afa04de900
Merge 4.14.234 into android-4.14-q
Linux 4.14.234
* Bluetooth: SMP: Fail if remote and local public keys are identical
net/bluetooth/smp.c
video: hgafb: correctly handle card detect failure during probe
tty: vt: always invoke vc->vc_sw->con_resize callback
* vt: Fix character height handling with VT_RESIZEX
include/linux/console_struct.h
vgacon: Record video mode changes with VT_RESIZEX
video: hgafb: fix potential NULL pointer dereference
qlcnic: Add null check after calling netdev_alloc_skb
leds: lp5523: check return value of lp5xx_read and jump to cleanup code
net: rtlwifi: properly check for alloc_workqueue() failure
net: stmicro: handle clk_prepare() failure during init
ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read()
Revert "niu: fix missing checks of niu_pci_eeprom_read"
Revert "qlcnic: Avoid potential NULL pointer dereference"
Revert "rtlwifi: fix a potential NULL pointer dereference"
Revert "media: rcar_drif: fix a memory disclosure"
cdrom: gdrom: initialize global variable at init time
cdrom: gdrom: deallocate struct gdrom_unit fields in remove_gdrom
Revert "gdrom: fix a memory leak bug"
* Revert "ecryptfs: replace BUG_ON with error handling code"
fs/ecryptfs/crypto.c
Revert "video: imsttfb: fix potential NULL pointer dereferences"
Revert "hwmon: (lm80) fix a missing check of bus read in lm80 probe"
Revert "leds: lp5523: fix a missing check of return value of lp55xx_read"
Revert "net: stmicro: fix a missing check of clk_prepare"
Revert "video: hgafb: fix potential NULL pointer dereference"
* dm snapshot: fix crash with transient storage and zero chunk size
drivers/md/dm-snap.c
xen-pciback: reconfigure also from backend watch handler
rapidio: handle create_workqueue() failure
Revert "rapidio: fix a NULL pointer dereference when create_workqueue() fails"
ALSA: hda/realtek: reset eapd coeff to default value for alc287
Revert "ALSA: sb8: add a check for request_region"
* ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro
sound/firewire/Kconfig
* ALSA: usb-audio: Validate MS endpoint descriptors
sound/usb/midi.c
ALSA: line6: Fix racy initialization of LINE6 MIDI
cifs: fix memory leak in smb2_copychunk_range
* ptrace: make ptrace() fail if the tracee changed its pid unexpectedly
kernel/ptrace.c
scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword()
RDMA/rxe: Clear all QP fields if creation failed
openrisc: Fix a memory leak
Merge 4.14.233 into android-4.14-q
Linux 4.14.233
* ipv6: remove extra dev_hold() for fallback tunnels
net/ipv6/ip6_tunnel.c
net/ipv6/ip6_vti.c
net/ipv6/sit.c
* xhci: Do not use GFP_KERNEL in (potentially) atomic context
drivers/usb/host/xhci.c
* ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods
net/ipv6/ip6_tunnel.c
* sit: proper dev_{hold|put} in ndo_[un]init methods
net/ipv6/sit.c
serial: 8250: fix potential deadlock in rs485-mode
lib: stackdepot: turn depot_lock spinlock to raw_spinlock
* block: reexpand iov_iter after read/write
fs/block_dev.c
ALSA: hda: generic: change the DAC ctl name for LO+SPK or LO+HP
gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055
ceph: fix fscache invalidation
um: Mark all kernel symbols as local
Input: silead - add workaround for x86 BIOS-es which bring the chip up in a stuck state
Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated devices
ACPI / hotplug / PCI: Fix reference count leak in enable_slot()
ARM: 9066/1: ftrace: pause/unpause function graph tracer in cpu_suspend()
* PCI: thunder: Fix compile testing
drivers/pci/host/pci-thunder-ecam.c
drivers/pci/host/pci-thunder-pem.c
drivers/pci/pci.h
isdn: capi: fix mismatched prototypes
cxgb4: Fix the -Wmisleading-indentation warning
usb: sl811-hcd: improve misleading indentation
kgdb: fix gcc-11 warning on indentation
x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes
clk: exynos7: Mark aclk_fsys1_200 as critical
* netfilter: conntrack: Make global sysctls readonly in non-init netns
net/netfilter/nf_conntrack_standalone.c
* kobject_uevent: remove warning in init_uevent_argv()
lib/kobject_uevent.c
RDMA/i40iw: Avoid panic when reading back the IRQ affinity hint
thermal/core/fair share: Lock the thermal zone while looping over instances
MIPS: Avoid handcoded DIVU in `__div64_32' altogether
MIPS: Avoid DIVU in `__div64_32' is result would be zero
MIPS: Reinstate platform `__div64_32' handler
