bka
69 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Angelo G. Del Regno
|
b61c5be1f6 |
Backport new vmalloc for "large performance benefits"
This is a backport from Linux 5.2-rc1 of a patch series to greatly enhance vmalloc's performance especially on embedded systems, plus all of its dependencies that were missing in kernel 4.9. For all the informations, refer to LKML: https://lkml.org/lkml/2018/10/19/786 Brief informations: Currently an allocation of the new VA area is done over busy list iteration until a suitable hole is found between two busy areas. Therefore each new allocation causes the list being grown. Due to long list and different permissive parameters an allocation can take a long time on embedded devices(milliseconds). This patch organizes the vmalloc memory layout into free areas of the VMALLOC_START-VMALLOC_END range. It uses a red-black tree that keeps blocks sorted by their offsets in pair with linked list keeping the free space in order of increasing addresses. Quote Phoronix: With this patch from Uladzislau Rezki, calling vmalloc() can take up to 67% less time compared to the behavior on Linux 5.1 and prior, at least with tests done by the developer under QEMU. Personal tests are showing that the device is more responsive when memory pressure is high and when huge allocations are to be done, it's also noticeably faster in this case, like when starting Chrome with more than 100 opened tabs after a system reboot (so, an uncached complete load of it). Shameless kanged from: https://github.com/sonyxperiadev/kernel / Pull Request 2016 |
||
|
Andrii Nakryiko
|
71edbf6432 |
bpf: Add mmap() support for BPF_MAP_TYPE_ARRAY
Add ability to memory-map contents of BPF array map. This is extremely useful
for working with BPF global data from userspace programs. It allows to avoid
typical bpf_map_{lookup,update}_elem operations, improving both performance
and usability.
There had to be special considerations for map freezing, to avoid having
writable memory view into a frozen map. To solve this issue, map freezing and
mmap-ing is happening under mutex now:
- if map is already frozen, no writable mapping is allowed;
- if map has writable memory mappings active (accounted in map->writecnt),
map freezing will keep failing with -EBUSY;
- once number of writable memory mappings drops to zero, map freezing can be
performed again.
Only non-per-CPU plain arrays are supported right now. Maps with spinlocks
can't be memory mapped either.
For BPF_F_MMAPABLE array, memory allocation has to be done through vmalloc()
to be mmap()'able. We also need to make sure that array data memory is
page-sized and page-aligned, so we over-allocate memory in such a way that
struct bpf_array is at the end of a single page of memory with array->value
being aligned with the start of the second page. On deallocation we need to
accomodate this memory arrangement to free vmalloc()'ed memory correctly.
One important consideration regarding how memory-mapping subsystem functions.
Memory-mapping subsystem provides few optional callbacks, among them open()
and close(). close() is called for each memory region that is unmapped, so
that users can decrease their reference counters and free up resources, if
necessary. open() is *almost* symmetrical: it's called for each memory region
that is being mapped, **except** the very first one. So bpf_map_mmap does
initial refcnt bump, while open() will do any extra ones after that. Thus
number of close() calls is equal to number of open() calls plus one more.
[huexxx@gmail.com: adapt, replace __GFP_RETRY_MAYFAIL with __GFP_REPEAT]
[ use oldschool memlock-based memory accounting for maps]
[ drop testing stuff]
Signed-off-by: Andrii Nakryiko <andriin@fb.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Song Liu <songliubraving@fb.com>
Acked-by: John Fastabend <john.fastabend@gmail.com>
Acked-by: Johannes Weiner <hannes@cmpxchg.org>
Link: https://lore.kernel.org/bpf/20191117172806.2195367-4-andriin@fb.com
|
||
|
yyq
|
f61cb55d32 |
backport: Compatible with k4.9 kernel (1/2)
* This patch serves as the first part of adapting the backport to the 4.9 kernel * Adapt to patches from upstream only for 4.9 |
||
|
lucaswei
|
69d20ae93b |
Merge android-4.9-q (4.9.223) into android-msm-pixel-4.9-lts
Merge 4.9.223 into android-4.9-q
Linux 4.9.223
* mac80211: add ieee80211_is_any_nullfunc()
include/linux/ieee80211.h
ALSA: hda: Match both PCI ID and SSID for driver blacklist
sctp: Fix SHUTDOWN CTSN Ack in the peer restart case
MIPS: perf: Remove incorrect odd/even counter handling for I6400
xprtrdma: Fix backchannel allocation of extra rpcrdma_reps
net: systemport: suppress warnings on failed Rx SKB allocations
net: bcmgenet: suppress warnings on failed Rx SKB allocations
* lib/mpi: Fix building for powerpc with clang
lib/mpi/longlong.h
net: dsa: b53: Rework ARL bin logic
scripts/config: allow colons in option strings for sed
cifs: protect updating server->dstaddr with a spinlock
net: stmmac: Fix sub-second increment
wimax/i2400m: Fix potential urb refcnt leak
ASoC: sgtl5000: Fix VAG power-on handling
selftests/ipc: Fix test failure seen after initial test run
iio:ad7797: Use correct attribute_group
powerpc/pci/of: Parse unassigned resources
vhost: vsock: kick send_pkt worker once device is started
Merge 4.9.222 into android-4.9-q
Linux 4.9.222
drm/qxl: qxl_release use after free
* selinux: properly handle multiple messages in selinux_netlink_send()
security/selinux/hooks.c
dmaengine: dmatest: Fix iteration non-stop logic
nfs: Fix potential posix_acl refcnt leak in nfs3_set_acl
ALSA: opti9xx: shut up gcc-10 range warning
iommu/amd: Fix legacy interrupt remapping for x2APIC-enabled system
vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn()
RDMA/mlx4: Initialize ib_spec on the stack
* dm verity fec: fix hash block number in verity_fec_decode
drivers/md/dm-verity-fec.c
PM: hibernate: Freeze kernel threads in software_resume()
PM: ACPI: Output correct message on target power state
ALSA: pcm: oss: Place the plugin buffer overflow checks correctly
ALSA: hda/hdmi: fix without unlocked before return
btrfs: fix block group leak when removing fails
drm/qxl: qxl_release leak in qxl_hw_surface_alloc()
drm/qxl: qxl_release leak in qxl_draw_dirty_fb()
* drm/edid: Fix off-by-one in DispID DTD pixel clock
drivers/gpu/drm/drm_edid.c
* ext4: fix special inode number checks in __ext4_iget()
fs/ext4/inode.c
Merge 4.9.221 into android-4.9-q
ANDROID: cuttlefish_defconfig: Fix dm-verity related options
Linux 4.9.221
* propagate_one(): mnt_set_mountpoint() needs mount_lock
fs/pnode.c
* ext4: check for non-zero journal inum in ext4_calculate_overhead
fs/ext4/super.c
* ext4: unsigned int compared against zero
fs/ext4/block_validity.c
* ext4: fix block validity checks for journal inodes using indirect blocks
fs/ext4/block_validity.c
* ext4: don't perform block validity checks on the journal inode
fs/ext4/extents.c
* ext4: protect journal inode's blocks using block_validity
fs/ext4/block_validity.c
fs/ext4/inode.c
* ext4: avoid declaring fs inconsistent due to invalid file handles
fs/ext4/ext4.h
fs/ext4/ialloc.c
fs/ext4/inode.c
fs/ext4/ioctl.c
fs/ext4/namei.c
fs/ext4/resize.c
fs/ext4/super.c
hwmon: (jc42) Fix name to have no illegal characters
* ext4: convert BUG_ON's to WARN_ON's in mballoc.c
fs/ext4/mballoc.c
xen/xenbus: ensure xenbus_map_ring_valloc() returns proper grant status
objtool: Support Clang non-section symbols in ORC dump
objtool: Fix CONFIG_UBSAN_TRAP unreachable warnings
scsi: target: fix PR IN / READ FULL STATUS for FC
xfs: fix partially uninitialized structure in xfs_reflink_remap_extent
bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B
* perf/core: fix parent pid/tid in task exit events
kernel/events/core.c
net/cxgb4: Check the return from t4_query_params properly
nfsd: memory corruption in nfsd4_lock()
usb: gadget: udc: bdc: Remove unnecessary NULL checks in bdc_req_complete
mtd: cfi: fix deadloop in cfi_cmdset_0002.c do_write_buffer
* fuse: fix possibly missed wake-up after abort
fs/fuse/dev.c
remoteproc: Fix wrong rvring index computation
* usb: f_fs: Clear OS Extended descriptor counts to zero in ffs_data_reset()
drivers/usb/gadget/function/f_fs.c
UAS: fix deadlock in error handling and PM flushing work
UAS: no use logging any details in case of ENODEV
staging: vt6656: Power save stop wake_up_count wrap around.
staging: vt6656: Fix drivers TBTT timing counter.
staging: comedi: Fix comedi_device refcnt leak in comedi_open
staging: comedi: dt2815: fix writing hi byte of analog output
ARM: imx: provide v7_cpu_resume() only on ARM_CPU_SUSPEND=y
* ASoC: dapm: fixup dapm kcontrol widget
sound/soc/soc-dapm.c
* audit: check the length of userspace generated audit records
kernel/audit.c
* usb-storage: Add unusual_devs entry for JMicron JMS566
drivers/usb/storage/unusual_devs.h
tty: rocket, avoid OOB access
tty: hvc: fix buffer overflow during hvc_alloc().
KVM: VMX: Enable machine check support for 32bit targets
* KVM: Check validity of resolved slot when searching memslots
include/linux/kvm_host.h
tpm/tpm_tis: Free IRQ if probing fails
* ALSA: usb-audio: Filter out unsupported sample rates on Focusrite devices
sound/usb/format.c
* ALSA: usb-audio: Fix usb audio refcnt leak when getting spdif
sound/usb/mixer_quirks.c
ALSA: usx2y: Fix potential NULL dereference
* vmalloc: fix remap_vmalloc_range() bounds checks
include/linux/vmalloc.h
mm/vmalloc.c
* overflow.h: Add arithmetic shift helper
include/linux/overflow.h
* USB: hub: Fix handling of connect changes during sleep
drivers/usb/core/hub.c
* USB: core: Fix free-while-in-use bug in the USB S-Glibrary
drivers/usb/core/message.c
* USB: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair K70 RGB RAPIDFIRE
drivers/usb/core/quirks.c
USB: sisusbvga: Change port variable from signed to unsigned
* fs/namespace.c: fix mountpoint reference counter race
fs/namespace.c
iio: xilinx-xadc: Fix sequencer configuration for aux channels in simultaneous mode
iio: xilinx-xadc: Fix clearing interrupt when enabling trigger
iio: xilinx-xadc: Fix ADC-B powerdown
ALSA: hda: Remove ASUS ROG Zenith from the blacklist
* xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish
net/ipv4/xfrm4_output.c
net/ipv6/xfrm6_output.c
net: dsa: b53: Fix ARL register definitions
team: fix hang in team_mode_get()
* tcp: cache line align MAX_TCP_HEADER
include/net/tcp.h
net/x25: Fix x25_neigh refcnt leak when receiving frame
net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node
macvlan: fix null dereference in macvlan_device_event()
macsec: avoid to set wrong mtu
* ipv6: fix restrict IPV6_ADDRFORM operation
net/ipv6/ipv6_sockglue.c
PCI/ASPM: Allow re-enabling Clock PM
pwm: bcm2835: Dynamically allocate base
pwm: renesas-tpu: Fix late Runtime PM enablement
s390/cio: avoid duplicated 'ADD' uevents
ipc/util.c: sysvipc_find_ipc() should increase position index
kernel/gcov/fs.c: gcov_seq_next() should increase position index
ASoC: Intel: atom: Take the drv->lock mutex before calling sst_send_slot_map()
scsi: iscsi: Report unbind session event when the target has been removed
pwm: rcar: Fix late Runtime PM enablement
ceph: don't skip updating wanted caps when cap is stale
ceph: return ceph_mdsc_do_request() errors from __get_parent()
scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login
* watchdog: reset last_hw_keepalive time at start
drivers/watchdog/watchdog_dev.c
* vti4: removed duplicate log message.
net/ipv4/ip_vti.c
crypto: mxs-dcp - make symbols 'sha1_null_hash' and 'sha256_null_hash' static
* drm/msm: Use the correct dma_sync calls harder
drivers/gpu/drm/msm/msm_gem.c
* net: ipv4: avoid unused variable warning for sysctl
net/ipv4/route.c
* net: ipv4: emulate READ_ONCE() on ->hdrincl bit-field in raw_sendmsg()
net/ipv4/raw.c
* ext4: fix extent_status fragmentation for plain files
fs/ext4/extents.c
* UPSTREAM: loop: Only freeze block queue when needed.
drivers/block/loop.c
* UPSTREAM: loop: Only change blocksize when needed.
drivers/block/loop.c
* BACKPORT: loop: change queue block size to match when using DIO
drivers/block/loop.c
Merge 4.9.220 into android-4.9-q
Linux 4.9.220
x86/vdso: Fix lsl operand order
x86/microcode/intel: replace sync_core() with native_cpuid_reg(eax)
x86/CPU: Add native CPUID variants returning a single datum
mtd: phram: fix a double free issue in error path
mtd: lpddr: Fix a double free in probe()
locktorture: Print ratio of acquisitions, not failures
tty: evh_bytechan: Fix out of bounds accesses
* fbdev: potential information leak in do_fb_ioctl()
drivers/video/fbdev/core/fbmem.c
iommu/amd: Fix the configuration of GCR3 table root pointer
libnvdimm: Out of bounds read in __nd_ioctl()
ext2: fix debug reference to ext2_xattr_cache
ext2: fix empty body warnings when -Wextra is used
NFS: Fix memory leaks in nfs_pageio_stop_mirroring()
KVM: s390: vsie: Fix possible race when shadowing region 3 tables
* compiler.h: fix error in BUILD_BUG_ON() reporting
include/linux/compiler.h
* percpu_counter: fix a data race at vm_committed_as
include/linux/percpu_counter.h
* ext4: do not commit super on read-only bdev
fs/ext4/super.c
powerpc/maple: Fix declaration made after definition
s390/cpuinfo: fix wrong output when CPU0 is offline
NFS: direct.c: Fix memory leak of dreq when nfs_get_lock_context fails
clk: tegra: Fix Tegra PMC clock out parents
power: supply: bq27xxx_battery: Silence deferred-probe error
clk: at91: usb: continue if clk_hw_round_rate() return zero
of: unittest: kmemleak in of_unittest_platform_populate()
* arm64: cpu_errata: include required headers
arch/arm64/kernel/cpu_errata.c
* of: fix missing kobject init for !SYSFS && OF_DYNAMIC config
drivers/of/base.c
soc: qcom: smem: Use le32_to_cpu for comparison
wil6210: fix length check in __wmi_send
rtc: pm8xxx: Fix issue in RTC write path
wil6210: rate limit wil_rx_refill error
* scsi: ufs: ufs-qcom: remove broken hci version quirk
drivers/scsi/ufs/ufs-qcom.c
* scsi: ufs: make sure all interrupts are processed
drivers/scsi/ufs/ufshcd.c
wil6210: fix temperature debugfs
wil6210: increase firmware ready timeout
* Revert "gpio: set up initial state from .get_direction()"
drivers/gpio/gpiolib.c
* drm: NULL pointer dereference [null-pointer-deref] (CWE 476) problem
drivers/gpu/drm/drm_dp_mst_topology.c
video: fbdev: sis: Remove unnecessary parentheses and commented code
ALSA: hda: Don't release card at firmware loading error
* scsi: sg: add sg_remove_request in sg_common_write
drivers/scsi/sg.c
objtool: Fix switch table detection in .text.unlikely
* tracing: Fix the race between registering 'snapshot' event trigger and triggering 'snapshot' operation
kernel/trace/trace_events_trigger.c
scsi: target: fix hang when multiple threads try to destroy the same iscsi session
scsi: target: remove boilerplate code
kvm: x86: Host feature SSBD doesn't imply guest feature SPEC_CTRL_SSBD
dm flakey: check for null arg_name in parse_features()
* ext4: do not zeroout extents beyond i_disksize
fs/ext4/extents.c
mac80211_hwsim: Use kstrndup() in place of kasprintf()
btrfs: check commit root generation in should_ignore_root
* ALSA: usb-audio: Don't override ignore_ctl_error value from the map
sound/usb/mixer.c
ASoC: Intel: mrfld: return error codes when an error occurs
ASoC: Intel: mrfld: fix incorrect check on p->sink
* ext4: fix incorrect inodes per group in error message
fs/ext4/super.c
* ext4: fix incorrect group count in ext4_fill_super error message
fs/ext4/super.c
* jbd2: improve comments about freeing data buffers whose page mapping is NULL
fs/jbd2/commit.c
* scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic
drivers/scsi/ufs/ufshcd.c
* net: ipv6: do not consider routes via gateways for anycast address check
include/net/ip6_route.h
net: qrtr: send msgs from local of same id as broadcast
* net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin
net/ipv4/devinet.c
hsr: check protocol version in hsr_newlink()
mfd: dln2: Fix sanity checking for endpoints
misc: echo: Remove unnecessary parentheses and simplify check for zero
powerpc/fsl_booke: Avoid creating duplicate tlb1 entry
ipmi: fix hung processes in __get_guid()
* drm: Remove PageReserved manipulation from drm_pci_alloc
drivers/gpu/drm/drm_pci.c
* drm/dp_mst: Fix clearing payload state on topology disable
drivers/gpu/drm/drm_dp_mst_topology.c
Btrfs: fix crash during unmount due to race with delayed inode workers
powerpc/64/tm: Don't let userspace set regs->trap via sigreturn
libata: Return correct status in sata_pmp_eh_recover_pm() when ATA_DFLAG_DETACH is set
hfsplus: fix crash and filesystem corruption when deleting files
cpufreq: powernv: Fix use-after-free
* kmod: make request_module() return an error when autoloading is disabled
kernel/kmod.c
Input: i8042 - add Acer Aspire 5738z to nomux list
s390/diag: fix display of diagnose call statistics
ocfs2: no need try to truncate file beyond i_size
* ext4: fix a data race at inode->i_blocks
fs/ext4/inode.c
rtc: omap: Use define directive for PIN_CONFIG_ACTIVE_HIGH
* arm64: armv8_deprecated: Fix undef_hook mask for thumb setend
arch/arm64/kernel/armv8_deprecated.c
scsi: zfcp: fix missing erp_lock in port recovery trigger for point-to-point
* dm verity fec: fix memory leak in verity_fec_dtr
drivers/md/dm-verity-fec.c
* mm: Use fixed constant in page_frag_alloc instead of size + 1
mm/page_alloc.c
tools: gpio: Fix out-of-tree build regression
* x86/speculation: Remove redundant arch_smt_update() invocation
kernel/cpu.c
ALSA: hda: Initialize power_state field properly
crypto: mxs-dcp - fix scatterlist linearization for hash
btrfs: drop block from cache on error in relocation
KVM: VMX: fix crash cleanup when KVM wasn't used
KVM: VMX: Always VMCLEAR in-use VMCSes during crash with kexec support
KVM: x86: Allocate new rmap and large page tracking when moving memslot
KVM: s390: vsie: Fix delivery of addressing exceptions
KVM: s390: vsie: Fix region 1 ASCE sanity shadow address checks
x86/entry/32: Add missing ASM_CLAC to general_protection entry
* signal: Extend exec_id to 64bits
fs/exec.c
include/linux/sched.h
kernel/signal.c
ath9k: Handle txpower changes even when TPC is disabled
MIPS: OCTEON: irq: Fix potential NULL pointer dereference
irqchip/versatile-fpga: Apply clear-mask earlier
* KEYS: reaching the keys quotas correctly
security/keys/key.c
security/keys/keyctl.c
* thermal: devfreq_cooling: inline all stubs for CONFIG_DEVFREQ_THERMAL=n
include/linux/devfreq_cooling.h
acpi/x86: ignore unspecified bit positions in the ACPI global lock field
media: ti-vpe: cal: fix disable_irqs to only the intended target
ALSA: pcm: oss: Fix regression by buffer overflow fix
ALSA: ice1724: Fix invalid access for enumerated ctl items
ALSA: hda: Fix potential access overflow in beep helper
ALSA: hda: Add driver blacklist
* ALSA: usb-audio: Add mixer workaround for TRX40 and co
sound/usb/mixer_maps.c
* usb: gadget: composite: Inform controller driver of self-powered
drivers/usb/gadget/composite.c
* usb: gadget: f_fs: Fix use after free issue as part of queue failure
drivers/usb/gadget/function/f_fs.c
ASoC: topology: use name_prefix for new kcontrol
* ASoC: dpcm: allow start or stop during pause for backend
sound/soc/soc-pcm.c
* ASoC: dapm: connect virtual mux with default value
sound/soc/soc-dapm.c
* ASoC: fix regwmask
sound/soc/soc-ops.c
misc: rtsx: set correct pcr_ops for rts522A
btrfs: track reloc roots based on their commit root bytenr
btrfs: remove a BUG_ON() from merge_reloc_roots()
locking/lockdep: Avoid recursion in lockdep_count_{for,back}ward_deps()
x86/boot: Use unsigned comparison for addresses
gfs2: Don't demote a glock until its revokes are written
libata: Remove extra scsi_host_put() in ata_scsi_add_hosts()
selftests/x86/ptrace_syscall_32: Fix no-vDSO segfault
* sched: Avoid scale real weight down to zero
kernel/sched/sched.h
irqchip/versatile-fpga: Handle chained IRQs properly
i2c: st: fix missing struct parameter description
qlcnic: Fix bad kzalloc null test
net: vxge: fix wrong __VA_ARGS__ usage
bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads
Change-Id: I8e3db9ae637c39f066fe40e5fd6c38be92390f19
Signed-off-by: lucaswei <lucaswei@google.com>
|
||
|
Jann Horn
|
f8e84d7a94 |
vmalloc: fix remap_vmalloc_range() bounds checks
commit bdebd6a2831b6fab69eb85cee74a8ba77f1a1cc2 upstream.
