmlinux.o: section mismatch in reference: foo (section: .text) -> (unknown) (section: .init.text)
(You need to use GNU linker instead of LLD to reproduce it.)
Fix the code to make modpost show the correct symbol name.
I imported (with adjustment) sign_extend32() from include/linux/bitops.h.
The '+8' is the compensation for pc-relative instruction. It is
documented in "ELF for the Arm Architecture" [1].
"If the relocation is pc-relative then compensation for the PC bias
(the PC value is 8 bytes ahead of the executing instruction in Arm
state and 4 bytes in Thumb state) must be encoded in the relocation
by the object producer."
[1]: https://github.com/ARM-software/abi-aa/blob/main/aaelf32/aaelf32.rst
Fixes:
|
||
|
Masahiro Yamada
|
eaf31306a9 |
modpost: fix section mismatch message for R_ARM_ABS32
[ Upstream commit b7c63520f6703a25eebb4f8138fed764fcae1c6f ]
addend_arm_rel() processes R_ARM_ABS32 in a wrong way.
Here, test code.
[test code 1]
#include <linux/init.h>
int __initdata foo;
int get_foo(void) { return foo; }
If you compile it with ARM versatile_defconfig, modpost will show the
symbol name, (unknown).
WARNING: modpost: vmlinux.o: section mismatch in reference: get_foo (section: .text) -> (unknown) (section: .init.data)
(You need to use GNU linker instead of LLD to reproduce it.)
If you compile it for other architectures, modpost will show the correct
symbol name.
WARNING: modpost: vmlinux.o: section mismatch in reference: get_foo (section: .text) -> foo (section: .init.data)
For R_ARM_ABS32, addend_arm_rel() sets r->r_addend to a wrong value.
I just mimicked the code in arch/arm/kernel/module.c.
However, there is more difficulty for ARM.
Here, test code.
[test code 2]
#include <linux/init.h>
int __initdata foo;
int get_foo(void) { return foo; }
int __initdata bar;
int get_bar(void) { return bar; }
With this commit applied, modpost will show the following messages
for ARM versatile_defconfig:
WARNING: modpost: vmlinux.o: section mismatch in reference: get_foo (section: .text) -> foo (section: .init.data)
WARNING: modpost: vmlinux.o: section mismatch in reference: get_bar (section: .text) -> foo (section: .init.data)
The reference from 'get_bar' to 'foo' seems wrong.
I have no solution for this because it is true in assembly level.
In the following output, relocation at 0x1c is no longer associated
with 'bar'. The two relocation entries point to the same symbol, and
the offset to 'bar' is encoded in the instruction 'r0, [r3, #4]'.
Disassembly of section .text:
00000000 <get_foo>:
0: e59f3004 ldr r3, [pc, #4] @ c <get_foo+0xc>
4: e5930000 ldr r0, [r3]
8: e12fff1e bx lr
c: 00000000 .word 0x00000000
00000010 <get_bar>:
10: e59f3004 ldr r3, [pc, #4] @ 1c <get_bar+0xc>
14: e5930004 ldr r0, [r3, #4]
18: e12fff1e bx lr
1c: 00000000 .word 0x00000000
Relocation section '.rel.text' at offset 0x244 contains 2 entries:
Offset Info Type Sym.Value Sym. Name
0000000c 00000c02 R_ARM_ABS32 00000000 .init.data
0000001c 00000c02 R_ARM_ABS32 00000000 .init.data
When find_elf_symbol() gets into a situation where relsym->st_name is
zero, there is no guarantee to get the symbol name as written in C.
I am keeping the current logic because it is useful in many architectures,
but the symbol name is not always correct depending on the optimization.
I left some comments in find_tosym().
Fixes:
|
||
|
Ahmed S. Darwish
|
b42da91c0c |
scripts/tags.sh: Resolve gtags empty index generation
commit e1b37563caffc410bb4b55f153ccb14dede66815 upstream.
gtags considers any file outside of its current working directory
"outside the source tree" and refuses to index it. For O= kernel builds,
or when "make" is invoked from a directory other then the kernel source
tree, gtags ignores the entire kernel source and generates an empty
index.
Force-set gtags current working directory to the kernel source tree.
Due to commit
|
||
|
Greg Kroah-Hartman
|
a1789769b3 |
Merge 4.14.316 into android-4.14-stable
Changes in 4.14.316
net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
netlink: annotate accesses to nlk->cb_running
net: annotate sk->sk_err write from do_recvmmsg()
ipvlan:Fix out-of-bounds caused by unclear skb->cb
af_unix: Fix a data race of sk->sk_receive_queue->qlen.
fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()
regmap: cache: Return error in cache sync operations for REGCACHE_NONE
memstick: r592: Fix UAF bug in r592_remove due to race condition
ACPI: EC: Fix oops when removing custom query handlers
drm/tegra: Avoid potential 32-bit integer overflow
ACPICA: Avoid undefined behavior: applying zero offset to null pointer
ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in acpi_db_display_objects
wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
ext2: Check block size validity during mount
net: pasemi: Fix return type of pasemi_mac_start_tx()
net: Catch invalid index in XPS mapping
lib: cpu_rmap: Avoid use after free on rmap->obj array entries
scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition
gfs2: Fix inode height consistency check
ext4: set goal start correctly in ext4_mb_normalize_request
ext4: Fix best extent lstart adjustment logic in ext4_mb_new_inode_pa()
wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace
Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE
HID: logitech-hidpp: Don't use the USB serial for USB devices
HID: logitech-hidpp: Reconcile USB and Unifying serials
spi: spi-imx: fix MX51_ECSPI_* macros when cs > 3
HID: wacom: generic: Set battery quirk only when we see battery data
serial: 8250: Reinit port->pm on port specific driver unbind
mcb-pci: Reallocate memory region to avoid memory overlapping
sched: Fix KCSAN noinstr violation
recordmcount: Fix memory leaks in the uwrite function
clk: tegra20: fix gcc-7 constant overflow warning
Input: xpad - add constants for GIP interface numbers
phy: st: miphy28lp: use _poll_timeout functions for waits
mfd: dln2: Fix memory leak in dln2_probe()
cpupower: Make TSC read per CPU for Mperf monitor
af_key: Reject optional tunnel/BEET mode templates in outbound policies
net: fec: Better handle pm_runtime_get() failing in .remove()
vsock: avoid to close connected socket after the timeout
media: netup_unidvb: fix use-after-free at del_timer()
net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
cassini: Fix a memory leak in the error handling path of cas_init_one()
igb: fix bit_shift to be in [1..8] range
vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit()
usb-storage: fix deadlock when a scsi command timeouts more than once
ALSA: hda: Fix Oops by 9.1 surround channel names
ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table
statfs: enforce statfs[64] structure initialization
serial: Add support for Advantech PCI-1611U card
ceph: force updating the msg pointer in non-split case
nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode()
netfilter: nf_tables: bogus EBUSY in helper removal from transaction
spi: spi-fsl-spi: automatically adapt bits-per-word in cpu mode
spi: fsl-spi: Re-organise transfer bits_per_word adaptation
spi: fsl-cpm: Use 16 bit mode for large transfers with even size
m68k: Move signal frame following exception on 68020/030
parisc: Allow to reboot machine after system halt
netfilter: nftables: add nft_parse_register_load() and use it
netfilter: nftables: add nft_parse_register_store() and use it
netfilter: nftables: statify nft_parse_register()
netfilter: nf_tables: validate registers coming from userspace.