* FDDI: defxx: Make MMIO the configuration default except for EISA
drivers/net/fddi/Kconfig
KVM: x86: Cancel pvclock_gtod_work on module removal
iio: tsl2583: Fix division by a zero lux_val
iio: gyro: mpu3050: Fix reported temperature value
* usb: core: hub: fix race condition about TRSMRCY of resume
drivers/usb/core/hub.c
usb: dwc2: Fix gadget DMA unmap direction
* usb: xhci: Increase timeout for HC halt
drivers/usb/host/xhci-ext-caps.h
usb: dwc3: omap: improve extcon initialization
* blk-mq: Swap two calls in blk_mq_exit_queue()
block/blk-mq.c
ACPI: scan: Fix a memory leak in an error handling path
usb: fotg210-hcd: Fix an error message
iio: proximity: pulsedlight: Fix rumtime PM imbalance on error
drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors are connected
* userfaultfd: release page in error path to avoid BUG_ON
mm/shmem.c
squashfs: fix divide error in calculate_skip()
powerpc/64s: Fix crashes when toggling entry flush barrier
powerpc/64s: Fix crashes when toggling stf barrier
ARC: entry: fix off-by-one error in syscall number validation
netfilter: nftables: avoid overflows in nft_hash_buckets()
kernel: kexec_file: fix error return code of kexec_calculate_store_digests()
* net: fix nla_strcmp to handle more then one trailing null character
lib/nlattr.c
ksm: fix potential missing rmap_item for stable_node
mm/hugeltb: handle the error case in hugetlb_fix_reserve_counts()
khugepaged: fix wrong result value for trace_mm_collapse_huge_page_isolate()
drm/radeon: Fix off-by-one power_state index heap overwrite
* sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b
net/sctp/sm_statefuns.c
rtc: ds1307: Fix wday settings for rx8130
NFSv4.2 fix handling of sr_eof in SEEK's reply
pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()
NFS: Deal correctly with attribute generation counter overflow
NFSv4.2: Always flush out writes in nfs42_proc_fallocate()
* rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data()
drivers/rpmsg/qcom_glink_native.c
ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook
* PCI: Release OF node in pci_scan_device()'s error path
drivers/pci/probe.c
* f2fs: fix a redundant call to f2fs_balance_fs if an error occurs
fs/f2fs/inline.c
ASoC: rt286: Make RT286_SET_GPIO_* readable and writable
net: ethernet: mtk_eth_soc: fix RX VLAN offload
powerpc/iommu: Annotate nested lock for lockdep
wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join
wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt
powerpc/pseries: Stop calling printk in rtas_stop_self()
samples/bpf: Fix broken tracex1 due to kprobe argument change
ASoC: rt286: Generalize support for ALC3263 codec
powerpc/smp: Set numa node before updating mask
* sctp: Fix out-of-bounds warning in sctp_process_asconf_param()
net/sctp/sm_make_chunk.c
kconfig: nconf: stop endless search loops
selftests: Set CC to clang in lib.mk if LLVM is set
cuse: prevent clone
pinctrl: samsung: use 'int' for register masks in Exynos
mac80211: clear the beacon's CRC after channel switch
* ip6_vti: proper dev_{hold|put} in ndo_[un]init methods
net/ipv6/ip6_vti.c
* Bluetooth: check for zapped sk before connecting
net/bluetooth/l2cap_sock.c
* Bluetooth: initialize skb_queue_head at l2cap_chan_create()
net/bluetooth/l2cap_core.c
* Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default
net/bluetooth/l2cap_core.c
ALSA: rme9652: don't disable if not enabled
ALSA: hdspm: don't disable if not enabled
ALSA: hdsp: don't disable if not enabled
net: stmmac: Set FIFO sizes for ipq806x
tipc: convert dest node's address to network order
fs: dlm: fix debugfs dump
tpm: fix error return code in tpm2_get_cc_attrs_tbl()
* Revert "fdt: Properly handle "no-map" field in the memory region"
drivers/of/fdt.c
* Revert "of/fdt: Make sure no-map does not remove already reserved regions"
drivers/of/fdt.c
* sctp: delay auto_asconf init until binding the first addr
net/sctp/socket.c
* Revert "net/sctp: fix race condition in sctp_destroy_sock"
net/sctp/socket.c
* smp: Fix smp_call_function_single_async prototype
include/linux/smp.h
kernel/smp.c
kfifo: fix ternary sign extension bugs
net:nfc:digital: Fix a double free in digital_tg_recv_dep_req
net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send
powerpc/52xx: Fix an invalid ASM expression ('addi' used instead of 'add')
ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices
net: davinci_emac: Fix incorrect masking of tx and rx error channel
RDMA/i40iw: Fix error unwinding when i40iw_hmc_sd_one fails
vsock/vmci: log once the failed queue pair allocation
mwl8k: Fix a double Free in mwl8k_probe_hw
i2c: sh7760: fix IRQ error path
rtlwifi: 8821ae: upgrade PHY and RF parameters
powerpc/pseries: extract host bridge from pci_bus prior to bus removal
MIPS: pci-legacy: stop using of_pci_range_to_resource
i2c: sh7760: add IRQ check
i2c: jz4780: add IRQ check
i2c: emev2: add IRQ check
i2c: cadence: add IRQ check
net: thunderx: Fix unintentional sign extension issue
IB/hfi1: Fix error return code in parse_platform_config()
mt7601u: fix always true expression
mac80211: bail out if cipher schemes are invalid
powerpc: iommu: fix build when neither PCI or IBMVIO is set
powerpc/perf: Fix PMU constraint check for EBB events
liquidio: Fix unintented sign extension of a left shift of a u16
* ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls
sound/usb/card.c
sound/usb/quirks.c
sound/usb/usbaudio.h
nfc: pn533: prevent potential memory corruption
* bug: Remove redundant condition check in report_bug
lib/bug.c
* ALSA: core: remove redundant spin_lock pair in snd_card_disconnect
sound/core/init.c
powerpc: Fix HAVE_HARDLOCKUP_DETECTOR_ARCH build configuration
powerpc/prom: Mark identical_pvr_fixup as __init
net: lapbether: Prevent racing when checking whether the netif is running
perf symbols: Fix dso__fprintf_symbols_by_name() to return the number of printed chars
* HID: plantronics: Workaround for double volume key presses
drivers/hid/hid-ids.h
drivers/hid/hid-plantronics.c
include/linux/hid.h
x86/events/amd/iommu: Fix sysfs type mismatch
HSI: core: fix resource leaks in hsi_add_client_from_dt()
mfd: stm32-timers: Avoid clearing auto reload register
scsi: sni_53c710: Add IRQ check
scsi: sun3x_esp: Add IRQ check
scsi: jazz_esp: Add IRQ check
clk: uniphier: Fix potential infinite loop
vfio/mdev: Do not allow a mdev_type to have a NULL parent pointer
ata: libahci_platform: fix IRQ check
sata_mv: add IRQ checks
pata_ipx4xx_cf: fix IRQ check
pata_arasan_cf: fix IRQ check
x86/kprobes: Fix to check non boostable prefixes correctly
media: m88rs6000t: avoid potential out-of-bounds reads on arrays
media: omap4iss: return error code when omap4iss_get() failed
media: vivid: fix assignment of dev->fbuf_out_flags
* ttyprintk: Add TTY hangup callback.
drivers/char/ttyprintk.c
Drivers: hv: vmbus: Increase wait time for VMbus unload
x86/platform/uv: Fix !KEXEC build failure
platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards with critclk_systems DMI table
* firmware: qcom-scm: Fix QCOM_SCM configuration
drivers/firmware/Kconfig
* tty: fix return value for unsupported ioctls
drivers/tty/tty_io.c
include/linux/tty_driver.h
* tty: actually undefine superseded ASYNC flags
include/uapi/linux/tty_flags.h
USB: cdc-acm: fix unprivileged TIOCCSERIAL
usb: gadget: r8a66597: Add missing null check on return from platform_get_resource
crypto: qat - Fix a double free in adf_create_ring
ACPI: CPPC: Replace cppc_attr with kobj_attribute
* soc: qcom: mdt_loader: Detect truncated read of segments
drivers/soc/qcom/mdt_loader.c
* soc: qcom: mdt_loader: Validate that p_filesz < p_memsz
drivers/soc/qcom/mdt_loader.c
* spi: Fix use-after-free with devm_spi_alloc_*
drivers/spi/spi.c
include/linux/spi/spi.h
staging: greybus: uart: fix unprivileged TIOCCSERIAL
staging: rtl8192u: Fix potential infinite loop
mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init
USB: gadget: udc: fix wrong pointer passed to IS_ERR() and PTR_ERR()
crypto: qat - fix error path in adf_isr_resource_alloc()
* phy: marvell: ARMADA375_USBCLUSTER_PHY should not default to y, unconditionally
drivers/phy/marvell/Kconfig
* bus: qcom: Put child node before return
drivers/bus/qcom-ebi2.c
mtd: require write permissions for locking and badblock ioctls
fotg210-udc: Complete OUT requests on short packets
fotg210-udc: Don't DMA more than the buffer can take
fotg210-udc: Mask GRP2 interrupts we don't handle
fotg210-udc: Remove a dubious condition leading to fotg210_done
fotg210-udc: Fix EP0 IN requests bigger than two packets
fotg210-udc: Fix DMA on EP0 for length > max packet size
crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init
crypto: qat - don't release uninitialized resources
usb: gadget: pch_udc: Check for DMA mapping error