remap_vmalloc_range() has had various issues with the bounds checks it
promises to perform ("This function checks that addr is a valid
vmalloc'ed area, and that it is big enough to cover the vma") over time,
e.g.:
- not detecting pgoff<<PAGE_SHIFT overflow
- not detecting (pgoff<<PAGE_SHIFT)+usize overflow
- not checking whether addr and addr+(pgoff<<PAGE_SHIFT) are the same
vmalloc allocation
- comparing a potentially wildly out-of-bounds pointer with the end of
the vmalloc region
In particular, since commit fc9702273e2e ("bpf: Add mmap() support for
BPF_MAP_TYPE_ARRAY"), unprivileged users can cause kernel null pointer
dereferences by calling mmap() on a BPF map with a size that is bigger
than the distance from the start of the BPF map to the end of the
address space.
This could theoretically be used as a kernel ASLR bypass, by using
whether mmap() with a given offset oopses or returns an error code to
perform a binary search over the possible address range.
To allow remap_vmalloc_range_partial() to verify that addr and
addr+(pgoff<<PAGE_SHIFT) are in the same vmalloc region, pass the offset
to remap_vmalloc_range_partial() instead of adding it to the pointer in
remap_vmalloc_range().
In remap_vmalloc_range_partial(), fix the check against
get_vm_area_size() by using size comparisons instead of pointer
comparisons, and add checks for pgoff.
Fixes:
|
||
|
lucaswei
|
b647e7a00f |
Merge android-4.9-q (4.9.219) into android-msm-pixel-4.9-lts
Merge 4.9.219 into android-4.9-q
Linux 4.9.219
* drm/msm: Use the correct dma_sync calls in msm_gem
drivers/gpu/drm/msm/msm_gem.c
* drm_dp_mst_topology: fix broken drm_dp_sideband_parse_remote_dpcd_read()
drivers/gpu/drm/drm_dp_mst_topology.c
* usb: dwc3: don't set gadget->is_otg flag
drivers/usb/dwc3/gadget.c
* arm64: Fix size of __early_cpu_boot_status
arch/arm64/kernel/head.S
* drm/msm: stop abusing dma_map/unmap for cache
drivers/gpu/drm/msm/msm_gem.c
* clk: qcom: rcg: Return failure for RCG update
drivers/clk/qcom/clk-rcg2.c
RDMA/cm: Update num_paths in cma_resolve_iboe_route error flow
Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
ceph: canonicalize server path in place
ceph: remove the extra slashes in the server path
IB/hfi1: Fix memory leaks in sysfs registration and unregistration
IB/hfi1: Call kobject_put() when kobject_init_and_add() fails
ASoC: jz4740-i2s: Fix divider written at incorrect offset in register
tools/accounting/getdelays.c: fix netlink attribute length
* random: always use batched entropy for get_random_u{32,64}
drivers/char/random.c
net: phy: micrel: kszphy_resume(): add delay after genphy_resume() before accessing PHY registers
slcan: Don't transmit uninitialized stack data in padding
net: stmmac: dwmac1000: fix out-of-bounds mac address reg setting
net: dsa: bcm_sf2: Ensure correct sub-node is parsed
mm: mempolicy: require at least one nodeid for MPOL_PREFERRED
padata: always acquire cpu_hotplug_lock before pinst->lock
net: dsa: tag_brcm: Fix skb->fwd_offload_mark location
* coresight: do not use the BIT() macro in the UAPI header
include/uapi/linux/coresight-stm.h
* blk-mq: Allow blocking queue tag iter callbacks
block/blk-mq-tag.c
* blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter
block/blk-mq-tag.c
block/blk-mq.c
drm/etnaviv: replace MMU flush marker with flush sequence
sctp: fix possibly using a bad saddr with a given dst
sctp: fix refcount bug in sctp_wfree
* net, ip_tunnel: fix interface lookup with no key
net/ipv4/ip_tunnel.c
* ipv4: fix a RCU-list lock in fib_triestat_seq_show
net/ipv4/fib_trie.c
drm/bochs: downgrade pci_request_region failure from error to warning
* l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()
net/l2tp/l2tp_core.c
net/l2tp/l2tp_core.h
* l2tp: ensure sessions are freed after their PPPOL2TP socket
net/l2tp/l2tp_ppp.c
ANDROID: cuttlefish_defconfig: Minimally enable EFI
Merge 4.9.218 into android-4.9-q
Linux 4.9.218
perf map: Fix off by one in strncpy() size argument
* arm64: alternative: fix build with clang integrated assembler
arch/arm64/include/asm/alternative.h
net: ks8851-ml: Fix IO operations, again
* bpf: Explicitly memset the bpf_attr structure
kernel/bpf/syscall.c
* vt: vt_ioctl: fix use-after-free in vt_in_use()
drivers/tty/vt/vt_ioctl.c
* locking/atomic, kref: Add kref_read()
include/linux/kref.h
* vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
drivers/tty/vt/vt.c
drivers/tty/vt/vt_ioctl.c
* vt: vt_ioctl: remove unnecessary console allocation checks
drivers/tty/vt/vt_ioctl.c
* vt: switch vt_dont_switch to bool
drivers/tty/vt/vt_ioctl.c
include/linux/vt_kern.h
* vt: ioctl, switch VT_IS_IN_USE and VT_BUSY to inlines
drivers/tty/vt/vt_ioctl.c
* vt: selection, introduce vc_is_sel
drivers/tty/vt/selection.c
drivers/tty/vt/vt.c
drivers/tty/vt/vt_ioctl.c
include/linux/selection.h
mac80211: fix authentication with iwlwifi/mvm
mac80211: Check port authorization in the ieee80211_tx_dequeue() case
media: xirlink_cit: add missing descriptor sanity checks
media: stv06xx: add missing descriptor sanity checks
media: dib0700: fix rc endpoint lookup
media: ov519: add missing endpoint sanity checks
* libfs: fix infoleak in simple_attr_read()
fs/libfs.c
staging: wlan-ng: fix use-after-free Read in hfa384x_usbin_callback
staging: wlan-ng: fix ODEBUG bug in prism2sta_disconnect_usb
staging: rtl8188eu: Add ASUS USB-N10 Nano B1 to device table
media: usbtv: fix control-message timeouts
media: flexcop-usb: fix endpoint sanity check
usb: musb: fix crash with highmen PIO and usbmon
USB: serial: io_edgeport: fix slab-out-of-bounds read in edge_interrupt_callback
USB: cdc-acm: restore capability check order
USB: serial: option: add Wistron Neweb D19Q1
USB: serial: option: add BroadMobi BM806U
USB: serial: option: add support for ASKEY WWHC050
tools: Let O= makes handle a relative path with -C option
Input: raydium_i2c_ts - fix error codes in raydium_i2c_boot_trigger()
Input: raydium_i2c_ts - use true and false for boolean values
* vti6: Fix memory leak of skb if input policy check fails
net/ipv6/ip6_vti.c
netfilter: nft_fwd_netdev: validate family and chain type
* xfrm: policy: Fix doulbe free in xfrm_policy_timer
net/xfrm/xfrm_policy.c
* xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire
net/xfrm/xfrm_user.c
* xfrm: fix uctx len check in verify_sec_ctx_len
net/xfrm/xfrm_user.c
* vti[6]: fix packet tx through bpf_redirect() in XinY cases
net/ipv4/Kconfig
net/ipv4/ip_vti.c
net/ipv6/ip6_vti.c
* genirq: Fix reference leaks on irq affinity notifiers
kernel/irq/manage.c
mac80211: mark station unauthorized before key removal
* scsi: sd: Fix optimal I/O size for devices that change reported values
drivers/scsi/sd.c
scripts/dtc: Remove redundant YYLOC global declaration
perf probe: Do not depend on dwfl_module_addrsym()
ARM: dts: omap5: Add bus_dma_limit for L3 bus
ARM: dts: dra7: Add bus_dma_limit for L3 bus
i2c: hix5hd2: add missed clk_disable_unprepare in remove
sxgbe: Fix off by one in samsung driver strncpy size arg
mac80211: Do not send mesh HWMP PREQ if HWMP is disabled
scsi: ipr: Fix softlockup when rescanning devices in petitboot
dt-bindings: net: FMan erratum A050385
cpupower: avoid multiple definition with gcc -fno-common
* net: ipv4: don't let PMTU updates increase route MTU
net/ipv4/route.c
KVM: VMX: Do not allow reexecute_instruction() when skipping MMIO instr
hsr: set .netnsok flag
hsr: add restart routine into hsr_get_node_list()
hsr: use rcu_read_lock() in hsr_get_node_{list/status}()
net: mvneta: Fix the case where the last poll did not process all rx
vxlan: check return value of gro_cells_init()
slcan: not call free_netdev before rtnl_unlock in slcan_open
NFC: fdp: Fix a signedness bug in fdp_nci_send_patch()
net_sched: keep alloc_hash updated after hash allocation
net_sched: cls_route: remove the right filter from hashtable
net: dsa: Fix duplicate frames flooded by learning
macsec: restrict to ethernet devices
hsr: fix general protection fault in hsr_addr_is_self()
* Revert "drm/dp_mst: Skip validating ports during destruction, just ref"
drivers/gpu/drm/drm_dp_mst_topology.c
staging: greybus: loopback_test: fix potential path truncations
staging: greybus: loopback_test: fix potential path truncation
* arm64: smp: fix smp_send_stop() behaviour
arch/arm64/kernel/smp.c
ALSA: hda/realtek: Fix pop noise on ALC225
* futex: Unbreak futex hashing
kernel/futex.c
* futex: Fix inode life-time issue
fs/inode.c
include/linux/fs.h
include/linux/futex.h
kernel/futex.c
* kbuild: Disable -Wpointer-to-enum-cast
scripts/Makefile.extrawarn
USB: cdc-acm: fix rounding error in TIOCSSERIAL
USB: cdc-acm: fix close_delay and closing_wait units in TIOCSSERIAL
* x86/mm: split vmalloc_sync_all()
include/linux/vmalloc.h
kernel/notifier.c
mm/vmalloc.c
* mm, slub: prevent kmalloc_node crashes and memory leaks
mm/slub.c
* mm: slub: be more careful about the double cmpxchg of freelist
mm/slub.c
* memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event
mm/memcontrol.c
* rtc: max8907: add missing select REGMAP_IRQ
drivers/rtc/Kconfig
intel_th: Fix user-visible error codes
staging/speakup: fix get_word non-space look-ahead
staging: rtl8188eu: Add device id for MERCUSYS MW150US v2
mmc: sdhci-of-at91: fix cd-gpios for SAMA5D2
iio: magnetometer: ak8974: Fix negative raw values in sysfs
ALSA: pcm: oss: Remove WARNING from snd_pcm_plug_alloc() checks
ALSA: pcm: oss: Avoid plugin buffer overflow
ALSA: seq: oss: Fix running status after receiving sysex
ALSA: seq: virmidi: Fix running status after receiving sysex
ALSA: line6: Fix endless MIDI read loop
USB: serial: pl2303: add device-id for HP LD381
* usb: host: xhci-plat: add a shutdown
drivers/usb/host/xhci-plat.c
USB: serial: option: add ME910G1 ECM composition 0x110b
* usb: quirks: add NO_LPM quirk for RTL8153 based ethernet adapters
drivers/usb/core/quirks.c
* USB: Disable LPM on WD19's Realtek Hub
drivers/usb/core/quirks.c
altera-stapl: altera_get_note: prevent write beyond end of 'key'
drm/exynos: dsi: fix workaround for the legacy clock name
drm/exynos: dsi: propagate error value and silence meaningless warning
spi/zynqmp: remove entry that causes a cs glitch
ARM: dts: dra7: Add "dma-ranges" property to PCIe RC DT nodes
powerpc: Include .BTF section
* spi: qup: call spi_qup_pm_resume_runtime before suspending
drivers/spi/spi-qup.c
* UPSTREAM: ipv6: ndisc: add support for 'PREF64' dns64 prefix identifier
include/net/ndisc.h
net/ipv6/ndisc.c
ANDROID: dm-bow: Fix free_show value is incorrect
* UPSTREAM: bpf: Explicitly memset the bpf_attr structure
kernel/bpf/syscall.c
Merge 4.9.217 into android-4.9-q
Linux 4.9.217
* ipv4: ensure rcu_read_lock() in cipso_v4_error()
net/ipv4/cipso_ipv4.c
* mm: slub: add missing TID bump in kmem_cache_alloc_bulk()
mm/slub.c
ARM: 8958/1: rename missed uaccess .fixup section
ARM: 8957/1: VDSO: Match ARMv8 timer in cntvct_functional()
* jbd2: fix data races at struct journal_head
fs/jbd2/transaction.c
* signal: avoid double atomic counter increments for user accounting
kernel/signal.c
mac80211: rx: avoid RCU list traversal under mutex
net: ks8851-ml: Fix IRQ handling and locking
* cfg80211: check reg_rule for NULL in handle_channel_custom()
net/wireless/reg.c
HID: i2c-hid: add Trekstor Surfbook E11B to descriptor override
* HID: apple: Add support for recent firmware on Magic Keyboards
drivers/hid/hid-apple.c
ACPI: watchdog: Allow disabling WDAT at boot
perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT flag
batman-adv: Use explicit tvlv padding for ELP packets
batman-adv: Avoid probe ELP information leak
batman-adv: update data pointers after skb_cow()
batman-adv: Don't schedule OGM for disabled interface
batman-adv: Avoid free/alloc race when handling OGM buffer
batman-adv: Avoid free/alloc race when handling OGM2 buffer
batman-adv: Fix duplicated OGMs on NETDEV_UP
batman-adv: Prevent duplicated gateway_node entry
batman-adv: Fix multicast TT issues with bogus ROAM flags
batman-adv: Avoid storing non-TT-sync flags on singular entries too
batman-adv: Fix debugfs path for renamed softif
batman-adv: Fix debugfs path for renamed hardif
batman-adv: prevent TT request storms by not sending inconsistent TT TLVLs
batman-adv: Fix TT sync flags for intermediate TT responses
batman-adv: Avoid race in TT TVLV allocator helper
batman-adv: Fix internal interface indices types
batman-adv: Fix lock for ogm cnt access in batadv_iv_ogm_calc_tq
batman-adv: Fix check of retrieved orig_gw in batadv_v_gw_is_eligible
batman-adv: Always initialize fragment header priority
batman-adv: Avoid spurious warnings from bat_v neigh_cmp implementation
batman-adv: fix TT sync flag inconsistencies
batman-adv: Accept only filled wifi station info
batman-adv: Use default throughput value on cfg80211 error
batman-adv: Fix rx packet/bytes stats on local ARP reply
batman-adv: Initialize gw sel_class via batadv_algo
batman-adv: Fix transmission of final, 16th fragment
batman-adv: Fix double free during fragment merge error
efi: Add a sanity check to efivar_store_raw()
* ipv6: restrict IPV6_ADDRFORM operation
net/ipv6/ipv6_sockglue.c
iommu/vt-d: Ignore devices with out-of-spec domain number
iommu/vt-d: Fix the wrong printing in RHSA parsing
mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()
netfilter: cthelper: add missing attribute validation for cthelper
* nl80211: add missing attribute validation for channel switch
net/wireless/nl80211.c
* nl80211: add missing attribute validation for beacon report scanning
net/wireless/nl80211.c
* nl80211: add missing attribute validation for critical protocol indication
net/wireless/nl80211.c
iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page
iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint
efi: Fix a race and a buffer overflow while reading efivars via sysfs
ARC: define __ALIGN_STR and __ALIGN symbols for ARC
KVM: x86: clear stale x86_emulate_ctxt->intercept value
gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache
* cifs_atomic_open(): fix double-put on late allocation failure
fs/open.c
drm/amd/display: remove duplicated assignment to grph_obj_type
* workqueue: don't use wq_select_unbound_cpu() for bound works
kernel/workqueue.c
iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn + add_taint
virtio-blk: fix hw_queue stopped on arbitrary error
* net: phy: fix MDIO bus PM PHY resuming
drivers/net/phy/phy_device.c
include/linux/phy.h
* cgroup: memcg: net: do not associate sock with unrelated cgroup
kernel/cgroup.c
mm/memcontrol.c
* bonding/alb: make sure arp header is pulled before accessing it
drivers/net/bonding/bond_alb.c
* slip: make slhc_compress() more robust against malicious packets
drivers/net/slip/slhc.c
net: fec: validate the new settings in fec_enet_set_coalesce()
macvlan: add cond_resched() during multicast processing
ipvlan: don't deref eth hdr before checking it's set
ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast()
ipvlan: egress mcast packets are not exceptional
ipvlan: do not add hardware address of master to its unicast filter list
ipvlan: add cond_resched_rcu() while processing muticast backlog
nfc: add missing attribute validation for vendor subcommand
nfc: add missing attribute validation for SE API
team: add missing attribute validation for array index
team: add missing attribute validation for port ifindex
net: fq: add missing attribute validation for orphan mask
macsec: add missing attribute validation for port
nl802154: add missing attribute validation for dev_type
nl802154: add missing attribute validation
* fib: add missing attribute validation for tun_id
include/net/fib_rules.h
bnxt_en: reinitialize IRQs when MTU is modified
* r8152: check disconnect status after long sleep
drivers/net/usb/r8152.c
net: nfc: fix bounds checking bugs on "pipe"
net: macsec: update SCI upon MAC address change.