netfilter: nf_tables: add nft_setelem_parse_key()
netfilter: nf_tables: allow up to 64 bytes in the set element data area
netfilter: nf_tables: stricter validation of element data
netfilter: nft_dynset: do not reject set updates with NFT_SET_EVAL
netfilter: nf_tables: do not allow RULE_ID to refer to another chain
netfilter: nf_tables: do not allow SET_ID to refer to another table
netfilter: nf_tables: fix register ordering
x86/mm: Avoid incomplete Global INVLPG flushes
selftests/memfd: Fix unknown type name build failure
USB: core: Add routines for endpoint checks in old drivers
USB: sisusbvga: Add endpoint checks
media: radio-shark: Add endpoint checks
net: fix skb leak in __skb_tstamp_tx()
ipv6: Fix out-of-bounds access in ipv6_find_tlv()
power: supply: leds: Fix blink to LED on transition
power: supply: bq27xxx: Fix bq27xxx_battery_update() race condition
power: supply: bq27xxx: Fix I2C IRQ race on remove
power: supply: bq27xxx: Fix poll_interval handling and races on remove
power: supply: sbs-charger: Fix INHIBITED bit for Status reg
xen/pvcalls-back: fix double frees with pvcalls_new_active_socket()
x86/show_trace_log_lvl: Ensure stack pointer is aligned, again
forcedeth: Fix an error handling path in nv_probe()
3c589_cs: Fix an error handling path in tc589_probe()
Linux 4.14.316
Change-Id: I3057e11d999112040cd36a7715309365928e3c02
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Hao Zeng
|
bd39f68a30 |
recordmcount: Fix memory leaks in the uwrite function
[ Upstream commit fa359d068574d29e7d2f0fdd0ebe4c6a12b5cfb9 ] Common realloc mistake: 'file_append' nulled but not freed upon failure Link: https://lkml.kernel.org/r/20230426010527.703093-1-zenghao@kylinos.cn Signed-off-by: Hao Zeng <zenghao@kylinos.cn> Suggested-by: Steven Rostedt <rostedt@goodmis.org> Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
d764c607e6 |
Merge 4.14.314 into android-4.14-stable
Changes in 4.14.314 ARM: dts: rockchip: fix a typo error for rk3288 spdif node net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg virtio_net: bugfix overflow inside xdp_linearize_page() i40e: fix accessing vsi->active_filters without holding lock i40e: fix i40e_setup_misc_vector() error handling mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next() e1000e: Disable TSO on i219-LM card to increase speed f2fs: Fix f2fs_truncate_partial_nodes ftrace event selftests: sigaltstack: fix -Wuninitialized scsi: megaraid_sas: Fix fw_crash_buffer_show() scsi: core: Improve scsi_vpd_inquiry() checks net: dsa: b53: mmap: add phy ops s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling xen/netback: use same error messages for same errors nilfs2: initialize unused bytes in segment summary blocks memstick: fix memory leak if card device is never registered x86/purgatory: Don't generate debug info for purgatory.ro Revert "ext4: fix use-after-free in ext4_xattr_set_entry" ext4: remove duplicate definition of ext4_xattr_ibody_inline_set() ext4: fix use-after-free in ext4_xattr_set_entry udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM). tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct(). inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy(). dccp: Call inet6_destroy_sock() via sk->sk_destruct(). sctp: Call inet6_destroy_sock() via sk->sk_destruct(). counter: 104-quad-8: Fix race condition between FLAG and CNTR reads iio: adc: at91-sama5d2_adc: fix an error code in at91_adc_allocate_trigger() ASN.1: Fix check for strdup() success Linux 4.14.314 Change-Id: I8793bc8329f8c8b927a91686eaa4fa6bb556c3f1 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Ekaterina Orlova
|
082b2dd841 |
ASN.1: Fix check for strdup() success
commit 5a43001c01691dcbd396541e6faa2c0077378f48 upstream.
It seems there is a misprint in the check of strdup() return code that
can lead to NULL pointer dereference.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Fixes:
|
||
|
Wilson Sung
|
4accad7636 |
Merge android-4.14-stable (4.14.302) into android-msm-pixel-4.14-tm-lts
Merge 4.14.302 into android-4.14-stable
Linux 4.14.302
net: mvneta: Fix an out of bounds check
* ipv6: avoid use-after-free in ip6_fragment()
net/ipv6/ip6_output.c
net: plip: don't call kfree_skb/dev_kfree_skb() under spin_lock_irq()
xen/netback: fix build warning
ethernet: aeroflex: fix potential skb leak in greth_init_rings()
tipc: Fix potential OOB in tipc_link_proto_rcv()
net: hisilicon: Fix potential use-after-free in hix5hd2_rx()
net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
net: stmmac: fix "snps,axi-config" node property parsing
NFC: nci: Bounds check struct nfc_target arrays
net: mvneta: Prevent out of bounds read in mvneta_config_rss()
net: encx24j600: Fix invalid logic in reading of MISTAT register
net: encx24j600: Add parentheses to fix precedence
mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add()
Bluetooth: 6LoWPAN: add missing hci_dev_put() in get_l2cap_conn()
igb: Allocate MSI-X vector when testing
e1000e: Fix TX dispatch condition
gpio: amd8111: Fix PCI device reference count leak
ca8210: Fix crash by zero initializing data
ieee802154: cc2520: Fix error return code in cc2520_hw_init()
* HID: core: fix shift-out-of-bounds in hid_report_raw_event
drivers/hid/hid-core.c
HID: hid-lg4ff: Add check for empty lbuf
KVM: s390: vsie: Fix the initialization of the epoch extension (epdx) field
* memcg: fix possible use-after-free in memcg_write_event_control()
include/linux/cgroup.h
kernel/cgroup/cgroup-internal.h
* media: v4l2-dv-timings.c: fix too strict blanking sanity checks
drivers/media/v4l2-core/v4l2-dv-timings.c
rcutorture: Automatically create initrd directory
xen/netback: don't call kfree_skb() with interrupts disabled
xen/netback: do some code cleanup
xen/netback: Ensure protocol headers don't fall in the non-linear area
net: usb: qmi_wwan: add u-blox 0x1342 composition
regulator: twl6030: fix get status of twl6032 regulators
* ASoC: soc-pcm: Add NULL check in BE reparenting
sound/soc/soc-pcm.c
ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event
ARM: dts: rockchip: disable arm_global_timer on rk3066 and rk3188
ARM: 9266/1: mm: fix no-MMU ZERO_PAGE() implementation
ARM: 9251/1: perf: Fix stacktraces for tracepoint events in THUMB2 kernels
ARM: dts: rockchip: fix ir-receiver node names
arm: dts: rockchip: fix node name for hym8563 rtc
Merge 4.14.301 into android-4.14-stable
Linux 4.14.301
Revert "x86/speculation: Change FILL_RETURN_BUFFER to work with objtool"
x86/nospec: Fix i386 RSB stuffing
ipc/sem: Fix dangling sem_array access in semtimedop race
* v4l2: don't fall back to follow_pfn() if pin_user_pages_fast() fails
mm/frame_vector.c
* proc: proc_skip_spaces() shouldn't think it is working on C strings
kernel/sysctl.c
* proc: avoid integer type confusion in get_proc_long
kernel/sysctl.c
* mmc: sdhci: Fix voltage switch delay
drivers/mmc/host/sdhci.c
* mmc: sdhci: use FIELD_GET for preset value bit masks
drivers/mmc/host/sdhci.c
x86/ioremap: Fix page aligned size calculation in __ioremap_caller()
* Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
net/bluetooth/l2cap_core.c
x86/pm: Add enumeration check before spec MSRs save/restore setup
x86/tsx: Add a feature bit for TSX control MSR support
nvme: restrict management ioctls to admin
* tcp/udp: Fix memory leak in ipv6_renew_options().
