bka
2640 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Michael Bestas
|
72c5422033 |
Merge remote-tracking branch 'sm8250/lineage-20' into lineage-22.1
* sm8250/lineage-20: Revert "UPSTREAM: unicode: Don't special case ignorable code points" Reapply "UPSTREAM: unicode: Don't special case ignorable code points" Revert "UPSTREAM: unicode: Don't special case ignorable code points" Linux 4.19.325 sh: intc: Fix use-after-free bug in register_intc_controller() modpost: remove incorrect code in do_eisa_entry() 9p/xen: fix release of IRQ 9p/xen: fix init sequence block: return unsigned int from bdev_io_min jffs2: fix use of uninitialized variable ubi: fastmap: Fix duplicate slab cache names while attaching ubifs: Correct the total block count by deducting journal reservation rtc: check if __rtc_read_time was successful in rtc_timer_do_work() NFSv4.0: Fix a use-after-free problem in the asynchronous open() um: Fix the return value of elf_core_copy_task_fpregs rpmsg: glink: Propagate TX failures in intentless mode as well NFSD: Prevent a potential integer overflow lib: string_helpers: silence snprintf() output truncation warning usb: dwc3: gadget: Fix checking for number of TRBs left media: wl128x: Fix atomicity violation in fmc_send_cmd() ... Change-Id: Ic24ecf60425e503059bd4c7738a05a85cb881256 |
||
|
Michael Bestas
|
c22009ad76 |
Merge tag 'ASB-2025-01-05_4.19-stable' of https://android.googlesource.com/kernel/common into android13-4.19-kona
https://source.android.com/docs/security/bulletin/2025-01-01 * tag 'ASB-2025-01-05_4.19-stable' of https://android.googlesource.com/kernel/common: (132 commits) Revert "UPSTREAM: unicode: Don't special case ignorable code points" Reapply "UPSTREAM: unicode: Don't special case ignorable code points" Revert "UPSTREAM: unicode: Don't special case ignorable code points" Linux 4.19.325 sh: intc: Fix use-after-free bug in register_intc_controller() modpost: remove incorrect code in do_eisa_entry() 9p/xen: fix release of IRQ 9p/xen: fix init sequence block: return unsigned int from bdev_io_min jffs2: fix use of uninitialized variable ubi: fastmap: Fix duplicate slab cache names while attaching ubifs: Correct the total block count by deducting journal reservation rtc: check if __rtc_read_time was successful in rtc_timer_do_work() NFSv4.0: Fix a use-after-free problem in the asynchronous open() um: Fix the return value of elf_core_copy_task_fpregs rpmsg: glink: Propagate TX failures in intentless mode as well NFSD: Prevent a potential integer overflow lib: string_helpers: silence snprintf() output truncation warning usb: dwc3: gadget: Fix checking for number of TRBs left media: wl128x: Fix atomicity violation in fmc_send_cmd() ... Conflicts: arch/arm64/boot/dts/vendor/bindings/clock/adi,axi-clkgen.yaml arch/arm64/boot/dts/vendor/bindings/clock/axi-clkgen.txt drivers/rpmsg/qcom_glink_native.c Change-Id: Iea6ddf20dfaa4419f6e0b2efcee1890bfa8e2554 |
||
|
Michael Bestas
|
8bd8dca04e |
Merge remote-tracking branch 'sm8250/lineage-20' into lineage-21
* sm8250/lineage-20: arm64: vdso32: require CROSS_COMPILE_COMPAT for gcc+bfd of: restore old handling of cells_name=NULL in of_*_phandle_with_args() of: Let of_for_each_phandle fallback to non-negative cell_count msm: eva: put kref after processing deprecated message Linux 4.19.324 9p: fix slab cache name creation for real net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition fs: Fix uninitialized value issue in from_kuid and from_kgid powerpc/powernv: Free name on error in opal_event_init() sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML bpf: use kvzmalloc to allocate BPF verifier environment HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad 9p: Avoid creating multiple slab caches with the same name ALSA: usb-audio: Add endianness annotations vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer ALSA: usb-audio: Add quirks for Dell WD19 dock ALSA: usb-audio: Support jack detection on Dell dock ALSA: usb-audio: Add custom mixer status quirks for RME CC devices ALSA: pcm: Return 0 when size < start_threshold in capture ... Change-Id: I05dc0cfeb58cad15ed1ee7ff55b880daa9d936a2 |
||
|
Michael Bestas
|
4ea8fcca99 |
Merge tag 'ASB-2024-12-05_4.19-stable' of https://android.googlesource.com/kernel/common into android13-4.19-kona