* ipv6/addrconf: call ipv6_mc_up() for non-Ethernet interface
net/ipv6/addrconf.c
gre: fix uninit-value in __iptunnel_pull_header
cgroup, netclassid: periodically release file_lock on classid updating
* net: phy: Avoid multiple suspends
drivers/net/phy/phy_device.c
* phy: Revert toggling reset changes.
drivers/net/phy/phy_device.c
NFS: Remove superfluous kmap in nfs_readdir_xdr_to_array
Merge 4.9.216 into android-4.9-q
Linux 4.9.216
crypto: algif_skcipher - use ZERO_OR_NULL_PTR in skcipher_recvmsg_async
dm cache: fix a crash due to incorrect work item cancelling
powerpc: fix hardware PMU exception bug on PowerVM compatibility mode systems
dmaengine: coh901318: Fix a double lock bug in dma_tc_handle()
hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT()
ARM: imx: build v7_cpu_resume() unconditionally
RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen()
RDMA/iwcm: Fix iwcm work deallocation
* ASoC: dapm: Correct DAPM handling of active widgets during shutdown
sound/soc/soc-dapm.c
ASoC: pcm512x: Fix unbalanced regulator enable call in probe error path
* ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output
sound/soc/soc-pcm.c
ARM: dts: ls1021a: Restore MDIO compatible to gianfar
dmaengine: tegra-apb: Prevent race conditions of tasklet vs free list
dmaengine: tegra-apb: Fix use-after-free
x86/pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes
* vt: selection, push sel_lock up
drivers/tty/vt/selection.c
* vt: selection, push console lock down
drivers/tty/vt/selection.c
drivers/tty/vt/vt.c
* vt: selection, close sel_buffer race
drivers/tty/vt/selection.c
tty:serial:mvebu-uart:fix a wrong return
* fat: fix uninit-memory access for partial initialized inode
fs/fat/inode.c
vgacon: Fix a UAF in vgacon_invert_region
* usb: core: port: do error out if usb_autopm_get_interface() fails
drivers/usb/core/port.c
* usb: core: hub: do error out if usb_autopm_get_interface() fails
drivers/usb/core/hub.c
* usb: quirks: add NO_LPM quirk for Logitech Screen Share
drivers/usb/core/quirks.c
* usb: storage: Add quirk for Samsung Fit flash
drivers/usb/storage/unusual_devs.h
cifs: don't leak -EAGAIN for stat() during reconnect
s390/cio: cio_ignore_proc_seq_next should increase position index
watchdog: da9062: do not ping the hw during stop()
net: ks8851-ml: Fix 16-bit IO operation
net: ks8851-ml: Fix 16-bit data access
net: ks8851-ml: Remove 8-bit bus accessors
drm/msm/dsi: save pll state before dsi host is powered off
drm: msm: Fix return type of dsi_mgr_connector_mode_valid for kCFI
usb: gadget: serial: fix Tx stall after buffer overflow
* usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags
drivers/usb/gadget/function/f_fs.c
* usb: gadget: composite: Support more than 500mA MaxPower
drivers/usb/gadget/composite.c
serial: ar933x_uart: set UART_CS_{RX,TX}_READY_ORIDE
vhost: Check docket sk_family instead of call getname
* audit: always check the netlink payload length in audit_receive_msg()
kernel/audit.c
mm/huge_memory.c: use head to check huge zero page
perf hists browser: Restore ESC as "Zoom out" of DSO/thread/etc
drivers: net: xgene: Fix the order of the arguments of 'alloc_etherdev_mqs()'
* tuntap: correctly set SOCKWQ_ASYNC_NOSPACE
drivers/net/tun.c
slip: stop double free sl->dev in slip_open
KVM: Check for a bad hva before dropping into the ghc slow path
* namei: only return -ECHILD from follow_dotdot_rcu()
fs/namei.c
net: ena: make ena rxfh support ETH_RSS_HASH_NO_CHANGE
* net: netlink: cap max groups which will be considered in netlink_bind()
net/netlink/af_netlink.c
* include/linux/bitops.h: introduce BITS_PER_TYPE
include/linux/bitops.h
serial: 8250: Check UPF_IRQ_SHARED in advance
* ecryptfs: Fix up bad backport of fe2e082f5da5b4a0a92ae32978f81507ef37ec66
fs/ecryptfs/keystore.c
i2c: jz4780: silence log flood on txabrt
MIPS: VPE: Fix a double free and a memory leak in 'release_vpe()'
* HID: hiddev: Fix race in in hiddev_disconnect()
drivers/hid/usbhid/hiddev.c
* HID: core: increase HID report buffer size to 8KiB
include/linux/hid.h
* HID: core: fix off-by-one memset in hid_report_raw_event()
drivers/hid/hid-core.c
ACPI: watchdog: Fix gas->access_width usage
* ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro
include/acpi/actypes.h
* audit: fix error handling in audit_data_to_entry()
kernel/auditfilter.c
* ext4: potential crash on allocation error in ext4_alloc_flex_bg_array()
fs/ext4/super.c
* net: sched: correct flower port blocking
include/net/flow_dissector.h
nfc: pn544: Fix occasional HW initialization failure
sctp: move the format error check out of __sctp_sf_do_9_1_abort
* ipv6: Fix route replacement with dev-only route
net/ipv6/ip6_fib.c
* ipv6: Fix nlmsg_flags when splitting a multipath route
net/ipv6/route.c
net: phy: restore mdio regs in the iproc mdio driver
* net: fib_rules: Correctly set table field when table number exceeds 8 bits
net/core/fib_rules.c
* sysrq: Remove duplicated sysrq message
drivers/tty/sysrq.c
* sysrq: Restore original console_loglevel when sysrq disabled
drivers/tty/sysrq.c
* cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE
net/wireless/nl80211.c
cifs: Fix mode output in debugging statements
net: ena: ena-com.c: prevent NULL pointer dereference
net: ena: fix incorrectly saving queue numbers when setting RSS indirection table
net: ena: rss: store hash function as values and not bits
net: ena: rss: fix failure to get indirection table
net: ena: fix incorrect default RSS key
net: ena: add missing ethtool TX timestamping indication
net: ena: fix potential crash when rxfh key is NULL
qmi_wwan: re-add DW5821e pre-production variant
* cfg80211: check wiphy driver existence for drvinfo report
net/wireless/ethtool.c
mac80211: consider more elements in parsing CRC
* drm/msm: Set dma maximum segment size for mdss
drivers/gpu/drm/msm/msm_drv.c
ipmi:ssif: Handle a possible NULL pointer reference
* ext4: fix potential race between s_group_info online resizing and access
fs/ext4/ext4.h
fs/ext4/mballoc.c
* ext4: fix potential race between s_flex_groups online resizing and access
fs/ext4/ext4.h
fs/ext4/ialloc.c
fs/ext4/mballoc.c
fs/ext4/resize.c
fs/ext4/super.c
* ext4: fix potential race between online resizing and write operations
fs/ext4/balloc.c
fs/ext4/ext4.h
fs/ext4/resize.c
fs/ext4/super.c
iwlwifi: pcie: fix rb_allocator workqueue allocation
* FROMLIST: HID: nintendo: add nintendo switch controller driver
drivers/hid/Kconfig
drivers/hid/Makefile
drivers/hid/hid-core.c
drivers/hid/hid-ids.h
drivers/hid/hid-nintendo.c
Merge 4.9.215 into android-4.9-q
* UPSTREAM: sched/psi: Fix OOB write when writing 0 bytes to PSI files
kernel/sched/psi.c
* UPSTREAM: psi: Fix a division error in psi poll()
kernel/sched/psi.c
* UPSTREAM: sched/psi: Fix sampling error and rare div0 crashes with cgroups and high uptime
kernel/sched/psi.c
* UPSTREAM: sched/psi: Correct overly pessimistic size calculation
kernel/sched/psi.c
Linux 4.9.215
s390/mm: Explicitly compare PAGE_DEFAULT_KEY against zero in storage_key_init_range
xen: Enable interrupts when calling _cond_resched()
ata: ahci: Add shutdown to freeze hardware resources of ahci
* netfilter: xt_hashlimit: limit the max size of hashtable
net/netfilter/xt_hashlimit.c
ALSA: seq: Fix concurrent access to queue current tick/time
ALSA: seq: Avoid concurrent access to queue flags
* ALSA: rawmidi: Avoid bit fields for state flags
include/sound/rawmidi.h
* ecryptfs: replace BUG_ON with error handling code
fs/ecryptfs/crypto.c
staging: greybus: use after free in gb_audio_manager_remove_all()
* usb: gadget: composite: Fix bMaxPower for SuperSpeedPlus
drivers/usb/gadget/composite.c
scsi: Revert "target: iscsi: Wait for all commands to finish before freeing a session"
scsi: Revert "RDMA/isert: Fix a recently introduced regression related to logout"
Btrfs: fix btrfs_wait_ordered_range() so that it waits for all ordered extents
KVM: apic: avoid calculating pending eoi from an uninitialized val
KVM: nVMX: Check IO instruction VM-exit conditions
KVM: nVMX: Refactor IO bitmap checks into helper function
* ext4: fix race between writepages and enabling EXT4_EXTENTS_FL
fs/ext4/ext4.h
fs/ext4/migrate.c
* ext4: rename s_journal_flag_rwsem to s_writepages_rwsem
fs/ext4/ext4.h
fs/ext4/inode.c
fs/ext4/super.c
* ext4: fix mount failure with quota configured as module
fs/ext4/super.c
* ext4: add cond_resched() to __ext4_find_entry()
fs/ext4/namei.c
* ext4: fix a data race in EXT4_I(inode)->i_disksize
fs/ext4/ext4.h
fs/ext4/inode.c
* netfilter: xt_bpf: add overflow checks
net/netfilter/xt_bpf.c
KVM: nVMX: Don't emulate instructions in guest mode
lib/stackdepot.c: fix global out-of-bounds in stack_slabs
* vt: vt_ioctl: fix race in VT_RESIZEX
drivers/tty/vt/vt_ioctl.c
* VT_RESIZEX: get rid of field-by-field copyin
drivers/tty/vt/vt_ioctl.c
KVM: x86: don't notify userspace IOAPIC on edge-triggered interrupt EOI
* xhci: apply XHCI_PME_STUCK_QUIRK to Intel Comet Lake platforms
drivers/usb/host/xhci-pci.c
Revert "ipc,sem: remove uneeded sem_undo_list lock usage in exit_sem()"
tty: serial: imx: setup the correct sg entry for tx dma
tty/serial: atmel: manage shutdown in case of RS485 or ISO7816 mode
x86/mce/amd: Fix kobject lifetime
x86/mce/amd: Publish the bank pointer only after setup has succeeded
staging: rtl8188eu: Fix potential overuse of kernel memory
staging: rtl8188eu: Fix potential security hole
* USB: hub: Don't record a connect-change event during reset-resume
drivers/usb/core/hub.c
* USB: Fix novation SourceControl XL after suspend
drivers/usb/core/quirks.c
usb: uas: fix a plug & unplug racing
* xhci: Force Maximum Packet size for Full-speed bulk devices to valid range.
drivers/usb/host/xhci-mem.c
staging: vt6656: fix sign of rx_dbm to bb_pre_ed_rssi.
* staging: android: ashmem: Disallow ashmem memory from being remapped
drivers/staging/android/ashmem.c
* vt: selection, handle pending signals in paste_selection
drivers/tty/vt/selection.c
floppy: check FDC index for errors before assigning it
net/sched: flower: add missing validation of TCA_FLOWER_FLAGS
net/sched: matchall: add missing validation of TCA_MATCHALL_FLAGS
enic: prevent waking up stopped tx queues over watchdog reset
* selinux: ensure we cleanup the internal AVC counters on error in avc_update()
security/selinux/avc.c
help_next should increase position index
* brd: check and limit max_part par
drivers/block/brd.c
microblaze: Prevent the overflow of the start
iwlwifi: mvm: Fix thermal zone registration
* irqchip/gic-v3-its: Reference to its_invall_cmd descriptor when building INVALL
drivers/irqchip/irq-gic-v3-its.c
bcache: explicity type cast in bset_bkey_last()
reiserfs: prevent NULL pointer dereference in reiserfs_insert_item()
* lib/scatterlist.c: adjust indentation in __sg_alloc_table
lib/scatterlist.c
ocfs2: fix a NULL pointer dereference when call ocfs2_update_inode_fsync_trans()
radeon: insert 10ms sleep in dce5_crtc_load_lut
* trigger_next should increase position index
kernel/trace/trace_events_trigger.c
ftrace: fpid_next() should increase position index
drm/nouveau/disp/nv50-: prevent oops when no channel method map provided
* irqchip/gic-v3: Only provision redistributors that are enabled in ACPI
drivers/irqchip/irq-gic-v3.c
cifs: fix NULL dereference in match_prepath
iwlegacy: ensure loop counter addr does not wrap and cause an infinite loop
hostap: Adjust indentation in prism2_hostapd_add_sta
ARM: 8951/1: Fix Kexec compilation issue.
* jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record
fs/jbd2/commit.c
powerpc/sriov: Remove VF eeh_dev state when disabling SR-IOV
ALSA: hda - Add docking station support for Lenovo Thinkpad T420s
* driver core: platform: fix u32 greater or equal to zero comparison
drivers/base/platform.c
s390/ftrace: generate traced function stack frame
x86/decoder: Add TEST opcode to Group3-2
remoteproc: Initialize rproc_class before use
ide: serverworks: potential overflow in svwks_set_pio_mode()
cmd64x: potential buffer overflow in cmd64x_program_timings()
pwm: omap-dmtimer: Remove PWM chip in .remove before making it unfunctional
* arm64: fix alternatives with LLVM's integrated assembler
arch/arm64/include/asm/alternative.h
scsi: iscsi: Don't destroy session if there are outstanding connections
iommu/arm-smmu-v3: Use WRITE_ONCE() when changing validity of an STE
usb: musb: omap2430: Get rid of musb .set_vbus for omap2430 glue
drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add
drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler
drm/nouveau/gr/gk20a,gm200-: add terminators to method lists read from fw
vme: bridges: reduce stack usage
* driver core: Print device when resources present in really_probe()
drivers/base/dd.c
* driver core: platform: Prevent resouce overflow from causing infinite loops
drivers/base/platform.c
tty: synclink_gt: Adjust indentation in several functions
tty: synclinkmp: Adjust indentation in several functions
* ASoC: atmel: fix build error with CONFIG_SND_ATMEL_SOC_DMA=m
sound/soc/atmel/Kconfig
wan: ixp4xx_hss: fix compile-testing on 64-bit
Input: edt-ft5x06 - work around first register access error
* rcu: Use WRITE_ONCE() for assignments to ->pprev for hlist_nulls
include/linux/list_nulls.h
include/linux/rculist_nulls.h
soc/tegra: fuse: Correct straps' address for older Tegra124 device trees
udf: Fix free space reporting for metadata and virtual partitions
usbip: Fix unsafe unaligned pointer usage
tools lib api fs: Fix gcc9 stringop-truncation compilation error
ALSA: sh: Fix compile warning wrt const
RDMA/rxe: Fix error type of mmap_offset
pinctrl: sh-pfc: sh7269: Fix CAN function GPIOs
* PM / devfreq: rk3399_dmc: Add COMPILE_TEST and HAVE_ARM_SMCCC dependency
drivers/devfreq/Kconfig
drivers/devfreq/event/Kconfig
x86/vdso: Provide missing include file
ARM: dts: r8a7779: Add device node for ARM global timer
drm/mediatek: handle events when enabling/disabling crtc
scsi: aic7xxx: Adjust indentation in ahc_find_syncrate
ACPICA: Disassembler: create buffer fields in ACPI_PARSE_LOAD_PASS1
orinoco: avoid assertion in case of NULL pointer
rtlwifi: rtl_pci: Fix -Wcast-function-type
iwlegacy: Fix -Wcast-function-type
ipw2x00: Fix -Wcast-function-type
b43legacy: Fix -Wcast-function-type
ALSA: usx2y: Adjust indentation in snd_usX2Y_hwdep_dsp_status
reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling
* media: v4l2-device.h: Explicitly compare grp{id,mask} to zero in v4l2_device macros
include/media/v4l2-device.h
NFC: port100: Convert cpu_to_le16(le16_to_cpu(E1) + E2) to use le16_add_cpu().
PCI/IOV: Fix memory leak in pci_iov_add_virtfn()
net/wan/fsl_ucc_hdlc: reject muram offsets above 64K
regulator: rk808: Lower log level on optional GPIOs being not available
drm/amdgpu: remove 4 set but not used variable in amdgpu_atombios_get_connector_info_from_object_table
* clk: qcom: rcg2: Don't crash if our parent can't be found; return an error
drivers/clk/qcom/clk-rcg2.c
* kconfig: fix broken dependency in randconfig-generated .config
scripts/kconfig/confdata.c
* ext4, jbd2: ensure panic when aborting with zero errno
fs/jbd2/checkpoint.c
fs/jbd2/journal.c
* tracing: Fix very unlikely race of registering two stat tracers
kernel/trace/trace_stat.c
* tracing: Fix tracing_stat return values in error handling paths
kernel/trace/trace_stat.c
x86/sysfb: Fix check for bad VRAM size
* jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal
fs/jbd2/journal.c
usb: gadget: udc: fix possible sleep-in-atomic-context bugs in gr_probe()
uio: fix a sleep-in-atomic-context bug in uio_dmem_genirq_irqcontrol()
sparc: Add .exit.data section.
MIPS: Loongson: Fix potential NULL dereference in loongson3_platform_init()
efi/x86: Map the entire EFI vendor string before copying it
pinctrl: baytrail: Do not clear IRQ flags on direct-irq enabled pins
media: sti: bdisp: fix a possible sleep-in-atomic-context bug in bdisp_device_run()
gpio: gpio-grgpio: fix possible sleep-in-atomic-context bugs in grgpio_irq_map/unmap()
powerpc/powernv/iov: Ensure the pdn for VFs always contains a valid PE number
media: i2c: mt9v032: fix enum mbus codes and frame sizes
pxa168fb: Fix the function used to release some memory in an error handling path
pinctrl: sh-pfc: sh7264: Fix CAN function GPIOs
gianfar: Fix TX timestamping with a stacked DSA driver
brcmfmac: Fix use after free in brcmf_sdio_readframes()
* cpu/hotplug, stop_machine: Fix stop_machine vs hotplug order
kernel/cpu.c
drm/gma500: Fixup fbdev stolen size usage evaluation
Revert "KVM: VMX: Add non-canonical check on writes to RTIT address MSRs"
scsi: qla2xxx: fix a potential NULL pointer dereference
btrfs: print message when tree-log replay starts
* jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer
fs/jbd2/commit.c
* jbd2: move the clearing of b_modified flag to the journal_unmap_buffer()
fs/jbd2/commit.c
fs/jbd2/transaction.c
hwmon: (pmbus/ltc2978) Fix PMBus polling of MFR_COMMON definitions.
perf/x86/intel: Fix inaccurate period in context switch for auto-reload
s390/time: Fix clk type in get_tod_clock
padata: Remove broken queue flushing
perf/x86/amd: Add missing L2 misses event spec to AMD Family 17h's event map
btrfs: log message when rw remount is attempted with unclean tree-log
Btrfs: fix race between using extent maps and merging them
* ext4: improve explanation of a mount failure caused by a misconfigured kernel
fs/ext4/super.c
* ext4: fix checksum errors with indexed dirs
fs/ext4/dir.c
fs/ext4/ext4.h
fs/ext4/inode.c
fs/ext4/namei.c
* ext4: don't assume that mmp_nodename/bdevname have NUL
fs/ext4/mmp.c
* ALSA: usb-audio: Apply sample rate quirk for Audioengine D1
sound/usb/quirks.c
* ecryptfs: fix a memory leak bug in ecryptfs_init_messaging()
fs/ecryptfs/messaging.c
* ecryptfs: fix a memory leak bug in parse_tag_1_packet()
fs/ecryptfs/keystore.c
ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs
KVM: x86: emulate RDPID
x86/vdso: Use RDPID in preference to LSL when available
Merge 4.9.214 into android-4.9-q
Linux 4.9.214
libertas: make lbs_ibss_join_existing() return error code on rates overflow
libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held
mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()
mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()
* dm: fix potential for q->make_request_fn NULL pointer
drivers/md/dm.c
scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state
pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B
powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW
tools/power/acpi: fix compilation error
ARM: dts: at91: sama5d3: define clock rate range for tcb1
ARM: dts: at91: sama5d3: fix maximum peripheral clock rates
ARC: [plat-axs10x]: Add missing multicast filter number to GMAC node
rtc: cmos: Stop using shared IRQ
rtc: hym8563: Return -EINVAL if the time is known to be invalid
NFSv4: try lease recovery on NFS4ERR_EXPIRED
* nfs: NFS_SWAP should depend on SWAP
fs/nfs/Kconfig
* PCI: Don't disable bridge BARs when assigning bus resources
drivers/pci/setup-bus.c
* scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails
drivers/scsi/ufs/ufshcd.c
RDMA/netlink: Do not always generate an ACK for some netlink operations
* ASoC: pcm: update FE/BE trigger order based on the command
sound/soc/soc-pcm.c
rxrpc: Fix service call disconnection
* perf/core: Fix mlock accounting in perf_mmap()
kernel/events/core.c
* clocksource: Prevent double add_timer_on() for watchdog_timer
kernel/time/clocksource.c
cifs: fail i/o on soft mounts if sessionsetup errors out
KVM: nVMX: vmread should not set rflags to specify success in case of #PF
KVM: VMX: Add non-canonical check on writes to RTIT address MSRs
KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM
btrfs: flush write bio if we loop in extent_write_cache_pages
KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks
drm: atmel-hlcdc: enable clock before configuring timing engine
Btrfs: fix race between adding and putting tree mod seq elements and nodes
btrfs: remove trivial locking wrappers of tree mod log
btrfs: use bool argument in free_root_pointers()
Btrfs: fix assertion failure on fsync with NO_HOLES enabled
* ext4: fix deadlock allocating crypto bounce page from mempool
fs/ext4/page-io.c
NFS: Directory page cache pages need to be locked when read
NFS: Fix bool initialization/comparison
NFS: Fix memory leaks and corruption in readdir
NFS: switch back to to ->iterate()
* bonding/alb: properly access headers in bond_alb_xmit()
drivers/net/bonding/bond_alb.c
net: systemport: Avoid RBUF stuck in Wake-on-LAN mode
mfd: rn5t618: Mark ADC control register volatile
mfd: da9062: Fix watchdog compatible string
ubi: Fix an error pointer dereference in error handling code
ubi: fastmap: Fix inverted logic in seen selfcheck
nfsd: fix jiffies/time_t mixup in LRU list
nfsd: fix delay timer on 32-bit architectures
IB/mlx5: Fix outstanding_pi index for GSI qps
net: tulip: Adjust indentation in {dmfe, uli526x}_init_module
net: smc911x: Adjust indentation in smc911x_phy_configure
* ppp: Adjust indentation into ppp_async_input
drivers/net/ppp/ppp_async.c
NFC: pn544: Adjust indentation in pn544_hci_check_presence
powerpc/44x: Adjust indentation in ibm4xx_denali_fixup_memsize
ext2: Adjust indentation in ext2_fill_super
scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free
scsi: csiostor: Adjust indentation in csio_device_reset
scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type
clk: tegra: Mark fuse clock as critical
KVM: x86: Free wbinvd_dirty_mask if vCPU creation fails
KVM: PPC: Book3S PR: Free shared page if mmu initialization fails
KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails
KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks
KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c
KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks
KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks
KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks
KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks
KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks
KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks
sunrpc: expiry_time should be seconds not timeval
mwifiex: fix unbalanced locking in mwifiex_process_country_ie()
ARM: tegra: Enable PLLP bypass during Tegra124 LP1
btrfs: set trans->drity in btrfs_commit_transaction
crypto: picoxcell - adjust the position of tasklet_init and fix missed tasklet_kill
* crypto: api - Fix race condition in crypto_spawn_alg
crypto/algapi.c
crypto/api.c
crypto/internal.h
crypto: atmel-aes - Fix counter overflow in CTR mode
crypto: pcrypt - Do not clear MAY_SLEEP flag in original request
dm space map common: fix to ensure new block isn't already in use
* of: Add OF_DMA_DEFAULT_COHERENT & select it on powerpc
drivers/of/Kconfig
drivers/of/address.c
power: supply: ltc2941-battery-gauge: fix use-after-free
scsi: qla2xxx: Fix mtcp dump collection failure
* crypto: api - Check spawn->alg under lock in crypto_drop_spawn
crypto/algapi.c
ubifs: Fix deadlock in concurrent bulk-read and writepage
ubifs: Change gfp flags in page allocation for bulk read
PCI: keystone: Fix link training retries initiation
mmc: spi: Toggle SPI polarity, do not hardcode it
powerpc/pseries: Advance pfn if section is not present in lmb_is_removable()
lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more()
media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments
media/v4l2-core: set pages dirty upon releasing DMA buffers
ALSA: dummy: Fix PCM format loop in proc output
usb: gadget: f_ecm: Use atomic_t to track in-flight request
usb: gadget: f_ncm: Use atomic_t to track in-flight request
usb: gadget: legacy: set max_speed to super-speed
brcmfmac: Fix memory leak in brcmf_usbdev_qinit
mfd: dln2: More sanity checking for endpoints
media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors
* tcp: clear tp->segs_{in|out} in tcp_disconnect()
net/ipv4/tcp.c
* tcp: clear tp->data_segs{in|out} in tcp_disconnect()
net/ipv4/tcp.c
* tcp: clear tp->delivered in tcp_disconnect()
net/ipv4/tcp.c
* tcp: clear tp->total_retrans in tcp_disconnect()
net/ipv4/tcp.c
rxrpc: Fix NULL pointer deref due to call->conn being cleared on disconnect
rxrpc: Fix insufficient receive notification generation
net_sched: fix an OOB access in cls_tcindex
net: hsr: fix possible NULL deref in hsr_handle_frame()
gtp: use __GFP_NOWARN to avoid memalloc warning
cls_rsvp: fix rsvp_policy
ASoC: qcom: Fix of-node refcount unbalance to link->codec_of_node
sparc32: fix struct ipc64_perm type definition
x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR
media: iguanair: fix endpoint sanity check
Merge 4.9.213 into android-4.9-q
Linux 4.9.213
btrfs: do not zero f_bavail if we have available space
* net: Fix skb->csum update in inet_proto_csum_replace16().
net/core/utils.c
l2t_seq_next should increase position index
seq_tab_next() should increase position index
net/sonic: Quiesce SONIC before re-initializing descriptor memory
net/sonic: Fix receive buffer handling
net/sonic: Use MMIO accessors
net/sonic: Add mutual exclusion for accessing shared state
net: fsl/fman: rename IF_MODE_XGMII to IF_MODE_10G
net/fsl: treat fsl,erratum-a011043
powerpc/fsl/dts: add fsl,erratum-a011043
qlcnic: Fix CPU soft lockup while collecting firmware dump
* r8152: get default setting of WOL before initializing
drivers/net/usb/r8152.c
airo: Add missing CAP_NET_ADMIN check in AIROOLDIOCTL/SIOCDEVPRIVATE
airo: Fix possible info leak in AIROOLDIOCTL/SIOCDEVPRIVATE
scsi: fnic: do not queue commands during fwreset
* vti[6]: fix packet tx through bpf_redirect()
net/ipv4/ip_vti.c
net/ipv6/ip6_vti.c
* wireless: wext: avoid gcc -O3 warning
net/wireless/wext-core.c
mac80211: Fix TKIP replay protection immediately after key setup
* wireless: fix enabling channel 12 for custom regulatory domain
net/wireless/reg.c
ixgbe: Fix calculation of queue with VFs and flow director on interface flap
ixgbevf: Remove limit of 10 entries for unicast filter list
clk: mmp2: Fix the order of timer mux parents
mac80211: mesh: restrict airtime metric to peered established plinks
soc: ti: wkup_m3_ipc: Fix race condition with rproc_boot
ARM: dts: beagle-x15-common: Model 5V0 regulator
media: si470x-i2c: Move free() past last use of 'radio'
* usb: dwc3: turn off VBUS when leaving host mode
drivers/usb/dwc3/core.c
* Bluetooth: Fix race condition in hci_release_sock()
net/bluetooth/hci_sock.c
ttyprintk: fix a potential deadlock in interrupt context issue
media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0
media: gspca: zero usb_buf
media: af9005: uninitialized variable printked
media: digitv: don't continue if remote control state can't be read
reiserfs: Fix memory leak of journal device string
mm/mempolicy.c: fix out of bounds write in mpol_parse_str()
* arm64: kbuild: remove compressed images on 'make ARCH=arm64 (dist)clean'
arch/arm64/boot/Makefile
tools lib: Fix builds when glibc contains strlcpy()
iio: gyro: st_gyro: fix L3GD20H support
iio: gyro: st_gyro: inline per-sensor data
crypto: pcrypt - Fix user-after-free on module unload
* vfs: fix do_last() regression
fs/namei.c
crypto: af_alg - Use bh_lock_sock in sk_destruct
* net_sched: ematch: reject invalid TCF_EM_SIMPLE
net/sched/ematch.c
usb-storage: Disable UAS on JMicron SATA enclosure
atm: eni: fix uninitialized variable warning
* gpio: max77620: Add missing dependency on GPIOLIB_IRQCHIP
drivers/gpio/Kconfig
net: wan: sdla: Fix cast from pointer to integer of different size
drivers/net/b44: Change to non-atomic bit operations on pwol_mask
watchdog: rn5t618_wdt: fix module aliases
arc: eznps: fix allmodconfig kconfig warning
zd1211rw: fix storage endpoint lookup
rtl8xxxu: fix interface sanity check
brcmfmac: fix interface sanity check
ath9k: fix storage endpoint lookup
serial: 8250_bcm2835aux: Fix line mismatch on driver unbind
staging: vt6656: Fix false Tx excessive retries reporting.