net/ipv6/ipv6_sockglue.c
iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init()
pinctrl: single: Fix potential division by zero
* ASoC: ops: Fix bounds check for _sx controls
sound/soc/soc-ops.c
efi: random: Properly limit the size of the random seed
* arm64: errata: Fix KVM Spectre-v2 mitigation selection for Cortex-A57/A72
arch/arm64/kernel/cpu_errata.c
* arm64: Fix panic() when Spectre-v2 causes Spectre-BHB to re-allocate KVM vectors
arch/arm64/kernel/cpu_errata.c
x86/bugs: Make sure MSR_SPEC_CTRL is updated properly upon resume from S3
nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry()
tools/vm/slabinfo-gnuplot: use "grep -E" instead of "egrep"
btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit()
* perf: Add sample_flags to indicate the PMU-filled sample data
include/linux/perf_event.h
kernel/events/core.c
hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()
hwmon: (coretemp) Check for null before removing sysfs attrs
net: ethernet: renesas: ravb: Fix promiscuous mode after system resumed
* packet: do not set TP_STATUS_CSUM_VALID on CHECKSUM_COMPLETE
net/packet/af_packet.c
net: hsr: Fix potential use-after-free
dsa: lan9303: Correct stat name
net/9p: Fix a potential socket leak in p9_socket_open
net: net_netdev: Fix error handling in ntb_netdev_init_module()
* net: phy: fix null-ptr-deref while probe() failed
drivers/net/phy/phy_device.c
qlcnic: fix sleep-in-atomic-context bugs caused by msleep
can: cc770: cc770_isa_probe(): add missing free_cc770dev()
can: sja1000_isa: sja1000_isa_probe(): add missing free_sja1000dev()
net/mlx5: Fix uninitialized variable bug in outlen_write()
* of: property: decrement node refcount in of_fwnode_get_reference_args()
drivers/of/property.c
hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails
hwmon: (i5500_temp) fix missing pci_disable_device()
* iio: light: rpr0521: add missing Kconfig dependencies
drivers/iio/light/Kconfig
iio: health:
|
||
|
Wilson Sung
|
394a00276f |
Merge android-4.14-stable (4.14.299) into android-msm-pixel-4.14-tm-lts
Merge 4.14.299 into android-4.14-stable
Merge 4.14.298 into android-4.14-stable
Linux 4.14.299
wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
* linux/bits.h: make BIT(), GENMASK(), and friends available in assembly
include/linux/bits.h
* linux/const.h: move UL() macro to include/linux/const.h
arch/arm64/include/asm/memory.h
include/linux/const.h
include/uapi/linux/const.h
* linux/const.h: prefix include guard of uapi/linux/const.h with _UAPI
include/uapi/linux/const.h
KVM: x86: emulator: update the emulation mode after CR0 write
KVM: x86: emulator: introduce emulator_recalc_and_set_mode
KVM: x86: emulator: em_sysexit should update ctxt->mode
KVM: x86: Mask off reserved bits in CPUID.80000008H
* ext4: fix warning in 'ext4_da_release_space'
fs/ext4/migrate.c
parisc: Export iosapic_serial_irq() symbol for serial port driver
* parisc: Make 8250_gsc driver dependend on CONFIG_PARISC
drivers/tty/serial/8250/Kconfig
* efi: random: reduce seed size to 32 bytes
include/linux/efi.h
* ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices
sound/usb/quirks-table.h
sound/usb/quirks.c
* capabilities: fix potential memleak on error path from vfs_getxattr_alloc()
security/commoncap.c
* tcp/udp: Make early_demux back namespacified.
include/net/protocol.h
include/net/tcp.h
include/net/udp.h
net/ipv4/af_inet.c
net/ipv4/ip_input.c
net/ipv4/sysctl_net_ipv4.c
net/ipv6/ip6_input.c
net/ipv6/tcp_ipv6.c
net/ipv6/udp.c
btrfs: fix type of parameter generation in btrfs_get_dentry
block, bfq: protect 'bfqd->queued' by 'bfqd->lock'
* Bluetooth: L2CAP: Fix attempting to access uninitialized memory
net/bluetooth/l2cap_core.c
i2c: xiic: Add platform module alias
media: dvb-frontends/drxk: initialize err to 0
media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE
* net, neigh: Fix null-ptr-deref in neigh_table_clear()
net/core/neighbour.c
* net: mdio: fix undefined behavior in bit shift for __mdiobus_register
drivers/net/phy/mdio_bus.c
* Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()
net/bluetooth/l2cap_core.c
* Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
net/bluetooth/l2cap_core.c
btrfs: fix ulist leaks in error paths of qgroup self tests
btrfs: fix inode list leak during backref walking at resolve_indirect_refs()
isdn: mISDN: netjet: fix wrong check of device registration
mISDN: fix possible memory leak in mISDN_register_device()
rose: Fix NULL pointer dereference in rose_send_frame()
ipvs: use explicitly signed chars
net: sched: Fix use after free in red_enqueue()
ata: pata_legacy: fix pdc20230_set_piomode()
net: fec: fix improper use of NETDEV_TX_BUSY
nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()
nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send()
net: dsa: Fix possible memory leaks in dsa_loop_init()
nfs4: Fix kmemleak when allocate slot failed
NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot
NFSv4.1: Handle RECLAIM_COMPLETE trunking errors
* UPSTREAM: linux/const.h: move UL() macro to include/linux/const.h
arch/arm64/include/asm/memory.h
include/linux/const.h
include/uapi/linux/const.h
* UPSTREAM: linux/const.h: prefix include guard of uapi/linux/const.h with _UAPI
include/uapi/linux/const.h
* UPSTREAM: linux/bits.h: make BIT(), GENMASK(), and friends available in assembly
include/linux/bits.h
Linux 4.14.298
can: rcar_canfd: rcar_canfd_handle_global_receive(): fix IRQ storm on global FIFO receive
net: ehea: fix possible memory leak in ehea_register_port()
openvswitch: switch from WARN to pr_warn
ALSA: aoa: Fix I2S device accounting
ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
* PM: domains: Fix handling of unavailable/disabled idle states
drivers/base/power/domain.c
net: ksz884x: fix missing pci_disable_device() on error in pcidev_init()
i40e: Fix flow-type by setting GL_HASH_INSET registers
i40e: Fix ethtool rx-flow-hash setting for X722
* media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
include/uapi/linux/videodev2.h
* media: v4l2-dv-timings: add sanity checks for blanking values
drivers/media/v4l2-core/v4l2-dv-timings.c
media: vivid: dev->bitmap_cap wasn't freed in all cases
media: vivid: s_fbuf: add more sanity checks
PM: hibernate: Allow hybrid sleep to work with s2idle
can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error path
* tcp: fix indefinite deferral of RTO with SACK reneging
net/ipv4/tcp_input.c
net: lantiq_etop: don't free skb when returning NETDEV_TX_BUSY
kcm: annotate data-races around kcm->rx_wait
kcm: annotate data-races around kcm->rx_psock
amd-xgbe: add the bit rate quirk for Molex cables
amd-xgbe: fix the SFP compliance codes check for DAC cables
x86/unwind/orc: Fix unreliable stack dump with gcov
ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
arc: iounmap() arg is volatile
drm/msm: Fix return type of mdp4_lvds_connector_mode_valid
net: ieee802154: fix error return code in dgram_bind()
mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages
xen/gntdev: Prevent leaking grants
Xen/gntdev: don't ignore kernel unmapping error
s390/futex: add missing EX_TABLE entry to __futex_atomic_op()
* kernfs: fix use-after-free in __kernfs_remove
fs/kernfs/dir.c
mmc: core: Fix kernel panic when remove non-standard SDIO card
drm/msm/hdmi: fix memory corruption with too many bridges
mac802154: Fix LQI recording
fbdev: smscufx: Fix several use-after-free bugs
iio: light: tsl2583: Fix module unloading
tools: iio: iio_utils: fix digit calculation
* xhci: Remove device endpoints from bandwidth list when freeing the device
drivers/usb/host/xhci-mem.c
* usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96 controller
drivers/usb/host/xhci-pci.c
usb: bdc: change state when port disconnected
* usb: dwc3: gadget: Don't set IMI for no_interrupt
drivers/usb/dwc3/gadget.c
* USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM
drivers/usb/core/quirks.c
ALSA: au88x0: use explicitly signed char
ALSA: Use del_timer_sync() before freeing timer
ACPI: video: Force backlight native for more TongFang devices
* media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls
drivers/media/v4l2-core/v4l2-mem2mem.c
iommu/vt-d: Clean up si_domain in the init_dmars() error path
net: hns: fix possible memory leak in hnae_ae_register()
net/atm: fix proc_mpc_write incorrect return value
* HID: magicmouse: Do not set BTN_MOUSE on double report
drivers/hid/hid-magicmouse.c
ACPI: extlog: Handle multiple records
btrfs: fix processing of delayed data refs during backref walking
* r8152: add PID for the Lenovo OneLink+ Dock
drivers/net/usb/cdc_ether.c
drivers/net/usb/r8152.c
* arm64: errata: Remove AES hwcap for COMPAT tasks
arch/arm64/Kconfig
arch/arm64/include/asm/cpucaps.h
arch/arm64/kernel/cpu_errata.c
arch/arm64/kernel/cpufeature.c
KVM: arm64: vgic: Fix exit condition in scan_its_table()
ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS
ata: ahci-imx: Fix MODULE_ALIAS
x86/microcode/AMD: Apply the patch early on every logical thread
ocfs2: fix BUG when iput after ocfs2_mknod fails
ocfs2: clear dinode links count in case of error