https://source.android.com/docs/security/bulletin/2024-12-01 * tag 'ASB-2024-12-05_4.19-stable' of https://android.googlesource.com/kernel/common: (401 commits) Linux 4.19.324 9p: fix slab cache name creation for real net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition fs: Fix uninitialized value issue in from_kuid and from_kgid powerpc/powernv: Free name on error in opal_event_init() sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML bpf: use kvzmalloc to allocate BPF verifier environment HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad 9p: Avoid creating multiple slab caches with the same name ALSA: usb-audio: Add endianness annotations vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer ALSA: usb-audio: Add quirks for Dell WD19 dock ALSA: usb-audio: Support jack detection on Dell dock ALSA: usb-audio: Add custom mixer status quirks for RME CC devices ALSA: pcm: Return 0 when size < start_threshold in capture ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() irqchip/gic-v3: Force propagation of the active state with a read-back USB: serial: option: add Quectel RG650V USB: serial: option: add Fibocom FG132 0x0112 composition ... Conflicts: drivers/usb/dwc3/core.c drivers/usb/dwc3/core.h net/qrtr/qrtr.c Change-Id: I328847813eb875d25c4aa35dcc7ba58ad09b53ae |
||
|
Greg Kroah-Hartman
|
874391c94e |
Merge 4.19.325 into android-4.19-stable
Changes in 4.19.325
netlink: terminate outstanding dump on socket close
ocfs2: uncache inode which has failed entering the group
nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint
ocfs2: fix UBSAN warning in ocfs2_verify_volume()
nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint
Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K"
media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set
kbuild: Use uname for LINUX_COMPILE_HOST detection
mm: revert "mm: shmem: fix data-race in shmem_getattr()"
ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet
mac80211: fix user-power when emulating chanctx
selftests/watchdog-test: Fix system accidentally reset after watchdog-test
x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB
net: usb: qmi_wwan: add Quectel RG650V
proc/softirqs: replace seq_printf with seq_put_decimal_ull_width
nvme: fix metadata handling in nvme-passthrough
initramfs: avoid filename buffer overrun
m68k: mvme147: Fix SCSI controller IRQ numbers
m68k: mvme16x: Add and use "mvme16x.h"
m68k: mvme147: Reinstate early console
acpi/arm64: Adjust error handling procedure in gtdt_parse_timer_block()
s390/syscalls: Avoid creation of arch/arch/ directory
hfsplus: don't query the device logical block size multiple times
EDAC/fsl_ddr: Fix bad bit shift operations
crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY
crypto: cavium - Fix the if condition to exit loop after timeout
crypto: bcm - add error check in the ahash_hmac_init function
crypto: cavium - Fix an error handling path in cpt_ucode_load_fw()
time: Fix references to _msecs_to_jiffies() handling of values
soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get()
mmc: mmc_spi: drop buggy snprintf()
ARM: dts: cubieboard4: Fix DCDC5 regulator constraints
regmap: irq: Set lockdep class for hierarchical IRQ domains
firmware: arm_scpi: Check the DVFS OPP count returned by the firmware
drm/mm: Mark drm_mm_interval_tree*() functions with __maybe_unused
wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()
drm/omap: Fix locking in omap_gem_new_dmabuf()
bpf: Fix the xdp_adjust_tail sample prog issue
wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan()
drm/etnaviv: consolidate hardware fence handling in etnaviv_gpu
drm/etnaviv: dump: fix sparse warnings
drm/etnaviv: fix power register offset on GC300
drm/etnaviv: hold GPU lock across perfmon sampling
net: rfkill: gpio: Add check for clk_enable()
ALSA: us122l: Use snd_card_free_when_closed() at disconnection
ALSA: caiaq: Use snd_card_free_when_closed() at disconnection
ALSA: 6fire: Release resources at card release
netpoll: Use rcu_access_pointer() in netpoll_poll_lock
trace/trace_event_perf: remove duplicate samples on the first tracepoint event
powerpc/vdso: Flag VDSO64 entry points as functions
mfd: da9052-spi: Change read-mask to write-mask
cpufreq: loongson2: Unregister platform_driver on failure
mtd: rawnand: atmel: Fix possible memory leak
RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey
mfd: rt5033: Fix missing regmap_del_irq_chip()
scsi: bfa: Fix use-after-free in bfad_im_module_exit()
scsi: fusion: Remove unused variable 'rc'
scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb()
ocfs2: fix uninitialized value in ocfs2_file_read_iter()
powerpc/sstep: make emulate_vsx_load and emulate_vsx_store static
fbdev/sh7760fb: Alloc DMA memory from hardware device
fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem()
dt-bindings: clock: adi,axi-clkgen: convert old binding to yaml format
dt-bindings: clock: axi-clkgen: include AXI clk
clk: axi-clkgen: use devm_platform_ioremap_resource() short-hand
clk: clk-axi-clkgen: make sure to enable the AXI bus clock
perf probe: Correct demangled symbols in C++ program
PCI: cpqphp: Use PCI_POSSIBLE_ERROR() to check config reads
PCI: cpqphp: Fix PCIBIOS_* return value confusion
m68k: mcfgpio: Fix incorrect register offset for CONFIG_M5441x
m68k: coldfire/device.c: only build FEC when HW macros are defined