staging: vt6656: use NULLFUCTION stack on mac80211
staging: vt6656: correct packet types for CTS protect, mode.
staging: wlan-ng: ensure error return is actually returned
staging: most: net: fix buffer overflow
USB: serial: ir-usb: fix IrLAP framing
USB: serial: ir-usb: fix link-speed handling
USB: serial: ir-usb: add missing endpoint sanity check
rsi_91x_usb: fix interface sanity check
orinoco_usb: fix interface sanity check
* ALSA: pcm: Add missing copy ops check before clearing buffer
sound/core/pcm_native.c
UPSTREAM: staging: most: net: fix buffer overflow
* UPSTREAM: ALSA: pcm: Add missing copy ops check before clearing buffer
sound/core/pcm_native.c
Merge 4.9.212 into android-4.9-q
Linux 4.9.212
net/x25: fix nonblocking connect
netfilter: ipset: use bitmap infrastructure completely
* bitmap: Add bitmap_alloc(), bitmap_zalloc() and bitmap_free()
include/linux/bitmap.h
lib/bitmap.c
md: Avoid namespace collision with bitmap API
scsi: iscsi: Avoid potential deadlock in iscsi_if_rx func
bcache: silence static checker warning
libertas: Fix two buffer overflows at parsing bss descriptor
coresight: tmc-etf: Do not call smp_processor_id from preemptible
coresight: etb10: Do not call smp_processor_id from preemptible
* arm64: kpti: Whitelist Cortex-A CPUs that don't implement the CSV3 field
arch/arm64/kernel/cpufeature.c
Documentation: Document arm64 kpti control
* do_last(): fetch directory ->i_mode and ->i_uid before it's too late
fs/namei.c
tracing: xen: Ordered comparison of function pointers
scsi: RDMA/isert: Fix a recently introduced regression related to logout
hwmon: (nct7802) Fix voltage limits to wrong registers
Input: sun4i-ts - add a check for devm_thermal_zone_of_sensor_register
Input: pegasus_notetaker - fix endpoint sanity check
Input: aiptek - fix endpoint sanity check
Input: gtco - fix endpoint sanity check
Input: sur40 - fix interface sanity checks
* mmc: sdhci: fix minimum clock rate for v3 controller
drivers/mmc/host/sdhci.c
mmc: tegra: fix SDR50 tuning override
ARM: 8950/1: ftrace/recordmcount: filter relocation types
Input: keyspan-remote - fix control-message timeouts
* hwmon: (core) Do not use device managed functions for memory allocations
drivers/hwmon/hwmon.c
* hwmon: (core) Fix double-free in __hwmon_device_register()
drivers/hwmon/hwmon.c
* hwmon: Deal with errors from the thermal subsystem
drivers/hwmon/hwmon.c
* hwmon: (core) Simplify sysfs attribute name allocation
drivers/hwmon/hwmon.c
hwmon: (adt7475) Make volt2reg return same reg as reg2volt input
gtp: make sure only SOCK_DGRAM UDP sockets are accepted
net: usb: lan78xx: Add .ndo_features_check
tcp_bbr: improve arithmetic division in bbr_update_bw()
* net_sched: fix datalen for ematch
net/sched/ematch.c
* net, ip_tunnel: fix namespaces move
net/ipv4/ip_tunnel.c
* net, ip6_tunnel: fix namespaces move
net/ipv6/ip6_tunnel.c
net: cxgb3_main: Add CAP_NET_ADMIN check to CHELSIO_GET_MEM
firestream: fix memory leaks
can, slip: Protect tty->disc_data in write_wakeup and close with RCU
* net: phy: Keep reporting transceiver type
drivers/net/phy/phy.c
* net: ethtool: Add back transceiver type
include/uapi/linux/ethtool.h
net/core/ethtool.c
m68k: Call timer_interrupt() with interrupts disabled
IB/iser: Fix dma_nents type definition
arm64: dts: juno: Fix UART frequency
drm/radeon: fix bad DMA from INTERRUPT_CNTL2
dmaengine: ti: edma: fix missed failure handling
* packet: fix data-race in fanout_flow_is_huge()
net/packet/af_packet.c
* net: neigh: use long type to store jiffies delta
net/core/neighbour.c
MIPS: Loongson: Fix return value of loongson_hwmon_init
media: ov6650: Fix .get_fmt() V4L2_SUBDEV_FORMAT_TRY support
media: ov6650: Fix some format attributes not under control
media: ov6650: Fix incorrect use of JPEG colorspace
afs: Fix large file support
net: qca_spi: Move reset_count to struct qcaspi
* net: netem: correct the parent's backlog when corrupted packet was dropped
net/sched/sch_netem.c
* net: netem: fix error path for corrupted GSO frames
net/sched/sch_netem.c
dmaengine: imx-sdma: fix size check for sdma script_number
drm/msm/dsi: Implement reset correctly
* act_mirred: Fix mirred_init_module error handling
net/sched/act_mirred.c
net: stmmac: fix length of PTP clock's name string
llc: fix sk_buff refcounting in llc_conn_state_process()
llc: fix another potential sk_buff leak in llc_ui_sendmsg()
mac80211: accept deauth frames in IBSS mode
net: stmmac: gmac4+: Not all Unicast addresses may be available
nvme: retain split access workaround for capability reads
net: ethernet: stmmac: Fix signedness bug in ipq806x_gmac_of_parse()
* of: mdio: Fix a signedness bug in of_phy_get_and_connect()
drivers/of/of_mdio.c
net: stmmac: dwmac-meson8b: Fix signedness bug in probe
net: broadcom/bcmsysport: Fix signedness in bcm_sysport_probe()
net: hisilicon: Fix signedness bug in hix5hd2_dev_probe()
iommu/amd: Wait for completion of IOTLB flush in attach_device
net/rds: Fix 'ib_evt_handler_call' element in 'rds_ib_stat_names'
net: sonic: replace dev_kfree_skb in sonic_send_packet
hwmon: (shtc1) fix shtc1 and shtw1 id mask
Btrfs: fix hang when loading existing inode cache off disk
net: sonic: return NETDEV_TX_OK if failed to map buffer
ath9k: dynack: fix possible deadlock in ath_dynack_node_{de}init
iio: dac: ad5380: fix incorrect assignment to val
bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA
staging: greybus: light: fix a couple double frees
x86, perf: Fix the dependency of the x86 insn decoder selftest
* power: supply: Init device wakeup after device_add()
drivers/power/supply/power_supply_core.c
hwmon: (lm75) Fix write operations for negative temperatures
* Partially revert "kfifo: fix kfifo_alloc() and kfifo_init()"
lib/kfifo.c
ahci: Do not export local variable ahci_em_messages
mips: avoid explicit UB in assignment of mips_io_port_base
mac80211: minstrel_ht: fix per-group max throughput rate initialization
dmaengine: dw: platform: Switch to acpi_dma_controller_register()
ASoC: sun4i-i2s: RX and TX counter registers are swapped
* signal: Allow cifs and drbd to receive their terminating signals
include/linux/signal.h
kernel/signal.c
ASoC: wm8737: Fix copy-paste error in wm8737_snd_controls
ASoC: cs4349: Use PM ops 'cs4349_runtime_pm'
ASoC: es8328: Fix copy-paste error in es8328_right_line_controls
* ext4: set error return correctly when ext4_htree_store_dirent fails
fs/ext4/inline.c
crypto: caam - free resources in case caam_rng registration failed
cifs: fix rmmod regression in cifs.ko caused by force_sig changes
net/mlx5: Fix mlx5_ifc_query_lag_out_bits
ALSA: aoa: onyx: always initialize register read value
x86/kgbd: Use NMI_VECTOR not APIC_DM_NMI
mic: avoid statically declaring a 'struct device'.
* usb: host: xhci-hub: fix extra endianness conversion
drivers/usb/host/xhci-hub.c
qed: reduce maximum stack frame size
libertas_tf: Use correct channel range in lbtf_geo_init
scsi: libfc: fix null pointer dereference on a null lport
net: pasemi: fix an use-after-free in pasemi_mac_phy_init()
RDMA/hns: Fixs hw access invalid dma memory error
* devres: allow const resource arguments
include/linux/device.h
lib/devres.c
rxrpc: Fix uninitialized error code in rxrpc_send_data_packet()
mfd: intel-lpss: Release IDA resources
iommu/amd: Make iommu_disable safer
clk: qcom: Fix -Wunused-const-variable
dmaengine: hsu: Revert "set HSU_CH_MTSR to memory width"
* perf/ioctl: Add check for the sample_period value
kernel/events/core.c
drm/msm/a3xx: remove TPL1 regs from snapshot
rtc: pcf8563: Clear event flags and disable interrupts before requesting irq
ASoC: ti: davinci-mcasp: Fix slot mask settings when using multiple AXRs
net/af_iucv: always register net_device notifier
* net: netem: fix backlog accounting for corrupted GSO frames
net/sched/sch_netem.c
drm/msm/mdp5: Fix mdp5_cfg_init error return
powerpc/cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild
media: vivid: fix incorrect assignment operation when setting video mode
* inet: frags: call inet_frags_fini() after unregister_pernet_subsys()
net/ipv6/reassembly.c
signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of force_sig
* iommu: Use right function to get group for device
drivers/iommu/iommu.c
misc: sgi-xp: Properly initialize buf in xpc_get_rsvd_page_pa
serial: stm32: fix transmit_chars when tx is stopped
crypto: ccp - fix AES CFB error exposed by new test vectors
spi: spi-fsl-spi: call spi_finalize_current_message() at the end
dmaengine: tegra210-adma: Fix crash during probe
* thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power
drivers/thermal/cpu_cooling.c
backlight: lm3630a: Return 0 on success in update_status functions
* kdb: do a sanity check on the cpu in kdb_per_cpu()
kernel/debug/kdb/kdb_main.c
ARM: riscpc: fix lack of keyboard interrupts after irq conversion
pwm: meson: Don't disable PWM when setting duty repeatedly
* netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule
net/bridge/netfilter/ebtables.c
platform/x86: alienware-wmi: printing the wrong error code
media: davinci/vpbe: array underflow in vpbe_enum_outputs()
media: omap_vout: potential buffer overflow in vidioc_dqbuf()
* l2tp: Fix possible NULL pointer dereference
net/l2tp/l2tp_core.c
dmaengine: tegra210-adma: restore channel status
net: ena: fix ena_com_fill_hash_function() implementation
net: ena: fix incorrect test of supported hash function
net: ena: fix: Free napi resources when ena_up() fails
net: ena: fix swapped parameters when calling ena_com_indirect_table_fill_entry
iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU
IB/mlx5: Add missing XRC options to QP optional params mask
* usb: gadget: fsl: fix link error against usb-gadget module
drivers/usb/phy/Kconfig
* ASoC: fix valid stream condition
sound/soc/soc-pcm.c
* packet: in recvmsg msg_name return at least sizeof sockaddr_ll
net/packet/af_packet.c
* ALSA: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk()
sound/usb/mixer.c
dmaengine: axi-dmac: Don't check the number of frames for alignment
6lowpan: Off by one handling ->nexthdr
media: ov2659: fix unbalanced mutex_lock/unlock
ARM: dts: ls1021: Fix SGMII PCS link remaining down after PHY disconnect
powerpc: vdso: Make vdso32 installation conditional in vdso_install
tipc: set sysctl_tipc_rmem and named_timeout right range
hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses
ARM: pxa: ssp: Fix "WARNING: invalid free of devm_ allocated data"
scsi: qla2xxx: Unregister chrdev if module initialization fails
ehea: Fix a copy-paste err in ehea_init_port_res
spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios
soc/fsl/qe: Fix an error code in qe_pin_request()
spi: tegra114: fix for unpacked mode transfers
spi: tegra114: clear packed bit for unpacked mode
media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame
media: davinci-isif: avoid uninitialized variable use
ARM: OMAP2+: Fix potentially uninitialized return value for _setup_reset()
m68k: mac: Fix VIA timer counter accesses
tipc: tipc clang warning
jfs: fix bogus variable self-initialization
regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB
media: cx23885: check allocation return
media: wl128x: Fix an error code in fm_download_firmware()
media: cx18: update *pos correctly in cx18_read_pos()
media: ivtv: update *pos correctly in ivtv_read_pos()
net: sh_eth: fix a missing check of of_get_phy_mode
xen, cpu_hotplug: Prevent an out of bounds access
drivers/rapidio/rio_cm.c: fix potential oops in riocm_ch_listen()
scsi: megaraid_sas: reduce module load time
nios2: ksyms: Add missing symbol exports
regulator: wm831x-dcdc: Fix list of wm831x_dcdc_ilim from mA to uA
ARM: 8848/1: virt: Align GIC version check with arm64 counterpart
ARM: 8847/1: pm: fix HYP/SVC mode mismatch when MCPM is used
mmc: sdhci-brcmstb: handle mmc_of_parse() errors during probe
clocksource/drivers/exynos_mct: Fix error path in timer resources initialization
clocksource/drivers/sun5i: Fail gracefully when clock rate is unavailable
NFS: Fix a soft lockup in the delegation recovery code
fs/nfs: Fix nfs_parse_devname to not modify it's argument
ASoC: qcom: Fix of-node refcount unbalance in apq8016_sbc_parse_of()
drm/nouveau/pmu: don't print reply values if exec is false
drm/nouveau/bios/ramcfg: fix missing parentheses when calculating RON
net: dsa: qca8k: Enable delay for RGMII_ID mode
regulator: pv88090: Fix array out-of-bounds access
regulator: pv88080: Fix array out-of-bounds access
regulator: pv88060: Fix array out-of-bounds access
cdc-wdm: pass return value of recover_from_urb_loss
dmaengine: mv_xor: Use correct device for DMA API
vfio_pci: Enable memory accesses before calling pci_map_rom
* keys: Timestamp new keys
security/keys/key.c
* block: don't use bio->bi_vcnt to figure out segment number
block/blk-merge.c
usb: phy: twl6030-usb: fix possible use-after-free on remove
pinctrl: sh-pfc: sh73a0: Fix fsic_spdif pin groups
pinctrl: sh-pfc: r8a7792: Fix vin1_data18_b pin group
pinctrl: sh-pfc: r8a7791: Fix scifb2_data_c pin group
pinctrl: sh-pfc: emev2: Add missing pinmux functions
iw_cxgb4: use tos when finding ipv6 routes
iw_cxgb4: use tos when importing the endpoint
fbdev: chipsfb: remove set but not used variable 'size'
rtc: pm8xxx: fix unintended sign extension
rtc: 88pm80x: fix unintended sign extension
rtc: 88pm860x: fix unintended sign extension
* net: phy: fixed_phy: Fix fixed_phy not checking GPIO
drivers/net/phy/fixed_phy.c
thermal: mediatek: fix register index error
rtc: ds1672: fix unintended sign extension
staging: most: cdev: add missing check for cdev_add failure
iwlwifi: mvm: fix RSS config command
ARM: dts: lpc32xx: phy3250: fix SD card regulator voltage
ARM: dts: lpc32xx: fix ARM PrimeCell LCD controller clocks property
ARM: dts: lpc32xx: fix ARM PrimeCell LCD controller variant
ARM: dts: lpc32xx: reparent keypad controller to SIC1
ARM: dts: lpc32xx: add required clocks property to keypad device node
crypto: crypto4xx - Fix wrong ppc4xx_trng_probe()/ppc4xx_trng_remove() arguments
tty: ipwireless: Fix potential NULL pointer dereference
iwlwifi: mvm: fix A-MPDU reference assignment
clk: sunxi-ng: sun8i-a23: Enable PLL-MIPI LDOs when ungating it
rtc: cmos: ignore bogus century byte
IB/iser: Pass the correct number of entries for dma mapped SGL
ASoC: imx-sgtl5000: put of nodes if finding codec fails
crypto: tgr192 - fix unaligned memory access
media: s5p-jpeg: Correct step and max values for V4L2_CID_JPEG_RESTART_INTERVAL
drm/etnaviv: NULL vs IS_ERR() buf in etnaviv_core_dump()
arm64: dts: apq8016-sbc: Increase load on l11 for SDCARD
RDMA/qedr: Fix out of bounds index check in query pkey
RDMA/ocrdma: Fix out of bounds index check in query pkey
IB/usnic: Fix out of bounds index check in query pkey
clk: dove: fix refcount leak in dove_clk_init()
clk: armada-xp: fix refcount leak in axp_clk_init()
clk: kirkwood: fix refcount leak in kirkwood_clk_init()
clk: armada-370: fix refcount leak in a370_clk_init()
clk: vf610: fix refcount leak in vf610_clocks_init()
clk: imx7d: fix refcount leak in imx7d_clocks_init()
clk: imx6sx: fix refcount leak in imx6sx_clocks_init()
clk: imx6q: fix refcount leak in imx6q_clocks_init()
clk: samsung: exynos4: fix refcount leak in exynos4_get_xom()
clk: socfpga: fix refcount leak
clk: qoriq: fix refcount leak in clockgen_init()
clk: highbank: fix refcount leak in hb_clk_init()
Input: nomadik-ske-keypad - fix a loop timeout test
pinctrl: sh-pfc: sh7734: Remove bogus IPSR10 value
pinctrl: sh-pfc: sh7269: Add missing PCIOR0 field
pinctrl: sh-pfc: sh7734: Add missing IPSR11 field
pinctrl: sh-pfc: r8a7794: Remove bogus IPSR9 field
pinctrl: sh-pfc: sh73a0: Add missing TO pin to tpu4_to3 group
pinctrl: sh-pfc: r8a7791: Remove bogus marks from vin1_b_data18 group
pinctrl: sh-pfc: r8a7791: Remove bogus ctrl marks from qspi_data4_b group
pinctrl: sh-pfc: r8a7740: Add missing LCD0 marks to lcd0_data24_1 group
pinctrl: sh-pfc: r8a7740: Add missing REF125CK pin to gether_gmii group
* net: phy: Fix not to call phy_resume() if PHY is not attached
drivers/net/phy/phy_device.c
* drm/dp_mst: Skip validating ports during destruction, just ref
drivers/gpu/drm/drm_dp_mst_topology.c
exportfs: fix 'passing zero to ERR_PTR()' warning
pcrypt: use format specifier in kobject_add
mlxsw: reg: QEEC: Add minimum shaper fields
pwm: lpss: Release runtime-pm reference from the driver's remove callback
staging: comedi: ni_mio_common: protect register write overflow
* ALSA: usb-audio: update quirk for B&W PX to remove microphone
sound/usb/quirks-table.h
IB/rxe: replace kvfree with vfree
ALSA: hda: fix unused variable warning
drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset()
drm/sti: do not remove the drm_bridge that was never added
mt7601u: fix bbp version check in mt7601u_wait_bbp_ready
powerpc/archrandom: fix arch_get_random_seed_int()
xfs: Sanity check flags of Q_XQUOTARM call
* UPSTREAM: mm/page_io.c: annotate refault stalls from swap_readpage
mm/page_io.c
* ANDROID: selinux: modify RTM_GETLINK permission
security/selinux/include/classmap.h
security/selinux/include/security.h
security/selinux/nlmsgtab.c
security/selinux/ss/policydb.c
security/selinux/ss/policydb.h
security/selinux/ss/services.c
Merge 4.9.211 into android-4.9-q
Linux 4.9.211
regulator: ab8500: Remove SYSCLKREQ from enum ab8505_regulator_id
perf probe: Fix wrong address verification
* scsi: core: scsi_trace: Use get_unaligned_be*()
drivers/scsi/scsi_trace.c
scsi: target: core: Fix a pr_debug() argument
scsi: bnx2i: fix potential use after free
scsi: qla4xxx: fix double free bug
scsi: esas2r: unlock on error in esas2r_nvram_read_direct()
reiserfs: fix handling of -EOPNOTSUPP in reiserfs_for_each_xattr
* cfg80211: check for set_wiphy_params
net/wireless/rdev-ops.h
cw1200: Fix a signedness bug in cw1200_load_firmware()
xen/blkfront: Adjust indentation in xlvbd_alloc_gendisk
net: usb: lan78xx: limit size of local TSO packets
* tcp: fix marked lost packets not being retransmitted
net/ipv4/tcp_input.c
* r8152: add missing endpoint sanity check
drivers/net/usb/r8152.c
net/wan/fsl_ucc_hdlc: fix out of bounds write on array utdm_info
net: dsa: tag_qca: fix doubled Tx statistics
macvlan: use skb_reset_mac_header() in macvlan_queue_xmit()
batman-adv: Fix DAT candidate selection on little endian systems
* netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct
net/ipv4/netfilter/arp_tables.c
netfilter: fix a use-after-free in mtype_destroy()
* cfg80211: fix page refcount issue in A-MSDU decap
net/wireless/util.c
arm64: dts: agilex/stratix10: fix pmu interrupt numbers
scsi: fnic: fix invalid stack access