Merge 4.14.297 into android-4.14-stable
Linux 4.14.297
x86/speculation: Add RSB VM Exit protections
x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
x86/speculation: Disable RRSBA behavior
x86/bugs: Add Cannon lake to RETBleed affected CPU list
x86/cpu/amd: Enumerate BTC_NO
x86/common: Stamp out the stepping madness
x86/speculation: Fill RSB on vmexit for IBRS
KVM: VMX: Fix IBRS handling after vmexit
KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
x86/speculation: Remove x86_spec_ctrl_mask
x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
x86/speculation: Fix SPEC_CTRL write on SMT state change
x86/speculation: Fix firmware entry SPEC_CTRL handling
x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
x86/speculation: Add LFENCE to RSB fill sequence
x86/speculation: Change FILL_RETURN_BUFFER to work with objtool
entel_idle: Disable IBRS during long idle
x86/bugs: Report Intel retbleed vulnerability
x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation()
x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
x86/bugs: Optimize SPEC_CTRL MSR writes
x86/entry: Add kernel IBRS implementation
x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
x86/bugs: Add AMD retbleed= boot parameter
* x86/bugs: Report AMD retbleed vulnerability
drivers/base/cpu.c
include/linux/cpu.h
x86/cpufeatures: Move RETPOLINE flags to word 11
x86/entry: Remove skip_r11rcx
* x86/cpu: Add a steppings field to struct x86_cpu_id
include/linux/mod_devicetable.h
x86/cpu: Add consistent CPU match macros
* x86/devicetable: Move x86 specific macro out of generic code
include/linux/mod_devicetable.h
x86/cpufeature: Fix various quality problems in the <asm/cpu_device_hd.h> header
x86/cpufeature: Add facility to check for min microcode revisions
* Revert "x86/cpu: Add a steppings field to struct x86_cpu_id"
include/linux/mod_devicetable.h
Merge 4.14.296 into android-4.14-stable
Linux 4.14.296
thermal: intel_powerclamp: Use first online CPU as control_cpu
* inet: fully convert sk->sk_rx_dst to RCU rules
include/net/sock.h
net/ipv4/af_inet.c
net/ipv4/tcp.c
net/ipv4/tcp_input.c
net/ipv4/tcp_ipv4.c
net/ipv4/udp.c
net/ipv6/tcp_ipv6.c
net/ipv6/udp.c
efi: libstub: drop pointless get_memory_map() call
md: Replace snprintf with scnprintf
* ext4: continue to expand file system when the target size doesn't reach
fs/ext4/resize.c
net/ieee802154: don't warn zero-sized raw_sendmsg()
net: ieee802154: return -EINVAL for unknown addr type
perf intel-pt: Fix segfault in intel_pt_print_info() with uClibc
usb: idmouse: fix an uninit-value in idmouse_open
* Revert "usb: storage: Add quirk for Samsung Fit flash"
drivers/usb/storage/unusual_devs.h
usb: musb: Fix musb_gadget.c rxstate overflow bug
* usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
drivers/usb/host/xhci-mem.c
md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d
HID: roccat: Fix use-after-free in roccat_read()
nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
scsi: 3w-9xxx: Avoid disabling device if failing to enable it
media: cx88: Fix a null-ptr-deref bug in buffer_prepare()
ARM: dts: imx6sl: add missing properties for sram
ARM: dts: imx6qp: add missing properties for sram
ARM: dts: imx6dl: add missing properties for sram
ARM: dts: imx6q: add missing properties for sram
ARM: dts: imx7d-sdb: config the max pressure for tsc2046
drm/amdgpu: fix initial connector audio value
platform/x86: msi-laptop: Change DMI match / alias strings to fix module autoloading
drm/vc4: vec: Fix timings for VEC modes
* drm: Prevent drm_copy_field() to attempt copying a NULL pointer
drivers/gpu/drm/drm_ioctl.c
* drm: Use size_t type for len variable in drm_copy_field()
drivers/gpu/drm/drm_ioctl.c
* r8152: Rate limit overflow messages
drivers/net/usb/r8152.c
* Bluetooth: L2CAP: Fix user-after-free
net/bluetooth/l2cap_core.c
* net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory
net/core/stream.c
wifi: rt2x00: correctly set BBP register 86 for MT7620
wifi: rt2x00: set SoC wmac clock register
wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620
wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620
can: bcm: check the result of can_send() in bcm_can_tx()
* Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
net/bluetooth/hci_sysfs.c
* Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
net/bluetooth/l2cap_core.c
wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
* xfrm: Update ipcomp_scratches with NULL when freed
net/xfrm/xfrm_ipcomp.c
wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
* tcp: annotate data-race around tcp_md5sig_pool_populated
net/ipv4/tcp.c
openvswitch: Fix overreporting of drops in dropwatch
openvswitch: Fix double reporting of drops in dropwatch
wifi: brcmfmac: fix invalid address access when enabling SCAN log level
NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data
thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash
powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue
MIPS: BCM47XX: Cast memcmp() of function to (void *)
ACPI: video: Add Toshiba Satellite/Portege Z830 quirk
* f2fs: fix race condition on setting FI_NO_EXTENT flag
fs/f2fs/extent_cache.c
crypto: cavium - prevent integer overflow loading firmware
* iommu/iova: Fix module config properly
include/linux/iova.h
iommu/omap: Fix buffer overflow in debugfs
powerpc: Fix SPE Power ISA properties for e500v1 platforms
powerpc/powernv: add missing of_node_put() in opal_export_attrs()
powerpc/pci_dn: Add missing of_node_put()
powerpc/sysdev/fsl_msi: Add missing of_node_put()
powerpc/math_emu/efp: Include module.h
mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg
clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
* spmi: pmic-arb: correct duplicate APID to PPID mapping logic
drivers/spmi/spmi-pmic-arb.c
dmaengine: ioat: stop mod_timer from resurrecting deleted timer in __cleanup()
mfd: sm501: Add check for platform_driver_register()
mfd: lp8788: Fix an error handling path in lp8788_irq_init() and lp8788_irq_init()
mfd: lp8788: Fix an error handling path in lp8788_probe()
mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq()
mfd: intel_soc_pmic: Fix an error handling path in intel_soc_pmic_i2c_probe()
fsi: core: Check error number after calling ida_simple_get
serial: 8250: Fix restoring termios speed after suspend
firmware: google: Test spinlock on panic path to avoid lockups
phy: qualcomm: call clk_disable_unprepare in the error handling
drivers: serial: jsm: fix some leaks in probe
usb: gadget: function: fix dangling pnp_string in f_printer.c
* xhci: Don't show warning for reinit on known broken suspend
drivers/usb/host/xhci.c
md/raid5: Ensure stripe_fill happens on non-read IO with journal
ata: fix ata_id_has_dipm()
ata: fix ata_id_has_ncq_autosense()
ata: fix ata_id_has_devslp()
ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting()
* dyndbg: let query-modname override actual module name
lib/dynamic_debug.c
* dyndbg: fix module.dyndbg handling
include/linux/dynamic_debug.h
RDMA/rxe: Fix the error caused by qp->sk
RDMA/rxe: Fix "kernel NULL pointer dereference" error
media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
tty: xilinx_uartps: Fix the ignore_status
media: exynos4-is: fimc-is: Add of_node_put() when breaking out of loop
HSI: omap_ssi_port: Fix dma_map_sg error check
HSI: omap_ssi: Fix refcount leak in ssi_probe
clk: tegra20: Fix refcount leak in tegra20_clock_init
clk: tegra: Fix refcount leak in tegra114_clock_init
clk: tegra: Fix refcount leak in tegra210_clock_init
clk: oxnas: Hold reference returned by of_get_parent()
iio: ABI: Fix wrong format of differential capacitance channel ABI.
* iio: inkern: only release the device node when done with it
drivers/iio/inkern.c
iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX
ARM: dts: exynos: fix polarity of VBUS GPIO of Origen
ARM: Drop CMDLINE_* dependency on ATAGS
ARM: dts: kirkwood: lsxl: remove first ethernet port
ARM: dts: kirkwood: lsxl: fix serial line
ARM: dts: turris-omnia: Fix mpp26 pin name and comment
* soc: qcom: smem_state: Add refcounting for the 'state->of_node'
drivers/soc/qcom/smem_state.c
soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe()
memory: of: Fix refcount leak bug in of_get_ddr_timings()
mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
ALSA: dmaengine: increment buffer pointer atomically
ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API
mmc: au1xmmc: Fix an error handling path in au1xmmc_probe()
drm/bridge: megachips: Fix a null pointer dereference bug
platform/x86: msi-laptop: Fix resource cleanup
platform/x86: msi-laptop: Fix old-ec check for backlight registering
* drm/mipi-dsi: Detach devices when removing the host
drivers/gpu/drm/drm_mipi_dsi.c
bnx2x: fix potential memory leak in bnx2x_tpa_stop()
net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks()
* tcp: fix tcp_cwnd_validate() to not forget is_cwnd_limited
include/linux/tcp.h
include/net/tcp.h
net/ipv4/tcp.c
net/ipv4/tcp_output.c
mISDN: fix use-after-free bugs in l1oip timer handlers
vhost/vsock: Use kvmalloc/kvfree for larger packets.