usb: gadget: pch_udc: Check if driver is present before calling ->setup()
usb: gadget: pch_udc: Replace cpu_to_le32() by lower_32_bits()
x86/microcode: Check for offline CPUs before requesting new microcode
usb: typec: tcpci: Check ROLE_CONTROL while interpreting CC_STATUS
serial: stm32: fix tx_empty condition
serial: stm32: fix incorrect characters on console
ARM: dts: exynos: correct PMIC interrupt trigger level on Snow
ARM: dts: exynos: correct PMIC interrupt trigger level on SMDK5250
ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid X/U3 family
memory: gpmc: fix out of bounds read and dereference on gpmc_cs[]
usb: gadget: pch_udc: Revert d3cb25a121 completely
KVM: s390: split kvm_s390_real_to_abs
KVM: s390: fix guarded storage control register handling
KVM: s390: split kvm_s390_logical_to_effective
x86/cpu: Initialize MSR_TSC_AUX if RDTSCP *or* RDPID is supported
ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill devices
ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries
ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries
ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries
ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries
drm/radeon: fix copy of uninitialized variable back to userspace
* cfg80211: scan: drop entry from hidden_list on overflow
net/wireless/scan.c
ipw2x00: potential buffer overflow in libipw_wx_set_encodeext()
md: md_open returns -EBUSY when entering racing area
md: factor out a mddev_find_locked helper from mddev_find
md: split mddev_find
md-cluster: fix use-after-free issue when removing rdev
* tracing: Restructure trace_clock_global() to never block
kernel/trace/trace_clock.c
misc: vmw_vmci: explicitly initialize vmci_datagram payload
misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct
misc: lis3lv02d: Fix false-positive WARN on various HP models
FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR
MIPS: pci-rt2880: fix slot 0 configuration
net/nfc: fix use-after-free llcp_sock_bind/connect
* bluetooth: eliminate the potential race condition when removing the HCI controller
net/bluetooth/hci_request.c
hsr: use netdev_err() instead of WARN_ONCE()
* Bluetooth: verify AMP hci_chan before amp_destroy
include/net/bluetooth/hci_core.h
net/bluetooth/hci_event.c
* modules: inherit TAINT_PROPRIETARY_MODULE
include/linux/module.h
kernel/module.c
* modules: return licensing information from find_symbol
include/linux/module.h
kernel/module.c
* modules: rename the licence field in struct symsearch to license
include/linux/module.h
kernel/module.c
* modules: unexport __module_address
kernel/module.c
* modules: unexport __module_text_address
kernel/module.c
* modules: mark each_symbol_section static
include/linux/module.h
kernel/module.c
* modules: mark find_symbol static
include/linux/module.h
kernel/module.c
* modules: mark ref_module static
include/linux/module.h
kernel/module.c
* dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails
drivers/md/dm-rq.c
dm space map common: fix division bug in sm_ll_find_free_block()
dm persistent data: packed struct should have an aligned() attribute too
* tracing: Map all PIDs to command lines
kernel/trace/trace.c
* usb: dwc3: gadget: Fix START_TRANSFER link state check
drivers/usb/dwc3/gadget.c
* usb: gadget/function/f_fs string table fix for multiple languages
drivers/usb/gadget/function/f_fs.c
* usb: gadget: Fix double free of device descriptor pointers
drivers/usb/gadget/config.c
usb: gadget: dummy_hcd: fix gpf in gadget_setup
* media: dvbdev: Fix memory leak in dvb_media_device_free()
drivers/media/dvb-core/dvbdev.c
* ext4: fix error code in ext4_commit_super
fs/ext4/super.c
* ext4: fix check to prevent false positive report of incorrect used inodes
fs/ext4/ialloc.c
ftrace: Handle commands when closing set_ftrace_filter file
* posix-timers: Preserve return value in clock_adjtime32()
kernel/time/posix-timers.c
* Revert 337f13046f ("futex: Allow FUTEX_CLOCK_REALTIME with FUTEX_WAIT op")
kernel/futex.c
jffs2: check the validity of dstlen in jffs2_zlib_compress()
Fix misc new gcc warnings
* security: commoncap: fix -Wstringop-overread warning
security/commoncap.c
md/raid1: properly indicate failure when ending a failed write request
intel_th: pci: Add Alder Lake-M support
powerpc: fix EDEADLOCK redefinition error in uapi/asm/errno.h
powerpc/eeh: Fix EEH handling for hugepages in ioremap space.