scsi: fnic: use kernel's '%pM' format option to print MAC
USB: serial: keyspan: handle unbound ports
USB: serial: io_edgeport: handle unbound ports on URB completion
USB: serial: io_edgeport: use irqsave() in USB's complete callback
net: stmmac: Enable 16KB buffer size
net: stmmac: 16KB buffer must be 16 byte aligned
* mm/page-writeback.c: avoid potential division by zero in wb_min_max_ratio()
mm/page-writeback.c
perf report: Fix incorrectly added dimensions as switch perf data file
perf hists: Fix variable name's inconsistency in hists__for_each() macro
x86/efistub: Disable paging at mixed mode entry
* usb: core: hub: Improved device recognition on remote wakeup
drivers/usb/core/hub.c
scsi: mptfusion: Fix double fetch bug in ioctl
USB: serial: quatech2: handle unbound ports
USB: serial: io_edgeport: add missing active-port sanity check
USB: serial: ch341: handle unbound port at reset_resume
USB: serial: suppress driver bind attributes
USB: serial: opticon: fix control-message timeouts
USB: serial: simple: Add Motorola Solutions TETRA MTP3xxx and MTP85xx
iio: buffer: align the size of scan bytes to size of the largest element
* block: fix an integer overflow in logical block size
block/blk-settings.c
include/linux/blkdev.h
* Fix built-in early-load Intel microcode alignment
firmware/Makefile
ALSA: seq: Fix racy access for queue timer in proc read
* clk: Don't try to enable critical clocks if prepare failed
drivers/clk/clk.c
dt-bindings: reset: meson8b: fix duplicate reset IDs
ocfs2: call journal flush to mark journal as empty after journal recovery when mount
hexagon: work around compiler crash
hexagon: parenthesize registers in asm predicates
ioat: ioat_alloc_ring() failure handling.
MIPS: Prevent link failure with kcov instrumentation
rseq/selftests: Turn off timeout setting
scsi: libcxgbi: fix NULL pointer dereference in cxgbi_device_destroy()
gpio: mpc8xxx: Add platform device to gpiochip->parent
rtc: msm6242: Fix reading of 10-hour digit
* f2fs: fix potential overflow
fs/f2fs/data.c
fs/f2fs/file.c
rtlwifi: Remove unnecessary NULL check in rtl_regd_init
spi: atmel: fix handling of cs_change set on non-last xfer
mtd: spi-nor: fix silent truncation in spi_nor_read()
media: exynos4-is: Fix recursive locking in isp_video_release()
tty: serial: pch_uart: correct usage of dma_unmap_sg
tty: serial: imx: use the sg count from dma_map_sg
powerpc/powernv: Disable native PCIe port management
PCI/PTM: Remove spurious "d" from granularity message
* compat_ioctl: handle SIOCOUTQNSD
net/socket.c
clk: samsung: exynos5420: Preserve CPU clocks configuration during suspend/resume
mei: fix modalias documentation
iio: imu: adis16480: assign bias value only if operation succeeded
platform/x86: asus-wmi: Fix keyboard brightness cannot be set to 0
* scsi: sd: Clear sdkp->protection_type if disk is reformatted without PI
drivers/scsi/sd.c
scsi: enclosure: Fix stale device oops with hot replug
RDMA/srpt: Report the SCSI residual to the initiator
cifs: Adjust indentation in smb2_open_file
hsr: reset network header when supervision frame is created
* gpio: Fix error message on out-of-range GPIO in lookup table
drivers/gpio/gpiolib.c
* iommu: Remove device link to group on failure
drivers/iommu/iommu.c
rtc: mt6397: fix alarm register overwrite
dccp: Fix memleak in __feat_register_sp
* ext4: add more paranoia checking in ext4_expand_extra_isize handling
fs/ext4/inode.c
fs/ext4/super.c
* ext4: fix use-after-free race with debug_want_extra_isize
fs/ext4/super.c
wimax: i2400: Fix memory leak in i2400m_op_rfkill_sw_toggle
wimax: i2400: fix memory leak
media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap
mac80211: Do not send Layer 2 Update frame before authorization
* cfg80211/mac80211: make ieee80211_send_layer2_update a public function
include/net/cfg80211.h
net/wireless/util.c
* arm64: Make sure permission updates happen for pmd/pud
arch/arm64/mm/mmu.c
* arm64: Enforce BBM for huge IO/VMAP mappings
arch/arm64/mm/mmu.c
* arm64: mm: Change page table pointer name in p[md]_set_huge()
arch/arm64/mm/mmu.c
* arm64: don't open code page table entry creation
arch/arm64/include/asm/pgtable.h
arch/arm64/mm/mmu.c
* arm64: mm: BUG on unsupported manipulations of live kernel mappings
arch/arm64/mm/mmu.c
rsi: add fix for crash during assertions
* fs/select: avoid clang stack usage warning
include/linux/poll.h
* ethtool: reduce stack usage with clang
net/core/ethtool.c
* HID: hidraw, uhid: Always report EPOLLOUT
drivers/hid/uhid.c
HID: hidraw: Fix returning EPOLLOUT from hidraw_poll
hidraw: Return EPOLLOUT from hidraw_poll
Change-Id: I65d36338fa1ba89ad6ec2ff878fb4c89ff79b0be
Signed-off-by: lucaswei <lucaswei@google.com>
|
||
|
Joerg Roedel
|
8c59bdceff |
x86/mm: split vmalloc_sync_all()
commit 763802b53a427ed3cbd419dbba255c414fdd9e7c upstream.
Commit 3f8fd02b1bf1 ("mm/vmalloc: Sync unmappings in
__purge_vmap_area_lazy()") introduced a call to vmalloc_sync_all() in
the vunmap() code-path. While this change was necessary to maintain
correctness on x86-32-pae kernels, it also adds additional cycles for
architectures that don't need it.
Specifically on x86-64 with CONFIG_VMAP_STACK=y some people reported
severe performance regressions in micro-benchmarks because it now also
calls the x86-64 implementation of vmalloc_sync_all() on vunmap(). But
the vmalloc_sync_all() implementation on x86-64 is only needed for newly
created mappings.
To avoid the unnecessary work on x86-64 and to gain the performance
back, split up vmalloc_sync_all() into two functions:
* vmalloc_sync_mappings(), and
* vmalloc_sync_unmappings()
Most call-sites to vmalloc_sync_all() only care about new mappings being
synchronized. The only exception is the new call-site added in the
above mentioned commit.
Shile Zhang directed us to a report of an 80% regression in reaim
throughput.
Fixes: 3f8fd02b1bf1 ("mm/vmalloc: Sync unmappings in __purge_vmap_area_lazy()")
Reported-by: kernel test robot <oliver.sang@intel.com>
Reported-by: Shile Zhang <shile.zhang@linux.alibaba.com>
Signed-off-by: Joerg Roedel <jroedel@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Tested-by: Borislav Petkov <bp@suse.de>
Acked-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com> [GHES]
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: <stable@vger.kernel.org>
Link: http://lkml.kernel.org/r/20191009124418.8286-1-joro@8bytes.org
Link: https://lists.01.org/hyperkitty/list/lkp@lists.01.org/thread/4D3JPPHBNOSPFK2KEPC6KGKS6J25AIDB/
Link: http://lkml.kernel.org/r/20191113095530.228959-1-shile.zhang@linux.alibaba.com
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Roman Gushchin
|
f146967394 |
FROMLIST: mm: show number of vmalloc pages in /proc/meminfo
Vmalloc() is getting more and more used these days (kernel stacks,
bpf and percpu allocator are new top users), and the total %
of memory consumed by vmalloc() can be pretty significant
and changes dynamically.
/proc/meminfo is the best place to display this information:
its top goal is to show top consumers of the memory.
Since the VmallocUsed field in /proc/meminfo is not in use
for quite a long time (it has been defined to 0 by the
commit
|
||
|
Andrey Ryabinin
|
3af922c0a0 |
mm: add vfree_atomic()
We are going to use sleeping lock for freeing vmap. However some vfree() users want to free memory from atomic (but not from interrupt) context. For this we add vfree_atomic() - deferred variation of vfree() which can be used in any atomic context (except NMIs). [akpm@linux-foundation.org: tweak comment grammar] [aryabinin@virtuozzo.com: use raw_cpu_ptr() instead of this_cpu_ptr()] Link: http://lkml.kernel.org/r/1481553981-3856-1-git-send-email-aryabinin@virtuozzo.com Link: http://lkml.kernel.org/r/1479474236-4139-5-git-send-email-hch@lst.de Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com> Signed-off-by: Christoph Hellwig <hch@lst.de> Cc: Joel Fernandes <joelaf@google.com> Cc: Jisheng Zhang <jszhang@marvell.com> Cc: Chris Wilson <chris@chris-wilson.co.uk> Cc: John Dias <joaodias@google.com> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Ingo Molnar <mingo@elte.hu> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Git-commit: bf22e37a641327e34681b7b6959d9646e3886770 Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git Change-Id: I5f67e939774da6e811f3a5180a6b0f5d31fbe32b Signed-off-by: Vinayak Menon <vinmenon@codeaurora.org> |
||
|
Susheel Khiani
|
8db21e1d69 |
mm: Update is_vmalloc_addr to account for vmalloc savings
is_vmalloc_addr currently assumes that all vmalloc addresses exist between VMALLOC_START and VMALLOC_END. This may not be the case when interleaving vmalloc and lowmem. Update the is_vmalloc_addr to properly check for this. Correspondingly we need to ensure that VMALLOC_TOTAL accounts for all the vmalloc regions when CONFIG_ENABLE_VMALLOC_SAVING is enabled. Change-Id: I5def3d6ae1a4de59ea36f095b8c73649a37b1f36 Signed-off-by: Susheel Khiani <skhiani@codeaurora.org> |
||
|
Susheel Khiani
|
432f166669 |
msm: Allow lowmem to be non contiguous and mixed
Currently on 32 bit systems, virtual space above PAGE_OFFSET is reserved for direct mapped lowmem and part of virtual address space is reserved for vmalloc. We want to optimize such as to have as much direct mapped memory as possible since there is penalty for mapping/unmapping highmem. Now, we may have an image that is expected to have a lifetime of the entire system and is reserved in physical region that would be part of direct mapped lowmem. The physical memory which is thus reserved is never used by Linux. This means that even though the system is not actually accessing the virtual memory corresponding to the reserved physical memory, we are still losing that portion of direct mapped lowmem space. So by allowing lowmem to be non contiguous we can give this unused virtual address space of reserved region back for use in vmalloc. Change-Id: I980b3dfafac71884dcdcb8cd2e4a6363cde5746a Signed-off-by: Susheel Khiani <skhiani@codeaurora.org> |
||
|
Linus Torvalds
|
1d6da87a32 |
Merge branch 'drm-next' of git://people.freedesktop.org/~airlied/linux
Pull drm updates from Dave Airlie: "Here's the main drm pull request for 4.7, it's been a busy one, and I've been a bit more distracted in real life this merge window. Lots more ARM drivers, not sure if it'll ever end. I think I've at least one more coming the next merge window. But changes are all over the place, support for AMD Polaris GPUs is in here, some missing GM108 support for nouveau (found in some Lenovos), a bunch of MST and skylake fixes. I've also noticed a few fixes from Arnd in my inbox, that I'll try and get in asap, but I didn't think they should hold this up. New drivers: - Hisilicon kirin display driver - Mediatek MT8173 display driver - ARC PGU - bitstreamer on Synopsys ARC SDP boards - Allwinner A13 initial RGB output driver - Analogix driver for DisplayPort IP found in exynos and rockchip DRM Core: - UAPI headers fixes and C++ safety - DRM connector reference counting - DisplayID mode parsing for Dell 5K monitors - Removal of struct_mutex from drivers - Connector registration cleanups - MST robustness fixes - MAINTAINERS updates - Lockless GEM object freeing - Generic fbdev deferred IO support panel: - Support for a bunch of new panels i915: - VBT refactoring - PLL computation cleanups - DSI support for BXT - Color manager support - More atomic patches - GEM improvements - GuC fw loading fixes - DP detection fixes - SKL GPU hang fixes - Lots of BXT fixes radeon/amdgpu: - Initial Polaris support - GPUVM/Scheduler/Clock/Power improvements - ASYNC pageflip support - New mesa feature support nouveau: - GM108 support - Power sensor support improvements - GR init + ucode fixes. - Use GPU provided topology information vmwgfx: - Add host messaging support gma500: - Some cleanups and fixes atmel: - Bridge support - Async atomic commit support fsl-dcu: - Timing controller for LCD support - Pixel clock polarity support rcar-du: - Misc fixes exynos: - Pipeline clock support - Exynoss4533 SoC support - HW trigger mode support - export HDMI_PHY clock - DECON5433 fixes - Use generic prime functions - use DMA mapping APIs rockchip: - Lots of little fixes vc4: - Render node support - Gamma ramp support - DPI output support msm: - Mostly cleanups and fixes - Conversion to generic struct fence etnaviv: - Fix for prime buffer handling - Allow hangcheck to be coalesced with other wakeups tegra: - Gamme table size fix" * 'drm-next' of git://people.freedesktop.org/~airlied/linux: (1050 commits) drm/edid: add displayid detailed 1 timings to the modelist. (v1.1) drm/edid: move displayid validation to it's own function. drm/displayid: Iterate over all DisplayID blocks drm/edid: move displayid tiled block parsing into separate function. drm: Nuke ->vblank_disable_allowed drm/vmwgfx: Report vmwgfx version to vmware.log drm/vmwgfx: Add VMWare host messaging capability drm/vmwgfx: Kill some lockdep warnings drm/nouveau/gr/gf100-: fix race condition in fecs/gpccs ucode drm/nouveau/core: recognise GM108 chipsets drm/nouveau/gr/gm107-: fix touching non-existent ppcs in attrib cb setup drm/nouveau/gr/gk104-: share implementation of ppc exception init drm/nouveau/gr/gk104-: move rop_active_fbps init to nonctx drm/nouveau/bios/pll: check BIT table version before trying to parse it drm/nouveau/bios/pll: prevent oops when limits table can't be parsed drm/nouveau/volt/gk104: round up in gk104_volt_set drm/nouveau/fb/gm200: setup mmu debug buffer registers at init() drm/nouveau/fb/gk20a,gm20b: setup mmu debug buffer registers at init() drm/nouveau/fb/gf100-: allocate mmu debug buffers drm/nouveau/fb: allow chipset-specific actions for oneinit() ... |
||
|
Chris Wilson
|
80c4bd7a5e |
mm/vmalloc: keep a separate lazy-free list
When mixing lots of vmallocs and set_memory_*() (which calls vm_unmap_aliases()) I encountered situations where the performance degraded severely due to the walking of the entire vmap_area list each invocation. One simple improvement is to add the lazily freed vmap_area to a separate lockless free list, such that we then avoid having to walk the full list on each purge. Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk> Reviewed-by: Roman Pen <r.peniaev@gmail.com> Cc: Joonas Lahtinen <joonas.lahtinen@linux.intel.com> Cc: Tvrtko Ursulin <tvrtko.ursulin@linux.intel.com> Cc: Daniel Vetter <daniel.vetter@ffwll.ch> Cc: David Rientjes <rientjes@google.com> Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com> Cc: Roman Pen <r.peniaev@gmail.com> Cc: Mel Gorman <mgorman@techsingularity.net> Cc: Toshi Kani <toshi.kani@hp.com> Cc: Shawn Lin <shawn.lin@rock-chips.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Chris Wilson
|
4da56b99d9 |
mm/vmap: Add a notifier for when we run out of vmap address space
vmaps are temporary kernel mappings that may be of long duration. Reusing a vmap on an object is preferrable for a driver as the cost of setting up the vmap can otherwise dominate the operation on the object. However, the vmap address space is rather limited on 32bit systems and so we add a notification for vmap pressure in order for the driver to release any cached vmappings. The interface is styled after the oom-notifier where the callees are passed a pointer to an unsigned long counter for them to indicate if they have freed any space. v2: Guard the blocking notifier call with gfpflags_allow_blocking() v3: Correct typo in forward declaration and move to head of file Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: David Rientjes <rientjes@google.com> Cc: Roman Peniaev <r.peniaev@gmail.com> Cc: Mel Gorman <mgorman@techsingularity.net> Cc: linux-mm@kvack.org Cc: linux-kernel@vger.kernel.org Acked-by: Andrew Morton <akpm@linux-foundation.org> # for inclusion via DRM Cc: Joonas Lahtinen <joonas.lahtinen@linux.intel.com> Cc: Tvrtko Ursulin <tvrtko.ursulin@intel.com> Link: http://patchwork.freedesktop.org/patch/msgid/1459777603-23618-3-git-send-email-chris@chris-wilson.co.uk Reviewed-by: Joonas Lahtinen <joonas.lahtinen@linux.intel.com> |
||
|
David Rientjes
|
244d63ee34 |
mm, vmalloc: remove VM_VPAGES
VM_VPAGES is unnecessary, it's easier to check is_vmalloc_addr() when reading /proc/vmallocinfo. [akpm@linux-foundation.org: remove VM_VPAGES reference via kvfree()] Signed-off-by: David Rientjes <rientjes@google.com> Cc: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Linus Torvalds
|
a5ad88ce8c |
mm: get rid of 'vmalloc_info' from /proc/meminfo
It turns out that at least some versions of glibc end up reading /proc/meminfo at every single startup, because glibc wants to know the amount of memory the machine has. And while that's arguably insane, it's just how things are. And it turns out that it's not all that expensive most of the time, but the vmalloc information statistics (amount of virtual memory used in the vmalloc space, and the biggest remaining chunk) can be rather expensive to compute. The 'get_vmalloc_info()' function actually showed up on my profiles as 4% of the CPU usage of "make test" in the git source repository, because the git tests are lots of very short-lived shell-scripts etc. It turns out that apparently this same silly vmalloc info gathering shows up on the facebook servers too, according to Dave Jones. So it's not just "make test" for git. We had two patches to just cache the information (one by me, one by Ingo) to mitigate this issue, but the whole vmalloc information of of rather dubious value to begin with, and people who *actually* want to know what the situation is wrt the vmalloc area should just look at the much more complete /proc/vmallocinfo instead. In fact, according to my testing - and perhaps more importantly, according to that big search engine in the sky: Google - there is nothing out there that actually cares about those two expensive fields: VmallocUsed and VmallocChunk. So let's try to just remove them entirely. Actually, this just removes the computation and reports the numbers as zero for now, just to try to be minimally intrusive. If this breaks anything, we'll obviously have to re-introduce the code to compute this all and add the caching patches on top. But if given the option, I'd really prefer to just remove this bad idea entirely rather than add even more code to work around our historical mistake that likely nobody really cares about. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Andrey Ryabinin
|
a5af5aa8b6 |
kasan, module, vmalloc: rework shadow allocation for modules
Current approach in handling shadow memory for modules is broken.