spi: s3c64xx: Fix large transfers with DMA
netfilter: nft_fib: Fix for rpath check with VRF devices
spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe
net: fs_enet: Fix wrong check in do_pd_setup
wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration
wifi: rtl8xxxu: Fix skb misuse in TX queue selection
spi: qup: add missing clk_disable_unprepare on error in spi_qup_pm_resume_runtime()
spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume()
wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
wifi: mac80211: allow bw change during channel switch in mesh
wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state()
sh: machvec: Use char[] for section boundaries
selinux: use "grep -E" instead of "egrep"
gcov: support GCC 12.1 and newer compilers
KVM: nVMX: Unconditionally purge queued/injected events on nested "exit"
KVM: x86/emulator: Fix handing of POP SS to correctly set interruptibility
* ring-buffer: Fix race between reset page and reading page
kernel/trace/ring_buffer.c
* ring-buffer: Check pending waiters when doing wake ups as well
kernel/trace/ring_buffer.c
* ring-buffer: Allow splice to read previous partially read pages
kernel/trace/ring_buffer.c
ftrace: Properly unset FTRACE_HASH_FL_MOD
livepatch: fix race between fork and KLP transition
* ext4: place buffer head allocation before handle start
fs/ext4/inode.c
* ext4: make ext4_lazyinit_thread freezable
fs/ext4/super.c
* ext4: fix null-ptr-deref in ext4_write_info
fs/ext4/super.c
* ext4: avoid crash when inline data creation follows DIO write
fs/ext4/file.c
nilfs2: fix lockdep warnings during disk space reclamation
nilfs2: fix lockdep warnings in page operations for btree nodes
nilfs2: fix use-after-free bug of struct nilfs_root
fbdev: smscufx: Fix use-after-free in ufx_ops_open()
* PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
drivers/pci/setup-res.c
UM: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
parisc: fbdev/stifb: Align graphics memory size to 4MB
* Revert "fs: check FMODE_LSEEK to control internal pipe splicing"
fs/splice.c
regulator: qcom_rpm: Fix circular deferral regression
* quota: Check next/prev free block number after reading from quota file
fs/quota/quota_tree.c
* HID: multitouch: Add memory barriers
drivers/hid/hid-multitouch.c
fs: dlm: handle -EBUSY first in lock arg validation
fs: dlm: fix race between test_bit() and queue_work()
iio: dac: ad5593r: Fix i2c read protocol requirements
* ALSA: usb-audio: Fix NULL dererence at error path
sound/usb/endpoint.c
* ALSA: usb-audio: Fix potential memory leaks
sound/usb/endpoint.c
* ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free()
sound/core/rawmidi.c
ALSA: oss: Fix potential deadlock at unregistration
* random: use expired timer rather than wq for mixing fast pool
drivers/char/random.c
* Input: xpad - fix wireless 360 controller breaking after suspend
drivers/input/joystick/xpad.c
* Input: xpad - add supported devices as contributed on github
drivers/input/joystick/xpad.c
wifi: mac80211_hwsim: avoid mac80211 warning on bad rate
* random: avoid reading two cache lines on irq randomness
drivers/char/random.c
* random: restore O_NONBLOCK support
drivers/char/mem.c
drivers/char/random.c
USB: serial: qcserial: add new usb-id for Dell branded EM7455
* scsi: stex: Properly zero out the passthrough command structure
include/scsi/scsi_cmnd.h
ALSA: hda: Fix position reporting on Poulsbo
* random: clamp credited irq bits to maximum mixed
drivers/char/random.c
ceph: don't truncate file in atomic_open
nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
nilfs2: fix leak of nilfs_root in case of writer thread creation failure
nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
* netfilter: nf_queue: fix socket leak
net/netfilter/nf_queue.c
* rpmsg: qcom: glink: replace strncpy() with strscpy_pad()
drivers/rpmsg/qcom_glink_native.c
mmc: core: Terminate infinite loop in SD-UHS voltage switch
mmc: core: Replace with already defined values for readability
USB: serial: ftdi_sio: fix 300 bps rate for SIO
usb: mon: make mmapped memory read only
um: Cleanup compiler warning in arch/x86/um/tls_32.c
um: Cleanup syscall_handler_t cast in syscalls_32.h
net/ieee802154: fix uninit value bug in dgram_sendmsg
ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer
dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent API failure
dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property
* fs: fix UAF/GPF bug in nilfs_mdt_destroy
fs/inode.c
ARM: fix function graph tracer and unwinder dependencies
* i2c: dev: prevent ZERO_SIZE_PTR deref in i2cdev_ioctl_rdwr()
drivers/i2c/i2c-dev.c
* Makefile.extrawarn: Move -Wcast-function-type-strict to W=1
scripts/Makefile.extrawarn
clk: iproc: Do not rely on node name for correct PLL setup
clk: iproc: Minor tidy up of iproc pll data structures
selftests: Fix the if conditions of in test_extra_filter()
nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices
nvme: add new line after variable declatation
* usbnet: Fix memory leak in usbnet_disconnect()
drivers/net/usb/usbnet.c
Input: melfas_mip4 - fix return value check in mip4_probe()
Revert "drm: bridge: analogix/dp: add panel prepare/unprepare in suspend/resume time"
soc: sunxi: sram: Fix debugfs info for A64 SRAM C
soc: sunxi: sram: Actually claim SRAM regions
* mm/migrate_device.c: flush TLB while holding PTL
mm/migrate.c
* mm: prevent page_frag_alloc() from corrupting the memory
mm/page_alloc.c
* mm/page_alloc: fix race condition between build_all_zonelists and page allocation
mm/page_alloc.c
mmc: moxart: fix 4-bit bus width and remove 8-bit bus width
ntfs: fix BUG_ON in ntfs_lookup_inode_by_name()
net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455
uas: ignore UAS for Thinkplus chips
usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS
uas: add no-uas quirk for Hiksemi usb_disk
* ANDROID: kbuild: Wrap zero trivial-auto-var-init enablement flag with cc-option
Makefile
* UPSTREAM: f2fs: guarantee to write dirty data when enabling checkpoint back
fs/f2fs/file.c
fs/f2fs/super.c
Bug: 260299968
Change-Id: I3d8686e6dfa612ff0de4a72686637be0ce678aa6
Signed-off-by: Wilson Sung <wilsonsung@google.com>
Signed-off-by: JohnnLee <johnnlee@google.com>
|
||
|
Greg Kroah-Hartman
|
8e45015ccc |
Merge 4.14.301 into android-4.14-stable
Changes in 4.14.301
wifi: mac80211_hwsim: fix debugfs attribute ps with rc table support
audit: fix undefined behavior in bit shift for AUDIT_BIT
wifi: mac80211: Fix ack frame idr leak when mesh has no route
spi: stm32: fix stm32_spi_prepare_mbr() that halves spi clk for every run
MIPS: pic32: treat port as signed integer
af_key: Fix send_acquire race with pfkey_register
ARM: dts: am335x-pcm-953: Define fixed regulators in root node
bus: sunxi-rsb: Support atomic transfers
ARM: dts: at91: sam9g20ek: enable udc vbus gpio pinctrl
nfc/nci: fix race with opening and closing
net: pch_gbe: fix potential memleak in pch_gbe_tx_queue()
9p/fd: fix issue of list_del corruption in p9_fd_cancel()
ARM: mxs: fix memory leak in mxs_machine_init()
net/mlx4: Check retval of mlx4_bitmap_init
net/qla3xxx: fix potential memleak in ql3xxx_send()
xfrm: Fix ignored return value in xfrm6_init()
NFC: nci: fix memory leak in nci_rx_data_packet()
dccp/tcp: Reset saddr on failure after inet6?_hash_connect().