jffs2: Fix kasan slab-out-of-bounds problem
NFSv4: Don't discard segments marked for return in _pnfs_return_layout()
ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure
openvswitch: fix stack OOB read while fragmenting IPv4 packets
* arm64/vdso: Discard .note.gnu.property sections in vDSO
arch/arm64/kernel/vdso/vdso.lds.S
btrfs: fix race when picking most recent mod log operation for an old root
ALSA: sb: Fix two use after free in snd_sb_qsound_build
ALSA: hda/conexant: Re-order CX5066 quirk table entries
ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer
scsi: libfc: Fix a format specifier
scsi: lpfc: Remove unsupported mbox PORT_CAPABILITIES logic
scsi: lpfc: Fix crash when a REG_RPI mailbox fails triggering a LOGO response
drm/amdgpu: fix NULL pointer dereference
drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal
* media: gscpa/stv06xx: fix memory leak
drivers/media/usb/gspca/gspca.c
drivers/media/usb/gspca/gspca.h
media: dvb-usb: fix memory leak in dvb_usb_adapter_init
media: i2c: adv7842: fix possible use-after-free in adv7842_remove()
media: i2c: adv7511-v4l2: fix possible use-after-free in adv7511_remove()
media: adv7604: fix possible use-after-free in adv76xx_remove()
power: supply: s3c_adc_battery: fix possible use-after-free in s3c_adc_bat_remove()
power: supply: generic-adc-battery: fix possible use-after-free in gab_remove()
clk: socfpga: arria10: Fix memory leak of socfpga_clk on error return
media: vivid: update EDID
media: em28xx: fix memory leak
scsi: scsi_dh_alua: Remove check for ASC 24h in alua_rtpg()
scsi: qla2xxx: Fix use after free in bsg
scsi: qla2xxx: Always check the return value of qla24xx_get_isp_stats()
drm/amdgpu : Fix asic reset regression issue introduce by 8f211fe8ac7c4f
power: supply: Use IRQF_ONESHOT
media: gspca/sq905.c: fix uninitialized variable
media: media/saa7164: fix saa7164_encoder_register() memory leak bugs
extcon: arizona: Fix some issues when HPDET IRQ fires after the jack has been unplugged
power: supply: bq27xxx: fix power_avg for newer ICs
media: ite-cir: check for receive overflow
scsi: target: pscsi: Fix warning in pscsi_complete_cmd()
scsi: lpfc: Fix pt2pt connection does not recover after LOGO
scsi: lpfc: Fix incorrect dbde assignment when building target abts wqe
btrfs: convert logic BUG_ON()'s in replace_path to ASSERT()'s
phy: phy-twl4030-usb: Fix possible use-after-free in twl4030_usb_remove()
intel_th: Consistency and off-by-one fix
spi: omap-100k: Fix reference leak to master
spi: dln2: Fix reference leak to master
* perf/arm_pmu_platform: Fix error handling
drivers/perf/arm_pmu_platform.c
tee: optee: do not check memref size on return from Secure World
x86/build: Propagate $(CLANG_FLAGS) to $(REALMODE_FLAGS)
* PCI: PM: Do not read power state in pci_enable_device_flags()
drivers/pci/pci.c
* usb: xhci: Fix port minor revision
drivers/usb/host/xhci-mem.c
* usb: dwc3: gadget: Ignore EP queue requests during bus reset
drivers/usb/dwc3/gadget.c
usb: gadget: f_uac1: validate input parameters
usb: gadget: uvc: add bInterval checking for HS mode
* crypto: api - check for ERR pointers in crypto_destroy_tfm()
crypto/api.c
include/crypto/acompress.h
include/crypto/aead.h
include/crypto/akcipher.h
include/crypto/hash.h
include/crypto/kpp.h
include/crypto/rng.h
include/crypto/skcipher.h
staging: wimax/i2400m: fix byte-order issue
* fbdev: zero-fill colormap in fbcmap.c
drivers/video/fbdev/core/fbcmap.c
intel_th: pci: Add Rocket Lake CPU support
btrfs: fix metadata extent leak after failure to create subvolume
cifs: Return correct error code from smb2_get_enc_key
mmc: core: Set read only for SD cards with permanent write protect bit
mmc: core: Do a power cycle when the CMD11 fails
mmc: block: Update ext_csd.cache_ctrl if it was written
spi: spi-ti-qspi: Free DMA resources
* ecryptfs: fix kernel panic with null dev_name
fs/ecryptfs/main.c
arm64: dts: mt8173: fix property typo of 'phys' in dsi node
ACPI: custom_method: fix a possible memory leak
ACPI: custom_method: fix potential use-after-free issue
s390/disassembler: increase ebpf disasm buffer size
platform/x86: thinkpad_acpi: Correct thermal sensor allocation
* USB: Add reset-resume quirk for WD19's Realtek Hub
drivers/usb/core/quirks.c
* USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet
drivers/usb/core/quirks.c
* ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX
sound/usb/quirks-table.h
iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd()
* bpf: Fix masking negation logic upon negative dst register
kernel/bpf/verifier.c
mips: Do not include hi and lo in clobber list for R6
MIPS: cpu-features.h: Replace __mips_isa_rev with MIPS_ISA_REV
MIPS: Introduce isa-rev.h to define MIPS_ISA_REV
iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd()
* net: usb: ax88179_178a: initialize local variables before use
drivers/net/usb/ax88179_178a.c
bpf: fix up selftests after backports were fixed
* bpf: Fix backport of "bpf: restrict unknown scalars of mixed signed bounds for unprivileged"
kernel/bpf/verifier.c
ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade()
* ACPI: tables: x86: Reserve memory occupied by ACPI tables
include/linux/acpi.h
usbip: vudc synchronize sysfs code paths
Bug: 189791081
Change-Id: Id75b93d7dece3631a1aebc904634880c5edd2ddd
Signed-off-by: Lucas Wei <lucaswei@google.com>
291 lines
8.6 KiB
C
291 lines
8.6 KiB
C
/*
|
|
* Generic stack depot for storing stack traces.