Shadow memory could be freed only after memory shadow corresponds it is no
longer used. vfree() called from interrupt context could use memory its
freeing to store 'struct llist_node' in it:
void vfree(const void *addr)
{
...
if (unlikely(in_interrupt())) {
struct vfree_deferred *p = this_cpu_ptr(&vfree_deferred);
if (llist_add((struct llist_node *)addr, &p->list))
schedule_work(&p->wq);
Later this list node used in free_work() which actually frees memory.
Currently module_memfree() called in interrupt context will free shadow
before freeing module's memory which could provoke kernel crash.
So shadow memory should be freed after module's memory. However, such
deallocation order could race with kasan_module_alloc() in module_alloc().
Free shadow right before releasing vm area. At this point vfree()'d
memory is not used anymore and yet not available for other allocations.
New VM_KASAN flag used to indicate that vm area has dynamically allocated
shadow memory so kasan frees shadow only if it was previously allocated.
Signed-off-by: Andrey Ryabinin <a.ryabinin@samsung.com>
Acked-by: Rusty Russell <rusty@rustcorp.com.au>
Cc: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
||
|
Andrey Ryabinin
|
cb9e3c292d |
mm: vmalloc: pass additional vm_flags to __vmalloc_node_range()
For instrumenting global variables KASan will shadow memory backing memory for modules. So on module loading we will need to allocate memory for shadow and map it at address in shadow that corresponds to the address allocated in module_alloc(). __vmalloc_node_range() could be used for this purpose, except it puts a guard hole after allocated area. Guard hole in shadow memory should be a problem because at some future point we might need to have a shadow memory at address occupied by guard hole. So we could fail to allocate shadow for module_alloc(). Now we have VM_NO_GUARD flag disabling guard page, so we need to pass into __vmalloc_node_range(). Add new parameter 'vm_flags' to __vmalloc_node_range() function. Signed-off-by: Andrey Ryabinin <a.ryabinin@samsung.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Konstantin Serebryany <kcc@google.com> Cc: Dmitry Chernenkov <dmitryc@google.com> Signed-off-by: Andrey Konovalov <adech.fo@gmail.com> Cc: Yuri Gribov <tetra2005@gmail.com> Cc: Konstantin Khlebnikov <koct9i@gmail.com> Cc: Sasha Levin <sasha.levin@oracle.com> Cc: Christoph Lameter <cl@linux.com> Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com> Cc: Dave Hansen <dave.hansen@intel.com> Cc: Andi Kleen <andi@firstfloor.org> Cc: Ingo Molnar <mingo@elte.hu> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Christoph Lameter <cl@linux.com> Cc: Pekka Enberg <penberg@kernel.org> Cc: David Rientjes <rientjes@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Andrey Ryabinin
|
71394fe501 |
mm: vmalloc: add flag preventing guard hole allocation
For instrumenting global variables KASan will shadow memory backing memory for modules. So on module loading we will need to allocate memory for shadow and map it at address in shadow that corresponds to the address allocated in module_alloc(). __vmalloc_node_range() could be used for this purpose, except it puts a guard hole after allocated area. Guard hole in shadow memory should be a problem because at some future point we might need to have a shadow memory at address occupied by guard hole. So we could fail to allocate shadow for module_alloc(). Add a new vm_struct flag 'VM_NO_GUARD' indicating that vm area doesn't have a guard hole. Signed-off-by: Andrey Ryabinin <a.ryabinin@samsung.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Konstantin Serebryany <kcc@google.com> Cc: Dmitry Chernenkov <dmitryc@google.com> Signed-off-by: Andrey Konovalov <adech.fo@gmail.com> Cc: Yuri Gribov <tetra2005@gmail.com> Cc: Konstantin Khlebnikov <koct9i@gmail.com> Cc: Sasha Levin <sasha.levin@oracle.com> Cc: Christoph Lameter <cl@linux.com> Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com> Cc: Dave Hansen <dave.hansen@intel.com> Cc: Andi Kleen <andi@firstfloor.org> Cc: Ingo Molnar <mingo@elte.hu> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Christoph Lameter <cl@linux.com> Cc: Pekka Enberg <penberg@kernel.org> Cc: David Rientjes <rientjes@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
WANG Chao
|
f6f8ed4735 |
mm/vmalloc.c: clean up map_vm_area third argument
Currently map_vm_area() takes (struct page *** pages) as third argument, and after mapping, it moves (*pages) to point to (*pages + nr_mappped_pages). It looks like this kind of increment is useless to its caller these days. The callers don't care about the increments and actually they're trying to avoid this by passing another copy to map_vm_area(). The caller can always guarantee all the pages can be mapped into vm_area as specified in first argument and the caller only cares about whether map_vm_area() fails or not. This patch cleans up the pointer movement in map_vm_area() and updates its callers accordingly. Signed-off-by: WANG Chao <chaowang@redhat.com> Cc: Zhang Yanfei <zhangyanfei@cn.fujitsu.com> Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Minchan Kim <minchan@kernel.org> Cc: Nitin Gupta <ngupta@vflare.org> Cc: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Zhang Yanfei
|
20fc02b477 |
mm/vmalloc.c: rename VM_UNLIST to VM_UNINITIALIZED
VM_UNLIST was used to indicate that the vm_struct is not listed in
vmlist.
But after commit
|
||
|
HATAYAMA Daisuke
|
e69e9d4aee |
vmalloc: introduce remap_vmalloc_range_partial
We want to allocate ELF note segment buffer on the 2nd kernel in vmalloc space and remap it to user-space in order to reduce the risk that memory allocation fails on system with huge number of CPUs and so with huge ELF note segment that exceeds 11-order block size. Although there's already remap_vmalloc_range for the purpose of remapping vmalloc memory to user-space, we need to specify user-space range via vma. Mmap on /proc/vmcore needs to remap range across multiple objects, so the interface that requires vma to cover full range is problematic. This patch introduces remap_vmalloc_range_partial that receives user-space range as a pair of base address and size and can be used for mmap on /proc/vmcore case. remap_vmalloc_range is rewritten using remap_vmalloc_range_partial. [akpm@linux-foundation.org: use PAGE_ALIGNED()] Signed-off-by: HATAYAMA Daisuke <d.hatayama@jp.fujitsu.com> Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com> Cc: Vivek Goyal <vgoyal@redhat.com> Cc: Atsushi Kumagai <kumagai-atsushi@mxc.nes.nec.co.jp> Cc: Lisa Mitchell <lisa.mitchell@hp.com> Cc: Zhang Yanfei <zhangyanfei@cn.fujitsu.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Atsushi Kumagai
|
13ba3fcbbe |
kexec, vmalloc: export additional vmalloc layer information
Now, vmap_area_list is exported as VMCOREINFO for makedumpfile to get the start address of vmalloc region (vmalloc_start). The address which contains vmalloc_start value is represented as below: vmap_area_list.next - OFFSET(vmap_area.list) + OFFSET(vmap_area.va_start) However, both OFFSET(vmap_area.va_start) and OFFSET(vmap_area.list) aren't exported as VMCOREINFO. So this patch exports them externally with small cleanup. [akpm@linux-foundation.org: vmalloc.h should include list.h for list_head] Signed-off-by: Atsushi Kumagai <kumagai-atsushi@mxc.nes.nec.co.jp> Cc: Joonsoo Kim <js1304@gmail.com> Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Atsushi Kumagai <kumagai-atsushi@mxc.nes.nec.co.jp> Cc: Chris Metcalf <cmetcalf@tilera.com> Cc: Dave Anderson <anderson@redhat.com> Cc: Eric Biederman <ebiederm@xmission.com> Cc: Guan Xuetao <gxt@mprc.pku.edu.cn> Cc: Ingo Molnar <mingo@kernel.org> Cc: Vivek Goyal <vgoyal@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Joonsoo Kim
|
f1c4069e1d |
mm, vmalloc: export vmap_area_list, instead of vmlist
Although our intention is to unexport internal structure entirely, but there is one exception for kexec. kexec dumps address of vmlist and makedumpfile uses this information. We are about to remove vmlist, then another way to retrieve information of vmalloc layer is needed for makedumpfile. For this purpose, we export vmap_area_list, instead of vmlist. Signed-off-by: Joonsoo Kim <js1304@gmail.com> Signed-off-by: Joonsoo Kim <iamjoonsoo.kim@lge.com> Cc: Eric Biederman <ebiederm@xmission.com> Cc: Dave Anderson <anderson@redhat.com> Cc: Vivek Goyal <vgoyal@redhat.com> Cc: Atsushi Kumagai <kumagai-atsushi@mxc.nes.nec.co.jp> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Chris Metcalf <cmetcalf@tilera.com> Cc: Guan Xuetao <gxt@mprc.pku.edu.cn> Cc: Ingo Molnar <mingo@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Joonsoo Kim
|
db3808c1ba |
mm, vmalloc: move get_vmalloc_info() to vmalloc.c
Now get_vmalloc_info() is in fs/proc/mmu.c. There is no reason that this code must be here and it's implementation needs vmlist_lock and it iterate a vmlist which may be internal data structure for vmalloc. It is preferable that vmlist_lock and vmlist is only used in vmalloc.c for maintainability. So move the code to vmalloc.c Signed-off-by: Joonsoo Kim <js1304@gmail.com> Signed-off-by: Joonsoo Kim <iamjoonsoo.kim@lge.com> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Atsushi Kumagai <kumagai-atsushi@mxc.nes.nec.co.jp> Cc: Chris Metcalf <cmetcalf@tilera.com> Cc: Dave Anderson <anderson@redhat.com> Cc: Eric Biederman <ebiederm@xmission.com> Cc: Guan Xuetao <gxt@mprc.pku.edu.cn> Cc: Ingo Molnar <mingo@kernel.org> Cc: Vivek Goyal <vgoyal@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Marek Szyprowski
|
e9da6e9905 |
ARM: dma-mapping: remove custom consistent dma region
This patch changes dma-mapping subsystem to use generic vmalloc areas for all consistent dma allocations. This increases the total size limit of the consistent allocations and removes platform hacks and a lot of duplicated code. Atomic allocations are served from special pool preallocated on boot, because vmalloc areas cannot be reliably created in atomic context. Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com> Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com> Reviewed-by: Minchan Kim <minchan@kernel.org> |
||
|
Marek Szyprowski
|
5e6cafc83e |
mm: vmalloc: use const void * for caller argument
'const void *' is a safer type for caller function type. This patch updates all references to caller function type. Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com> Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com> Reviewed-by: Minchan Kim <minchan@kernel.org> |
||
|
Russell King
|
73829af71f | Merge branch 'vmalloc' of git://git.linaro.org/people/nico/linux into devel-stable | ||
|
Nicolas Pitre
|
be9b7335e7 |
mm: add vm_area_add_early()
The existing vm_area_register_early() allows for early vmalloc space allocation. However upcoming cleanups in the ARM architecture require that some fixed locations in the vmalloc area be reserved also very early. The name "vm_area_register_early" would have been a good name for the reservation part without the allocation. Since it is already in use with different semantics, let's create vm_area_add_early() instead. Both vm_area_register_early() and vm_area_add_early() can be used together meaning that the former is now implemented using the later where it is ensured that no conflicting areas are added, but no attempt is made to make the allocation scheme in vm_area_register_early() more sophisticated. After all, you must know what you're doing when using those functions. Signed-off-by: Nicolas Pitre <nicolas.pitre@linaro.org> Acked-by: Andrew Morton <akpm@linux-foundation.org> Cc: linux-mm@kvack.org |
||
|
David Vrabel
|
cd12909cb5 |
xen: map foreign pages for shared rings by updating the PTEs directly
When mapping a foreign page with xenbus_map_ring_valloc() with the GNTTABOP_map_grant_ref hypercall, set the GNTMAP_contains_pte flag and pass a pointer to the PTE (in init_mm). After the page is mapped, the usual fault mechanism can be used to update additional MMs. This allows the vmalloc_sync_all() to be removed from alloc_vm_area(). Signed-off-by: David Vrabel <david.vrabel@citrix.com> Acked-by: Andrew Morton <akpm@linux-foundation.org> [v1: Squashed fix by Michal for no-mmu case] Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Signed-off-by: Michal Simek <monstr@monstr.eu> |
||
|
Mitsuo Hayasaka
|
f5252e009d |
mm: avoid null pointer access in vm_struct via /proc/vmallocinfo
The /proc/vmallocinfo shows information about vmalloc allocations in vmlist that is a linklist of vm_struct. It, however, may access pages field of vm_struct where a page was not allocated. This results in a null pointer access and leads to a kernel panic. Why this happens: In __vmalloc_node_range() called from vmalloc(), newly allocated vm_struct is added to vmlist at __get_vm_area_node() and then, some fields of vm_struct such as nr_pages and pages are set at __vmalloc_area_node(). In other words, it is added to vmlist before it is fully initialized. At the same time, when the /proc/vmallocinfo is read, it accesses the pages field of vm_struct according to the nr_pages field at show_numa_info(). Thus, a null pointer access happens. The patch adds the newly allocated vm_struct to the vmlist *after* it is fully initialized. So, it can avoid accessing the pages field with unallocated page when show_numa_info() is called. Signed-off-by: Mitsuo Hayasaka <mitsuo.hayasaka.hu@hitachi.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: David Rientjes <rientjes@google.com> Cc: Namhyung Kim <namhyung@gmail.com> Cc: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com> Cc: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com> Cc: <stable@kernel.org> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Graf Yang
|
b554cb426a |
NOMMU: support SMP dynamic percpu_alloc
The percpu code requires more functions to be implemented in the mm core which nommu currently does not provide. So add inline implementations since these are largely meaningless on nommu systems. Signed-off-by: Graf Yang <graf.yang@analog.com> Signed-off-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Greg Ungerer <gerg@uclinux.org> |
||
|
David Rientjes
|
d0a21265df |
mm: unify module_alloc code for vmalloc
Four architectures (arm, mips, sparc, x86) use __vmalloc_area() for module_init(). Much of the code is duplicated and can be generalized in a globally accessible function, __vmalloc_node_range(). __vmalloc_node() now calls into __vmalloc_node_range() with a range of [VMALLOC_START, VMALLOC_END) for functionally equivalent behavior. Each architecture may then use __vmalloc_node_range() directly to remove the duplication of code. Signed-off-by: David Rientjes <rientjes@google.com> Cc: Christoph Lameter <cl@linux.com> Cc: Russell King <linux@arm.linux.org.uk> Cc: Ralf Baechle <ralf@linux-mips.org> Cc: "David S. Miller" <davem@davemloft.net> Cc: Ingo Molnar <mingo@redhat.com> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
David Rientjes
|
ec3f64fc9c |
mm: remove gfp mask from pcpu_get_vm_areas
pcpu_get_vm_areas() only uses GFP_KERNEL allocations, so remove the gfp_t formal and use the mask internally. Signed-off-by: David Rientjes <rientjes@google.com> Cc: Christoph Lameter <cl@linux.com> Cc: Tejun Heo <tj@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
David Rientjes
|
e5a5623b28 |
mm: remove unused get_vm_area_node
get_vm_area_node() is unused in the kernel and can thus be removed. Signed-off-by: David Rientjes <rientjes@google.com> Cc: Christoph Lameter <cl@linux.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Jeremy Fitzhardinge
|
64141da587 |
vmalloc: eagerly clear ptes on vunmap
On stock 2.6.37-rc4, running:
# mount lilith:/export /mnt/lilith
# find /mnt/lilith/ -type f -print0 | xargs -0 file
crashes the machine fairly quickly under Xen. Often it results in oops
messages, but the couple of times I tried just now, it just hung quietly
and made Xen print some rude messages:
(XEN) mm.c:2389:d80 Bad type (saw 7400000000000001 != exp
3000000000000000) for mfn 1d7058 (pfn 18fa7)
(XEN) mm.c:964:d80 Attempt to create linear p.t. with write perms
(XEN) mm.c:2389:d80 Bad type (saw 7400000000000010 != exp
1000000000000000) for mfn 1d2e04 (pfn 1d1fb)
(XEN) mm.c:2965:d80 Error while pinning mfn 1d2e04
Which means the domain tried to map a pagetable page RW, which would
allow it to map arbitrary memory, so Xen stopped it. This is because
vm_unmap_ram() left some pages mapped in the vmalloc area after NFS had
finished with them, and those pages got recycled as pagetable pages
while still having these RW aliases.