s390/dasd: fix no record found for raw_track_access
nfc: st-nci: fix incorrect validating logic in EVT_TRANSACTION
nfc: st-nci: fix memory leaks in EVT_TRANSACTION
net: thunderx: Fix the ACPI memory leak
s390/crashdump: fix TOD programmable field size
nios2: add FORCE for vmlinuz.gz
arm64: dts: rockchip: lower rk3399-puma-haikou SD controller clock frequency
iio: light: apds9960: fix wrong register for gesture gain
iio: core: Fix entry not deleted when iio_register_sw_trigger_type() fails
kconfig: display recursive dependency resolution hint just once
nilfs2: fix nilfs_sufile_mark_dirty() not set segment usage as dirty
Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode
serial: 8250: 8250_omap: Avoid RS485 RTS glitch on ->set_termios()
xen/platform-pci: add missing free_irq() in error path
platform/x86: asus-wmi: add missing pci_dev_put() in asus_wmi_set_xusb2pr()
platform/x86: acer-wmi: Enable SW_TABLET_MODE on Switch V 10 (SW5-017)
platform/x86: hp-wmi: Ignore Smart Experience App event
tcp: configurable source port perturb table size
net: usb: qmi_wwan: add Telit 0x103a composition
drm/amdgpu: always register an MMU notifier for userptr
iio: health: afe4403: Fix oob read in afe4403_read_raw
iio: health:
|
||
|
Masahiro Yamada
|
07d7941f25 |
kconfig: display recursive dependency resolution hint just once
commit e3b03bf29d6b99fab7001fb20c33fe54928c157a upstream. Commit |
||
|
Greg Kroah-Hartman
|
980d7f36ac |
Merge 4.14.300 into android-4.14-stable
Changes in 4.14.300 HID: hyperv: fix possible memory leak in mousevsc_probe() net: gso: fix panic on frag_list with mixed head alloc types bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer net: fman: Unregister ethernet device on removal capabilities: fix undefined behavior in bit shift for CAP_TO_MASK net: lapbether: fix issue of dev reference count leakage in lapbeth_device_event() hamradio: fix issue of dev reference count leakage in bpq_device_event() drm/vc4: Fix missing platform_unregister_drivers() call in vc4_drm_register() ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove() drivers: net: xgene: disable napi when register irq failed in xgene_enet_open() net: cxgb3_main: disable napi when bind qsets failed in cxgb_up() ethernet: s2io: disable napi when start nic failed in s2io_card_up() net: mv643xx_eth: disable napi when init rxq or txq failed in mv643xx_eth_open() net: macvlan: fix memory leaks of macvlan_common_newlink arm64: efi: Fix handling of misaligned runtime regions and drop warning ALSA: hda: fix potential memleak in 'add_widget_node' ALSA: usb-audio: Add quirk entry for M-Audio Micro nilfs2: fix deadlock in nilfs_count_free_blocks() drm/i915/dmabuf: fix sg_table handling in map_dma_buf platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi btrfs: selftests: fix wrong error check in btrfs_free_dummy_root() udf: Fix a slab-out-of-bounds write bug in udf_find_entry() cert host tools: Stop complaining about deprecated OpenSSL functions dmaengine: at_hdmac: Fix at_lli struct definition dmaengine: at_hdmac: Don't start transactions at tx_submit level dmaengine: at_hdmac: Fix completion of unissued descriptor in case of errors dmaengine: at_hdmac: Don't allow CPU to reorder channel enable dmaengine: at_hdmac: Fix impossible condition dmaengine: at_hdmac: Check return code of dma_async_device_register x86/cpu: Restore AMD's DE_CFG MSR after resume selftests/futex: fix build for clang drm/imx: imx-tve: Fix return type of imx_tve_connector_mode_valid Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm ASoC: core: Fix use-after-free in snd_soc_exit() serial: 8250_omap: remove wait loop from Errata i202 workaround serial: 8250: omap: Flush PM QOS work on remove tty: n_gsm: fix sleep-in-atomic-context bug in gsm_control_send ASoC: soc-utils: Remove __exit for snd_soc_util_exit() block: sed-opal: kmalloc the cmd/resp buffers parport_pc: Avoid FIFO port location truncation pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map net: bgmac: Drop free_netdev() from bgmac_enet_remove() mISDN: fix possible memory leak in mISDN_dsp_element_register() mISDN: fix misuse of put_device() in mISDN_register_device() net: caif: fix double disconnect client in chnl_net_open() xen/pcpu: fix possible memory leak in register_pcpu() drbd: use after free in drbd_create_device() net/x25: Fix skb leak in x25_lapb_receive_frame() cifs: Fix wrong return value checking when GETFLAGS ftrace: Fix the possible incorrect kernel message ftrace: Optimize the allocation for mcount entries ftrace: Fix null pointer dereference in ftrace_add_mod() ring_buffer: Do not deactivate non-existant pages ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open() USB: serial: option: add Sierra Wireless EM9191 USB: serial: option: remove old LARA-R6 PID USB: serial: option: add u-blox LARA-R6 00B modem USB: serial: option: add u-blox LARA-L6 modem USB: serial: option: add Fibocom FM160 0x0111 composition usb: add NO_LPM quirk for Realforce 87U Keyboard usb: chipidea: fix deadlock in ci_otg_del_timer iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger() iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init() iio: pressure: ms5611: changed hardcoded SPI speed to value limited dm ioctl: fix misbehavior if list_versions races with module loading serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs serial: 8250_lpss: Configure DMA also w/o DMA filter mmc: core: properly select voltage range without power cycle mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() nilfs2: fix use-after-free bug of ns_writer on remount serial: 8250: Flush DMA Rx on RLSI macvlan: enforce a consistent minimal mtu tcp: cdg: allow tcp_cdg_release() to be called multiple times kcm: avoid potential race in kcm_tx_work bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb() kcm: close race conditions on sk_receive_queue 9p: trans_fd/p9_conn_cancel: drop client lock earlier gfs2: Check sb_bsize_shift after reading superblock gfs2: Switch from strlcpy to strscpy 9p/trans_fd: always use O_NONBLOCK read/write mm: fs: initialize fsdata passed to write_begin/write_end interface ntfs: fix use-after-free in ntfs_attr_find() ntfs: fix out-of-bounds read in ntfs_attr_find() ntfs: check overflow when iterating ATTR_RECORDs Linux 4.14.300 Change-Id: I6e30b49a26cfda34ab6d259641dc4ea488d312eb Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Linus Torvalds
|
aad1e54ae0 |
cert host tools: Stop complaining about deprecated OpenSSL functions
commit 6bfb56e93bcef41859c2d5ab234ffd80b691be35 upstream. OpenSSL 3.0 deprecated the OpenSSL's ENGINE API. That is as may be, but the kernel build host tools still use it. Disable the warning about deprecated declarations until somebody who cares fixes it. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
c8ea89af5f |
Merge 4.14.296 into android-4.14-stable
Changes in 4.14.296 uas: add no-uas quirk for Hiksemi usb_disk usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS uas: ignore UAS for Thinkplus chips net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 ntfs: fix BUG_ON in ntfs_lookup_inode_by_name() mmc: moxart: fix 4-bit bus width and remove 8-bit bus width mm/page_alloc: fix race condition between build_all_zonelists and page allocation mm: prevent page_frag_alloc() from corrupting the memory mm/migrate_device.c: flush TLB while holding PTL soc: sunxi: sram: Actually claim SRAM regions soc: sunxi: sram: Fix debugfs info for A64 SRAM C Revert "drm: bridge: analogix/dp: add panel prepare/unprepare in suspend/resume time" Input: melfas_mip4 - fix return value check in mip4_probe() usbnet: Fix memory leak in usbnet_disconnect() nvme: add new line after variable declatation nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices selftests: Fix the if conditions of in test_extra_filter() clk: iproc: Minor tidy up of iproc pll data structures clk: iproc: Do not rely on node name for correct PLL setup Makefile.extrawarn: Move -Wcast-function-type-strict to W=1 i2c: dev: prevent ZERO_SIZE_PTR deref in i2cdev_ioctl_rdwr() ARM: fix function graph tracer and unwinder dependencies fs: fix UAF/GPF bug in nilfs_mdt_destroy dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent API failure ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer net/ieee802154: fix uninit value bug in dgram_sendmsg um: Cleanup syscall_handler_t cast in syscalls_32.h um: Cleanup compiler warning in arch/x86/um/tls_32.c usb: mon: make mmapped memory read only USB: serial: ftdi_sio: fix 300 bps rate for SIO mmc: core: Replace with already defined values for readability mmc: core: Terminate infinite loop in SD-UHS voltage switch rpmsg: qcom: glink: replace strncpy() with strscpy_pad() netfilter: nf_queue: fix socket leak nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level() nilfs2: fix leak of nilfs_root in case of writer thread creation failure nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure ceph: don't truncate file in atomic_open random: clamp credited irq bits to maximum mixed ALSA: hda: Fix position reporting on Poulsbo scsi: stex: Properly zero out the passthrough command structure USB: serial: qcserial: add new usb-id for Dell branded EM7455 random: restore O_NONBLOCK support random: avoid reading two cache lines on irq randomness wifi: mac80211_hwsim: avoid mac80211 warning on bad rate Input: xpad - add supported devices as contributed on github Input: xpad - fix wireless 360 controller breaking after suspend random: use expired timer rather than wq for mixing fast pool ALSA: oss: Fix potential deadlock at unregistration ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free() ALSA: usb-audio: Fix potential memory leaks ALSA: usb-audio: Fix NULL dererence at error path iio: dac: ad5593r: Fix i2c read protocol requirements fs: dlm: fix race between test_bit() and queue_work() fs: dlm: handle -EBUSY first in lock arg validation HID: multitouch: Add memory barriers quota: Check next/prev free block number after reading from quota file regulator: qcom_rpm: Fix circular deferral regression Revert "fs: check FMODE_LSEEK to control internal pipe splicing" parisc: fbdev/stifb: Align graphics memory size to 4MB UM: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge fbdev: smscufx: Fix use-after-free in ufx_ops_open() nilfs2: fix use-after-free bug of struct nilfs_root nilfs2: fix lockdep warnings in page operations for btree nodes nilfs2: fix lockdep warnings during disk space reclamation ext4: avoid crash when inline data creation follows DIO write ext4: fix null-ptr-deref in ext4_write_info ext4: make ext4_lazyinit_thread freezable ext4: place buffer head allocation before handle start livepatch: fix race between fork and KLP transition ftrace: Properly unset FTRACE_HASH_FL_MOD ring-buffer: Allow splice to read previous partially read pages ring-buffer: Check pending waiters when doing wake ups as well ring-buffer: Fix race between reset page and reading page KVM: x86/emulator: Fix handing of POP SS to correctly set interruptibility KVM: nVMX: Unconditionally purge queued/injected events on nested "exit" gcov: support GCC 12.1 and newer compilers selinux: use "grep -E" instead of "egrep" sh: machvec: Use char[] for section boundaries wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state() wifi: mac80211: allow bw change during channel switch in mesh wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse() spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume() spi: qup: add missing clk_disable_unprepare on error in spi_qup_pm_resume_runtime() wifi: rtl8xxxu: Fix skb misuse in TX queue selection wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration net: fs_enet: Fix wrong check in do_pd_setup spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe netfilter: nft_fib: Fix for rpath check with VRF devices spi: s3c64xx: Fix large transfers with DMA vhost/vsock: Use kvmalloc/kvfree for larger packets. mISDN: fix use-after-free bugs in l1oip timer handlers tcp: fix tcp_cwnd_validate() to not forget is_cwnd_limited net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks() bnx2x: fix potential memory leak in bnx2x_tpa_stop() drm/mipi-dsi: Detach devices when removing the host platform/x86: msi-laptop: Fix old-ec check for backlight registering platform/x86: msi-laptop: Fix resource cleanup drm/bridge: megachips: Fix a null pointer dereference bug mmc: au1xmmc: Fix an error handling path in au1xmmc_probe() ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API ALSA: dmaengine: increment buffer pointer atomically mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe() memory: of: Fix refcount leak bug in of_get_ddr_timings() soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe() soc: qcom: smem_state: Add refcounting for the 'state->of_node' ARM: dts: turris-omnia: Fix mpp26 pin name and comment ARM: dts: kirkwood: lsxl: fix serial line ARM: dts: kirkwood: lsxl: remove first ethernet port ARM: Drop CMDLINE_* dependency on ATAGS ARM: dts: exynos: fix polarity of VBUS GPIO of Origen iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX iio: inkern: only release the device node when done with it iio: ABI: Fix wrong format of differential capacitance channel ABI. clk: oxnas: Hold reference returned by of_get_parent() clk: tegra: Fix refcount leak in tegra210_clock_init clk: tegra: Fix refcount leak in tegra114_clock_init clk: tegra20: Fix refcount leak in tegra20_clock_init HSI: omap_ssi: Fix refcount leak in ssi_probe HSI: omap_ssi_port: Fix dma_map_sg error check media: exynos4-is: fimc-is: Add of_node_put() when breaking out of loop tty: xilinx_uartps: Fix the ignore_status media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init RDMA/rxe: Fix "kernel NULL pointer dereference" error RDMA/rxe: Fix the error caused by qp->sk dyndbg: fix module.dyndbg handling dyndbg: let query-modname override actual module name ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting() ata: fix ata_id_has_devslp() ata: fix ata_id_has_ncq_autosense() ata: fix ata_id_has_dipm() md/raid5: Ensure stripe_fill happens on non-read IO with journal xhci: Don't show warning for reinit on known broken suspend usb: gadget: function: fix dangling pnp_string in f_printer.c drivers: serial: jsm: fix some leaks in probe phy: qualcomm: call clk_disable_unprepare in the error handling firmware: google: Test spinlock on panic path to avoid lockups serial: 8250: Fix restoring termios speed after suspend fsi: core: Check error number after calling ida_simple_get mfd: intel_soc_pmic: Fix an error handling path in intel_soc_pmic_i2c_probe() mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq() mfd: lp8788: Fix an error handling path in lp8788_probe() mfd: lp8788: Fix an error handling path in lp8788_irq_init() and lp8788_irq_init() mfd: sm501: Add check for platform_driver_register() dmaengine: ioat: stop mod_timer from resurrecting deleted timer in __cleanup() spmi: pmic-arb: correct duplicate APID to PPID mapping logic clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg powerpc/math_emu/efp: Include module.h powerpc/sysdev/fsl_msi: Add missing of_node_put() powerpc/pci_dn: Add missing of_node_put() powerpc/powernv: add missing of_node_put() in opal_export_attrs() powerpc: Fix SPE Power ISA properties for e500v1 platforms iommu/omap: Fix buffer overflow in debugfs iommu/iova: Fix module config properly crypto: cavium - prevent integer overflow loading firmware f2fs: fix race condition on setting FI_NO_EXTENT flag ACPI: video: Add Toshiba Satellite/Portege Z830 quirk MIPS: BCM47XX: Cast memcmp() of function to (void *) powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data wifi: brcmfmac: fix invalid address access when enabling SCAN log level openvswitch: Fix double reporting of drops in dropwatch openvswitch: Fix overreporting of drops in dropwatch tcp: annotate data-race around tcp_md5sig_pool_populated wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() xfrm: Update ipcomp_scratches with NULL when freed wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create() Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times can: bcm: check the result of can_send() in bcm_can_tx() wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620 wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620 wifi: rt2x00: set SoC wmac clock register wifi: rt2x00: correctly set BBP register 86 for MT7620 net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory Bluetooth: L2CAP: Fix user-after-free r8152: Rate limit overflow messages drm: Use size_t type for len variable in drm_copy_field() drm: Prevent drm_copy_field() to attempt copying a NULL pointer drm/vc4: vec: Fix timings for VEC modes platform/x86: msi-laptop: Change DMI match / alias strings to fix module autoloading drm/amdgpu: fix initial connector audio value ARM: dts: imx7d-sdb: config the max pressure for tsc2046 ARM: dts: imx6q: add missing properties for sram ARM: dts: imx6dl: add missing properties for sram ARM: dts: imx6qp: add missing properties for sram ARM: dts: imx6sl: add missing properties for sram media: cx88: Fix a null-ptr-deref bug in buffer_prepare() scsi: 3w-9xxx: Avoid disabling device if failing to enable it nbd: Fix hung when signal interrupts nbd_start_device_ioctl() HID: roccat: Fix use-after-free in roccat_read() md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() usb: musb: Fix musb_gadget.c rxstate overflow bug Revert "usb: storage: Add quirk for Samsung Fit flash" usb: idmouse: fix an uninit-value in idmouse_open perf intel-pt: Fix segfault in intel_pt_print_info() with uClibc net: ieee802154: return -EINVAL for unknown addr type net/ieee802154: don't warn zero-sized raw_sendmsg() ext4: continue to expand file system when the target size doesn't reach md: Replace snprintf with scnprintf efi: libstub: drop pointless get_memory_map() call inet: fully convert sk->sk_rx_dst to RCU rules thermal: intel_powerclamp: Use first online CPU as control_cpu Linux 4.14.296 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I7d490d1d6185e26e23921167583f36793b87b9c1 |