|
|
*
|
|
* Some debugging tools need to save stack traces of certain events which can
|
|
* be later presented to the user. For example, KASAN needs to safe alloc and
|
|
* free stacks for each object, but storing two stack traces per object
|
|
* requires too much memory (e.g. SLUB_DEBUG needs 256 bytes per object for
|
|
* that).
|
|
*
|
|
* Instead, stack depot maintains a hashtable of unique stacktraces. Since alloc
|
|
* and free stacks repeat a lot, we save about 100x space.
|
|
* Stacks are never removed from depot, so we store them contiguously one after
|
|
* another in a contiguos memory allocation.
|
|
*
|
|
* Author: Alexander Potapenko <glider@google.com>
|
|
* Copyright (C) 2016 Google, Inc.
|
|
*
|
|
* Based on code by Dmitry Chernenkov.
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License
|
|
* version 2 as published by the Free Software Foundation.
|
|
*
|
|
* This program is distributed in the hope that it will be useful, but
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* General Public License for more details.
|
|
*
|
|
*/
|
|
|
|
#include <linux/gfp.h>
|
|
#include <linux/jhash.h>
|
|
#include <linux/kernel.h>
|
|
#include <linux/mm.h>
|
|
#include <linux/percpu.h>
|
|
#include <linux/printk.h>
|
|
#include <linux/slab.h>
|
|
#include <linux/stacktrace.h>
|
|
#include <linux/stackdepot.h>
|
|
#include <linux/string.h>
|
|
#include <linux/types.h>
|
|
|
|
#define DEPOT_STACK_BITS (sizeof(depot_stack_handle_t) * 8)
|
|
|
|
#define STACK_ALLOC_NULL_PROTECTION_BITS 1
|
|
#define STACK_ALLOC_ORDER 2 /* 'Slab' size order for stack depot, 4 pages */
|
|
#define STACK_ALLOC_SIZE (1LL << (PAGE_SHIFT + STACK_ALLOC_ORDER))
|
|
#define STACK_ALLOC_ALIGN 4
|
|
#define STACK_ALLOC_OFFSET_BITS (STACK_ALLOC_ORDER + PAGE_SHIFT - \
|
|
STACK_ALLOC_ALIGN)
|
|
#define STACK_ALLOC_INDEX_BITS (DEPOT_STACK_BITS - \
|
|
STACK_ALLOC_NULL_PROTECTION_BITS - STACK_ALLOC_OFFSET_BITS)
|
|
#define STACK_ALLOC_SLABS_CAP 8192
|
|
#define STACK_ALLOC_MAX_SLABS \
|
|
(((1LL << (STACK_ALLOC_INDEX_BITS)) < STACK_ALLOC_SLABS_CAP) ? \
|
|
(1LL << (STACK_ALLOC_INDEX_BITS)) : STACK_ALLOC_SLABS_CAP)
|
|
|
|
/* The compact structure to store the reference to stacks. */
|
|
union handle_parts {
|
|
depot_stack_handle_t handle;
|
|
struct {
|
|
u32 slabindex : STACK_ALLOC_INDEX_BITS;
|
|
u32 offset : STACK_ALLOC_OFFSET_BITS;
|
|
u32 valid : STACK_ALLOC_NULL_PROTECTION_BITS;
|
|
};
|
|
};
|
|
|
|
struct stack_record {
|
|
struct stack_record *next; /* Link in the hashtable */
|
|
u32 hash; /* Hash in the hastable */
|
|
u32 size; /* Number of frames in the stack */
|
|
union handle_parts handle;
|
|
unsigned long entries[1]; /* Variable-sized array of entries. */
|
|
};
|
|
|
|
static void *stack_slabs[STACK_ALLOC_MAX_SLABS];
|
|
|
|
static int depot_index;
|
|
static int next_slab_inited;
|
|
static size_t depot_offset;
|
|
static DEFINE_RAW_SPINLOCK(depot_lock);
|
|
|
|
static bool init_stack_slab(void **prealloc)
|
|
{
|
|
if (!*prealloc)
|
|
return false;
|
|
/*
|
|
* This smp_load_acquire() pairs with smp_store_release() to
|
|
* |next_slab_inited| below and in depot_alloc_stack().