Removing those mappings immediately removes the Xen-visible aliases, and
so it has no problem with those pages being reused as pagetable pages.
Deferring the TLB flush doesn't upset Xen because it can flush the TLB
itself as needed to maintain its invariants.
When unmapping a region in the vmalloc space, clear the ptes
immediately. There's no point in deferring this because there's no
amortization benefit.
The TLBs are left dirty, and they are flushed lazily to amortize the
cost of the IPIs.
This specific motivation for this patch is an oops-causing regression
since 2.6.36 when using NFS under Xen, triggered by the NFS client's use
of vm_map_ram() introduced in
|
||
|
Dave Young
|
e1ca7788de |
mm: add vzalloc() and vzalloc_node() helpers
Add vzalloc() and vzalloc_node() to encapsulate the vmalloc-then-memset-zero operation. Use __GFP_ZERO to zero fill the allocated memory. Signed-off-by: Dave Young <hidave.darkstar@gmail.com> Cc: Christoph Lameter <cl@linux-foundation.org> Acked-by: Greg Ungerer <gerg@snapgear.com> Cc: David Howells <dhowells@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Tejun Heo
|
4f8b02b4e5 |
vmalloc: pcpu_get/free_vm_areas() aren't needed on UP
These functions are used only by percpu memory allocator on SMP. Don't build them on UP. Signed-off-by: Tejun Heo <tj@kernel.org> Cc: Nick Piggin <npiggin@kernel.dk> Reviewed-by: Chrsitoph Lameter <cl@linux.com> |
||
|
Linus Torvalds
|
26f0cf9181 |
Merge branch 'stable/xen-swiotlb-0.8.6' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen
* 'stable/xen-swiotlb-0.8.6' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen:
x86: Detect whether we should use Xen SWIOTLB.
pci-swiotlb-xen: Add glue code to setup dma_ops utilizing xen_swiotlb_* functions.
swiotlb-xen: SWIOTLB library for Xen PV guest with PCI passthrough.
xen/mmu: inhibit vmap aliases rather than trying to clear them out
vmap: add flag to allow lazy unmap to be disabled at runtime
xen: Add xen_create_contiguous_region
xen: Rename the balloon lock
xen: Allow unprivileged Xen domains to create iomap pages
xen: use _PAGE_IOMAP in ioremap to do machine mappings
Fix up trivial conflicts (adding both xen swiotlb and xen pci platform
driver setup close to each other) in drivers/xen/{Kconfig,Makefile} and
include/xen/xen-ops.h
|
||
|
Jeremy Fitzhardinge
|
a0d40c8025 |
vmap: add flag to allow lazy unmap to be disabled at runtime
Add a flag to force lazy_max_pages() to zero to prevent any outstanding mapped pages. We'll need this for Xen. Signed-off-by: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Acked-by: Nick Piggin <npiggin@suse.de> |
||
|
Kenji Kaneshige
|
ffa71f33a8 |
x86, ioremap: Fix incorrect physical address handling in PAE mode
Current x86 ioremap() doesn't handle physical address higher than 32-bit properly in X86_32 PAE mode. When physical address higher than 32-bit is passed to ioremap(), higher 32-bits in physical address is cleared wrongly. Due to this bug, ioremap() can map wrong address to linear address space. In my case, 64-bit MMIO region was assigned to a PCI device (ioat device) on my system. Because of the ioremap()'s bug, wrong physical address (instead of MMIO region) was mapped to linear address space. Because of this, loading ioatdma driver caused unexpected behavior (kernel panic, kernel hangup, ...). Signed-off-by: Kenji Kaneshige <kaneshige.kenji@jp.fujitsu.com> LKML-Reference: <4C1AE680.7090408@jp.fujitsu.com> Signed-off-by: H. Peter Anvin <hpa@linux.intel.com> |
||
|
Tejun Heo
|
ca23e405e0 |
vmalloc: implement pcpu_get_vm_areas()
To directly use spread NUMA memories for percpu units, percpu allocator will be updated to allow sparsely mapping units in a chunk. As the distances between units can be very large, this makes allocating single vmap area for each chunk undesirable. This patch implements pcpu_get_vm_areas() and pcpu_free_vm_areas() which allocates and frees sparse congruent vmap areas. pcpu_get_vm_areas() take @offsets and @sizes array which define distances and sizes of vmap areas. It scans down from the top of vmalloc area looking for the top-most address which can accomodate all the areas. The top-down scan is to avoid interacting with regular vmallocs which can push up these congruent areas up little by little ending up wasting address space and page table. To speed up top-down scan, the highest possible address hint is maintained. Although the scan is linear from the hint, given the usual large holes between memory addresses between NUMA nodes, the scanning is highly likely to finish after finding the first hole for the last unit which is scanned first. Signed-off-by: Tejun Heo <tj@kernel.org> Cc: Nick Piggin <npiggin@suse.de> |
||
|
Ingo Molnar
|
0edcf8d692 |
Merge branch 'tj-percpu' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/misc into core/percpu
Conflicts: arch/x86/include/asm/pgtable.h |
||
|
Tejun Heo
|
c0c0a29379 |
vmalloc: add @align to vm_area_register_early()
Impact: allow larger alignment for early vmalloc area allocation Some early vmalloc users might want larger alignment, for example, for custom large page mapping. Add @align to vm_area_register_early(). While at it, drop docbook comment on non-existent @size. Signed-off-by: Tejun Heo <tj@kernel.org> Cc: Nick Piggin <nickpiggin@yahoo.com.au> Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru> |
||
|
Tejun Heo
|
8fc4898500 |
vmalloc: add un/map_kernel_range_noflush()
Impact: two more public map/unmap functions Implement map_kernel_range_noflush() and unmap_kernel_range_noflush(). These functions respectively map and unmap address range in kernel VM area but doesn't do any vcache or tlb flushing. These will be used by new percpu allocator. Signed-off-by: Tejun Heo <tj@kernel.org> Cc: Nick Piggin <nickpiggin@yahoo.com.au> |
||
|
Tejun Heo
|
f0aa661790 |
vmalloc: implement vm_area_register_early()
Impact: allow multiple early vm areas There are places where kernel VM area needs to be allocated before vmalloc is initialized. This is done by allocating static vm_struct, initializing several fields and linking it to vmlist and later vmalloc initialization picking up these from vmlist. This is currently done manually and if there's more than one such areas, there's no defined way to arbitrate who gets which address. This patch implements vm_area_register_early(), which takes vm_area struct with flags and size initialized, assigns address to it and puts it on the vmlist. This way, multiple early vm areas can determine which addresses they should use. The only current user - alpha mm init - is converted to use it. Signed-off-by: Tejun Heo <tj@kernel.org> |
||
|
Benjamin Herrenschmidt
|
c296861291 |
vmalloc: add __get_vm_area_caller()
We have get_vm_area_caller() and __get_vm_area() but not __get_vm_area_caller() On powerpc, I use __get_vm_area() to separate the ranges of addresses given to vmalloc vs. ioremap (various good reasons for that) so in order to be able to implement the new caller tracking in /proc/vmallocinfo, I need a "_caller" variant of it. (akpm: needed for ongoing powerpc development, so merge it early) [akpm@linux-foundation.org: coding-style fixes] Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Reviewed-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
KOSAKI Motohiro
|
69beeb1d34 |
mm: make vread() and vwrite() declaration
Sparse output following warnings. mm/vmalloc.c:1436:6: warning: symbol 'vread' was not declared. Should it be static? mm/vmalloc.c:1474:6: warning: symbol 'vwrite' was not declared. Should it be static? However, it is used by /dev/kmem. fixed here. Signed-off-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Alexey Dobriyan
|
5f6a6a9c4e |
proc: move /proc/vmallocinfo to mm/vmalloc.c
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Acked-by: Christoph Lameter <cl@linux-foundation.org> |
||
|
Nick Piggin
|
db64fe0225 |
mm: rewrite vmap layer
Rewrite the vmap allocator to use rbtrees and lazy tlb flushing, and
provide a fast, scalable percpu frontend for small vmaps (requires a
slightly different API, though).
The biggest problem with vmap is actually vunmap. Presently this requires
a global kernel TLB flush, which on most architectures is a broadcast IPI
to all CPUs to flush the cache. This is all done under a global lock. As
the number of CPUs increases, so will the number of vunmaps a scaled
workload will want to perform, and so will the cost of a global TLB flush.
This gives terrible quadratic scalability characteristics.
Another problem is that the entire vmap subsystem works under a single
lock. It is a rwlock, but it is actually taken for write in all the fast
paths, and the read locking would likely never be run concurrently anyway,
so it's just pointless.
This is a rewrite of vmap subsystem to solve those problems. The existing
vmalloc API is implemented on top of the rewritten subsystem.
The TLB flushing problem is solved by using lazy TLB unmapping. vmap
addresses do not have to be flushed immediately when they are vunmapped,
because the kernel will not reuse them again (would be a use-after-free)
until they are reallocated. So the addresses aren't allocated again until
a subsequent TLB flush. A single TLB flush then can flush multiple
vunmaps from each CPU.
XEN and PAT and such do not like deferred TLB flushing because they can't
always handle multiple aliasing virtual addresses to a physical address.
They now call vm_unmap_aliases() in order to flush any deferred mappings.
That call is very expensive (well, actually not a lot more expensive than
a single vunmap under the old scheme), however it should be OK if not
called too often.
The virtual memory extent information is stored in an rbtree rather than a
linked list to improve the algorithmic scalability.
There is a per-CPU allocator for small vmaps, which amortizes or avoids
global locking.
To use the per-CPU interface, the vm_map_ram / vm_unmap_ram interfaces
must be used in place of vmap and vunmap. Vmalloc does not use these
interfaces at the moment, so it will not be quite so scalable (although it
will use lazy TLB flushing).
As a quick test of performance, I ran a test that loops in the kernel,
linearly mapping then touching then unmapping 4 pages. Different numbers
of tests were run in parallel on an 4 core, 2 socket opteron. Results are
in nanoseconds per map+touch+unmap.
threads vanilla vmap rewrite
1 14700 2900
2 33600 3000
4 49500 2800
8 70631 2900
So with a 8 cores, the rewritten version is already 25x faster.
In a slightly more realistic test (although with an older and less
scalable version of the patch), I ripped the not-very-good vunmap batching
code out of XFS, and implemented the large buffer mapping with vm_map_ram
and vm_unmap_ram... along with a couple of other tricks, I was able to
speed up a large directory workload by 20x on a 64 CPU system. I believe
vmap/vunmap is actually sped up a lot more than 20x on such a system, but
I'm running into other locks now. vmap is pretty well blown off the
profiles.
Before:
1352059 total 0.1401
798784 _write_lock 8320.6667 <- vmlist_lock
529313 default_idle 1181.5022
15242 smp_call_function 15.8771 <- vmap tlb flushing
2472 __get_vm_area_node 1.9312 <- vmap
1762 remove_vm_area 4.5885 <- vunmap
316 map_vm_area 0.2297 <- vmap
312 kfree 0.1950
300 _spin_lock 3.1250
252 sn_send_IPI_phys 0.4375 <- tlb flushing
238 vmap 0.8264 <- vmap
216 find_lock_page 0.5192
196 find_next_bit 0.3603
136 sn2_send_IPI 0.2024
130 pio_phys_write_mmr 2.0312
118 unmap_kernel_range 0.1229
After:
78406 total 0.0081
40053 default_idle 89.4040
33576 ia64_spinlock_contention 349.7500
1650 _spin_lock 17.1875
319 __reg_op 0.5538
281 _atomic_dec_and_lock 1.0977
153 mutex_unlock 1.5938
123 iget_locked 0.1671
117 xfs_dir_lookup 0.1662
117 dput 0.1406
114 xfs_iget_core 0.0268
92 xfs_da_hashname 0.1917
75 d_alloc 0.0670
68 vmap_page_range 0.0462 <- vmap
58 kmem_cache_alloc 0.0604
57 memset 0.0540
52 rb_next 0.1625
50 __copy_user 0.0208
49 bitmap_find_free_region 0.2188 <- vmap
46 ia64_sn_udelay 0.1106
45 find_inode_fast 0.1406
42 memcmp 0.2188
42 finish_task_switch 0.1094
42 __d_lookup 0.0410
40 radix_tree_lookup_slot 0.1250
37 _spin_unlock_irqrestore 0.3854
36 xfs_bmapi 0.0050
36 kmem_cache_free 0.0256
35 xfs_vn_getattr 0.0322
34 radix_tree_lookup 0.1062
33 __link_path_walk 0.0035
31 xfs_da_do_buf 0.0091
30 _xfs_buf_find 0.0204
28 find_get_page 0.0875
27 xfs_iread 0.0241
27 __strncpy_from_user 0.2812
26 _xfs_buf_initialize 0.0406
24 _xfs_buf_lookup_pages 0.0179
24 vunmap_page_range 0.0250 <- vunmap
23 find_lock_page 0.0799
22 vm_map_ram 0.0087 <- vmap
20 kfree 0.0125
19 put_page 0.0330
18 __kmalloc 0.0176
17 xfs_da_node_lookup_int 0.0086
17 _read_lock 0.0885
17 page_waitqueue 0.0664
vmap has gone from being the top 5 on the profiles and flushing the crap
out of all TLBs, to using less than 1% of kernel time.
[akpm@linux-foundation.org: cleanups, section fix]
[akpm@linux-foundation.org: fix build on alpha]
Signed-off-by: Nick Piggin <npiggin@suse.de>
Cc: Jeremy Fitzhardinge <jeremy@goop.org>
Cc: Krzysztof Helt <krzysztof.h1@poczta.fm>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|