||
|
Greg Kroah-Hartman
|
0c909c2fec |
selinux: use "grep -E" instead of "egrep"
commit c969bb8dbaf2f3628927eae73e7c579a74cf1b6e upstream. The latest version of grep claims that egrep is now obsolete so the build now contains warnings that look like: egrep: warning: egrep is obsolescent; using grep -E fix this by using "grep -E" instead. Cc: Paul Moore <paul@paul-moore.com> Cc: Stephen Smalley <stephen.smalley.work@gmail.com> Cc: Eric Paris <eparis@parisplace.org> Cc: selinux@vger.kernel.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> [PM: tweak to remove vdso reference, cleanup subj line] Signed-off-by: Paul Moore <paul@paul-moore.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Sami Tolvanen
|
c8da52294d |
Makefile.extrawarn: Move -Wcast-function-type-strict to W=1
commit 2120635108b35ecad9c59c8b44f6cbdf4f98214e upstream. We enable -Wcast-function-type globally in the kernel to warn about mismatching types in function pointer casts. Compilers currently warn only about ABI incompability with this flag, but Clang 16 will enable a stricter version of the check by default that checks for an exact type match. This will be very noisy in the kernel, so disable -Wcast-function-type-strict without W=1 until the new warnings have been addressed. Cc: stable@vger.kernel.org Link: https://reviews.llvm.org/D134831 Link: https://github.com/ClangBuiltLinux/linux/issues/1724 Suggested-by: Nathan Chancellor <nathan@kernel.org> Signed-off-by: Sami Tolvanen <samitolvanen@google.com> Signed-off-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20220930203310.4010564-1-samitolvanen@google.com Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Lucas Wei
|
be7dc30e18 |
Merge android-4.14-stable (4.14.295) into android-msm-pixel-4.14-tm-lts
Merge 4.14.295 into android-4.14-stable
Linux 4.14.295
* ext4: make directory inode spreading reflect flexbg size
fs/ext4/ialloc.c
media: em28xx: initialize refcount before kref_get
Drivers: hv: Never allocate anything besides framebuffer from framebuffer memory region
s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup
serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting
* serial: Create uart_xmit_advance()
include/linux/serial_core.h
net: sunhme: Fix packet reception for len < RX_COPY_THRESHOLD
perf kcore_copy: Do not check /proc/modules is unchanged
can: gs_usb: gs_can_open(): fix race dev->can.state condition
* netfilter: ebtables: fix memory leak when blob is malformed
net/bridge/netfilter/ebtables.c
* of: mdio: Add of_node_put() when breaking out of for_each_xx
drivers/of/of_mdio.c
MIPS: lantiq: export clk_get_io() for lantiq_wdt.ko
net: team: Unsync device addresses on ndo_stop
ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header
iavf: Fix cached head and tail value for iavf_get_tx_pending
* netfilter: nf_conntrack_irc: Tighten matching on DCC message
net/netfilter/nf_conntrack_irc.c
netfilter: nf_conntrack_sip: fix ct_sip_walk_headers
arm64: dts: rockchip: Remove 'enable-active-low' from rk3399-puma
* mm/slub: fix to return errno if kmalloc() fails
mm/slub.c
ALSA: hda: add Intel 5 Series / 3400 PCI DID
ALSA: hda/tegra: set depop delay for tegra
USB: serial: option: add Quectel RM520N
USB: serial: option: add Quectel BG95 0x0203 composition
* USB: core: Fix RST error in hub.c
drivers/usb/core/hub.c
wifi: mac80211: Fix UAF in ieee80211_scan_rx()
ALSA: hda/sigmatel: Fix unused variable warning for beep power change
video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
* mksysmap: Fix the mismatch of 'L0' symbols in System.map
scripts/mksysmap
MIPS: OCTEON: irq: Fix octeon_irq_force_ciu_mapping()
net: usb: qmi_wwan: add Quectel RM520N
ALSA: hda/sigmatel: Keep power up while beep is enabled
regulator: pfuze100: Fix the global-out-of-bounds access in pfuze100_regulator_probe()
ASoC: nau8824: Fix semaphore unbalance at error paths
cifs: don't send down the destination address to sendmsg for a SOCK_STREAM
parisc: ccio-dma: Add missing iounmap in error path in ccio_probe()
drm/meson: Correct OSD1 global alpha value
gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx
* of: fdt: fix off-by-one error in unflatten_dt_nodes()
drivers/of/fdt.c
Merge 4.14.294 into android-4.14-stable
Merge 4.14.293 into android-4.14-stable
Linux 4.14.294
* tracefs: Only clobber mode/uid/gid on remount if asked
fs/tracefs/inode.c
platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap fixes
ieee802154: cc2520: add rc code in cc2520_tx()
tg3: Disable tg3 device on system reboot to avoid triggering AER
HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo
* drm/msm/rd: Fix FIFO-full deadlock
drivers/gpu/drm/msm/msm_rd.c
* mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region()
mm/mmap.c
Linux 4.14.293
SUNRPC: use _bh spinlocking on ->transport_lock
MIPS: loongson32: ls1c: Fix hang during startup
USB: serial: ch341: fix disabled rx timer on older devices
USB: serial: ch341: fix lost character on LCR updates
* usb: dwc3: fix PHY disable sequence
drivers/usb/dwc3/core.c
sch_sfb: Also store skb len before calling child enqueue
* tcp: fix early ETIMEDOUT after spurious non-SACK RTO
net/ipv4/tcp_input.c
* ipv6: sr: fix out-of-bounds read when setting HMAC data.
net/ipv6/seg6.c
tipc: fix shift wrapping bug in map_get()
sch_sfb: Don't assume the skb is still around after enqueueing to child
* netfilter: nf_conntrack_irc: Fix forged IP logic
net/netfilter/nf_conntrack_irc.c
* netfilter: br_netfilter: Drop dst references before setting.
net/bridge/br_netfilter_hooks.c
net/bridge/br_netfilter_ipv6.c
* driver core: Don't probe devices after bus_type.match() probe deferral
drivers/base/dd.c
scsi: mpt3sas: Fix use-after-free warning
kprobes: Prohibit probes in gate area
* ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface()
sound/usb/stream.c
ALSA: aloop: Fix random zeros in capture data when using jiffies timer
ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc()
fbdev: chipsfb: Add missing pci_disable_device() in chipsfb_pci_init()
parisc: Add runtime check to prevent PA2.0 kernels on PA1.x machines
parisc: ccio-dma: Handle kmalloc failure in ccio_init_resources()
drm/radeon: add a force flush to delay work when radeon
drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup.
Revert "mm: kmemleak: take a full lowmem check in kmemleak_*_phys()"
* fs: only do a memory barrier for the first set_buffer_uptodate()
include/linux/buffer_head.h
wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in il4965_rs_fill_link_cmd()
efi: capsule-loader: Fix use-after-free in efi_capsule_write
ALSA: seq: Fix data-race at module auto-loading
ALSA: seq: oss: Fix data-race for max_midi_devs access
net: mac802154: Fix a condition in the receive path
wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected
* usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS
drivers/usb/gadget/function/storage_common.c
* USB: core: Prevent nested device-reset calls
drivers/usb/core/hub.c
include/linux/usb.h
s390: fix nospec table alignments
s390/hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages
* usb-storage: Add ignore-residue quirk for NXP PN7462AU
drivers/usb/storage/unusual_devs.h
USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020)
usb: dwc2: fix wrong order of phy_power_on and phy_init
USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode
USB: serial: option: add Quectel EM060K modem
USB: serial: option: add support for OPPO R11 diag port
USB: serial: cp210x: add Decagon UCA device id
* xhci: Add grace period after xHC start to prevent premature runtime suspend.
drivers/usb/host/xhci-hub.c
drivers/usb/host/xhci.c
drivers/usb/host/xhci.h
thunderbolt: Use the actual buffer in tb_async_error()
hwmon: (gpio-fan) Fix array out of bounds access
Input: rk805-pwrkey - fix module autoloading
drm/i915/reg: Fix spelling mistake "Unsupport" -> "Unsupported"
* binder: fix UAF of ref->proc caused by race condition
drivers/android/binder.c
USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id
vt: Clear selection before changing the font
staging: rtl8712: fix use after free bugs
serial: fsl_lpuart: RS485 RTS polariy is inverse
kcm: fix strp_init() order and cleanup
ethernet: rocker: fix sleep in atomic context bug in neigh_timer_handler
wifi: cfg80211: debugfs: fix return type in ht40allow_map_read()
platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask
drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg
bpf: Fix the off-by-two error in range markings
selftests/bpf: Fix test_align verifier log patterns
* bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()
kernel/bpf/verifier.c
Merge 4.14.292 into android-4.14-stable
Merge "Merge
|