|
|
*/
|
|
if (smp_load_acquire(&next_slab_inited))
|
|
return true;
|
|
if (stack_slabs[depot_index] == NULL) {
|
|
stack_slabs[depot_index] = *prealloc;
|
|
*prealloc = NULL;
|
|
} else {
|
|
/* If this is the last depot slab, do not touch the next one. */
|
|
if (depot_index + 1 < STACK_ALLOC_MAX_SLABS) {
|
|
stack_slabs[depot_index + 1] = *prealloc;
|
|
*prealloc = NULL;
|
|
}
|
|
/*
|
|
* This smp_store_release pairs with smp_load_acquire() from
|
|
* |next_slab_inited| above and in depot_save_stack().
|
|
*/
|
|
smp_store_release(&next_slab_inited, 1);
|
|
}
|
|
return true;
|
|
}
|
|
|
|
/* Allocation of a new stack in raw storage */
|
|
static struct stack_record *depot_alloc_stack(unsigned long *entries, int size,
|
|
u32 hash, void **prealloc, gfp_t alloc_flags)
|
|
{
|
|
int required_size = offsetof(struct stack_record, entries) +
|
|
sizeof(unsigned long) * size;
|
|
struct stack_record *stack;
|
|
|
|
required_size = ALIGN(required_size, 1 << STACK_ALLOC_ALIGN);
|
|
|
|
if (unlikely(depot_offset + required_size > STACK_ALLOC_SIZE)) {
|
|
if (unlikely(depot_index + 1 >= STACK_ALLOC_MAX_SLABS)) {
|
|
WARN_ONCE(1, "Stack depot reached limit capacity");
|
|
return NULL;
|
|
}
|
|
depot_index++;
|
|
depot_offset = 0;
|
|
/*
|
|
* smp_store_release() here pairs with smp_load_acquire() from
|
|
* |next_slab_inited| in depot_save_stack() and
|
|
* init_stack_slab().
|
|
*/
|
|
if (depot_index + 1 < STACK_ALLOC_MAX_SLABS)
|
|
smp_store_release(&next_slab_inited, 0);
|
|
}
|
|
init_stack_slab(prealloc);
|
|
if (stack_slabs[depot_index] == NULL)
|
|
return NULL;
|
|
|
|
stack = stack_slabs[depot_index] + depot_offset;
|
|
|
|
stack->hash = hash;
|
|
stack->size = size;
|
|
stack->handle.slabindex = depot_index;
|
|
stack->handle.offset = depot_offset >> STACK_ALLOC_ALIGN;
|
|
stack->handle.valid = 1;
|
|
memcpy(stack->entries, entries, size * sizeof(unsigned long));
|
|
depot_offset += required_size;
|
|
|
|
return stack;
|
|
}
|
|
|
|
#define STACK_HASH_SIZE (1L << CONFIG_STACK_HASH_ORDER_SHIFT)
|
|
#define STACK_HASH_MASK (STACK_HASH_SIZE - 1)
|
|
#define STACK_HASH_SEED 0x9747b28c
|
|
|
|
static struct stack_record *stack_table[STACK_HASH_SIZE] = {
|
|
[0 ... STACK_HASH_SIZE - 1] = NULL
|
|
};
|
|
|
|
/* Calculate hash for a stack */
|
|
static inline u32 hash_stack(unsigned long *entries, unsigned int size)
|
|
{
|
|
return jhash2((u32 *)entries,
|
|
size * sizeof(unsigned long) / sizeof(u32),
|
|
STACK_HASH_SEED);
|
|
}
|
|
|
|
/* Find a stack that is equal to the one stored in entries in the hash */
|
|
static inline struct stack_record *find_stack(struct stack_record *bucket,
|
|
unsigned long *entries, int size,
|
|
u32 hash)
|
|
{
|
|
struct stack_record *found;
|
|
|
|
for (found = bucket; found; found = found->next) {
|
|
if (found->hash == hash &&
|
|
found->size == size &&
|
|
!memcmp(entries, found->entries,
|
|
size * sizeof(unsigned long))) {
|
|
return found;
|
|
}
|
|
}
|
|
return NULL;
|
|
}
|
|
|
|
void depot_fetch_stack(depot_stack_handle_t handle, struct stack_trace *trace)
|
|
{
|
|
union handle_parts parts = { .handle = handle };
|
|
void *slab = stack_slabs[parts.slabindex];
|
|
size_t offset = parts.offset << STACK_ALLOC_ALIGN;
|
|
struct stack_record *stack = slab + offset;
|
|
|
|
trace->nr_entries = trace->max_entries = stack->size;
|
|
trace->entries = stack->entries;
|
|
trace->skip = 0;
|
|
}
|
|
EXPORT_SYMBOL_GPL(depot_fetch_stack);
|
|
|
|
/**
|
|
* depot_save_stack - save stack in a stack depot.
|
|
* @trace - the stacktrace to save.
|
|
* @alloc_flags - flags for allocating additional memory if required.
|
|
*
|
|
* Returns the handle of the stack struct stored in depot.
|
|
*/
|
|
depot_stack_handle_t depot_save_stack(struct stack_trace *trace,
|
|
gfp_t alloc_flags)
|
|
{
|
|
u32 hash;
|
|
depot_stack_handle_t retval = 0;
|
|
struct stack_record *found = NULL, **bucket;
|
|
unsigned long flags;
|
|
struct page *page = NULL;
|
|
void *prealloc = NULL;
|
|
|
|
if (unlikely(trace->nr_entries == 0))
|
|
goto fast_exit;
|
|
|
|
hash = hash_stack(trace->entries, trace->nr_entries);
|
|
bucket = &stack_table[hash & STACK_HASH_MASK];
|
|
|
|
/*
|
|
* Fast path: look the stack trace up without locking.
|
|
* The smp_load_acquire() here pairs with smp_store_release() to
|
|
* |bucket| below.
|
|
*/
|
|
found = find_stack(smp_load_acquire(bucket), trace->entries,
|
|
trace->nr_entries, hash);
|
|
if (found)
|
|
goto exit;
|
|
|
|
/*
|
|
* Check if the current or the next stack slab need to be initialized.
|
|
* If so, allocate the memory - we won't be able to do that under the
|
|
* lock.
|
|
*
|
|
* The smp_load_acquire() here pairs with smp_store_release() to
|
|
* |next_slab_inited| in depot_alloc_stack() and init_stack_slab().
|
|
*/
|
|
if (unlikely(!smp_load_acquire(&next_slab_inited))) {
|
|
/*
|
|
* Zero out zone modifiers, as we don't have specific zone
|
|
* requirements. Keep the flags related to allocation in atomic
|
|
* contexts and I/O.
|
|
*/
|
|
alloc_flags &= ~GFP_ZONEMASK;
|
|
alloc_flags &= (GFP_ATOMIC | GFP_KERNEL);
|
|
alloc_flags |= __GFP_NOWARN;
|
|
page = alloc_pages(alloc_flags, STACK_ALLOC_ORDER);
|
|
if (page)
|
|
prealloc = page_address(page);
|
|
}
|
|
|
|
raw_spin_lock_irqsave(&depot_lock, flags);
|
|
|
|
found = find_stack(*bucket, trace->entries, trace->nr_entries, hash);
|
|
if (!found) {
|
|
struct stack_record *new =
|
|
depot_alloc_stack(trace->entries, trace->nr_entries,
|
|
hash, &prealloc, alloc_flags);
|
|
if (new) {
|
|
new->next = *bucket;
|
|
/*
|
|
* This smp_store_release() pairs with
|
|
* smp_load_acquire() from |bucket| above.
|
|
*/
|
|
smp_store_release(bucket, new);
|
|
found = new;
|
|
}
|
|
} else if (prealloc) {
|
|
/*
|
|
* We didn't need to store this stack trace, but let's keep
|
|
* the preallocated memory for the future.
|
|
*/
|
|
WARN_ON(!init_stack_slab(&prealloc));
|
|
}
|
|
|
|
raw_spin_unlock_irqrestore(&depot_lock, flags);
|
|
exit:
|
|
if (prealloc) {
|
|
/* Nobody used this memory, ok to free it. */
|
|
free_pages((unsigned long)prealloc, STACK_ALLOC_ORDER);
|
|
}
|
|
if (found)
|
|
retval = found->handle.handle;
|
|
fast_exit:
|
|
return retval;
|
|
}
|
|
EXPORT_SYMBOL_GPL(depot_save_stack);
|