rpmsg: glink: Add TX_DATA_CONT command while sending
rpmsg: glink: Send READ_NOTIFY command in FIFO full case
rpmsg: glink: Fix GLINK command prefix
rpmsg: glink: use only lower 16-bits of param2 for CMD_OPEN name length
NFSD: Prevent NULL dereference in nfsd4_process_cb_update()
NFSD: Cap the number of bytes copied by nfs4_reset_recoverydir()
vfio/pci: Properly hide first-in-list PCIe extended capability
power: supply: core: Remove might_sleep() from power_supply_put()
net: usb: lan78xx: Fix memory leak on device unplug by freeing PHY device
tg3: Set coherent DMA mask bits to 31 for BCM57766 chipsets
net: usb: lan78xx: Fix refcounting and autosuspend on invalid WoL configuration
marvell: pxa168_eth: fix call balance of pep->clk handling routines
net: stmmac: dwmac-socfpga: Set RX watchdog interrupt as broken
usb: using mutex lock and supporting O_NONBLOCK flag in iowarrior_read()
USB: chaoskey: fail open after removal
USB: chaoskey: Fix possible deadlock chaoskey_list_lock
misc: apds990x: Fix missing pm_runtime_disable()
apparmor: fix 'Do simple duplicate message elimination'
usb: ehci-spear: fix call balance of sehci clk handling routines
ext4: supress data-race warnings in ext4_free_inodes_{count,set}()
ext4: fix FS_IOC_GETFSMAP handling
jfs: xattr: check invalid xattr size more strictly
ASoC: codecs: Fix atomicity violation in snd_soc_component_get_drvdata()
PCI: Fix use-after-free of slot->bus on hot remove
tty: ldsic: fix tty_ldisc_autoload sysctl's proc_handler
Bluetooth: Fix type of len in rfcomm_sock_getsockopt{,_old}()
ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices
Revert "usb: gadget: composite: fix OS descriptors w_value logic"
serial: sh-sci: Clean sci_ports[0] after at earlycon exit
Revert "serial: sh-sci: Clean sci_ports[0] after at earlycon exit"
netfilter: ipset: add missing range check in bitmap_ip_uadt
spi: Fix acpi deferred irq probe
ubi: wl: Put source PEB into correct list if trying locking LEB failed
um: ubd: Do not use drvdata in release
um: net: Do not use drvdata in release
serial: 8250: omap: Move pm_runtime_get_sync
um: vector: Do not use drvdata in release
sh: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
arm64: tls: Fix context-switching of tpidrro_el0 when kpti is enabled
block: fix ordering between checking BLK_MQ_S_STOPPED request adding
HID: wacom: Interpret tilt data from Intuos Pro BT as signed values
media: wl128x: Fix atomicity violation in fmc_send_cmd()
usb: dwc3: gadget: Fix checking for number of TRBs left
lib: string_helpers: silence snprintf() output truncation warning
NFSD: Prevent a potential integer overflow
rpmsg: glink: Propagate TX failures in intentless mode as well
um: Fix the return value of elf_core_copy_task_fpregs
NFSv4.0: Fix a use-after-free problem in the asynchronous open()
rtc: check if __rtc_read_time was successful in rtc_timer_do_work()
ubifs: Correct the total block count by deducting journal reservation
ubi: fastmap: Fix duplicate slab cache names while attaching
jffs2: fix use of uninitialized variable
block: return unsigned int from bdev_io_min
9p/xen: fix init sequence
9p/xen: fix release of IRQ
modpost: remove incorrect code in do_eisa_entry()
sh: intc: Fix use-after-free bug in register_intc_controller()
Linux 4.19.325
Change-Id: I50250c8bd11f9ff4b40da75225c1cfb060e0c258
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Yi Yang
|
dd8bf8eb5b |
crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY
[ Upstream commit 662f2f13e66d3883b9238b0b96b17886179e60e2 ]
Since commit 8f4f68e788c3 ("crypto: pcrypt - Fix hungtask for
PADATA_RESET"), the pcrypt encryption and decryption operations return
-EAGAIN when the CPU goes online or offline. In alg_test(), a WARN is
generated when pcrypt_aead_decrypt() or pcrypt_aead_encrypt() returns
-EAGAIN, the unnecessary panic will occur when panic_on_warn set 1.
Fix this issue by calling crypto layer directly without parallelization
in that case.
Fixes: 8f4f68e788c3 ("crypto: pcrypt - Fix hungtask for PADATA_RESET")
Signed-off-by: Yi Yang <yiyang13@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Greg Kroah-Hartman
|
2d76dea417 |
Merge 4.19.323 into android-4.19-stable
Changes in 4.19.323 staging: iio: frequency: ad9833: Get frequency value statically staging: iio: frequency: ad9833: Load clock using clock framework staging: iio: frequency: ad9834: Validate frequency parameter value usbnet: ipheth: fix carrier detection in modes 1 and 4 net: ethernet: use ip_hdrlen() instead of bit shift net: phy: vitesse: repair vsc73xx autonegotiation scripts: kconfig: merge_config: config files: add a trailing newline arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399 Puma net/mlx5: Update the list of the PCI supported devices net: ftgmac100: Enable TX interrupt to avoid TX timeout net: dpaa: Pad packets to ETH_ZLEN soundwire: stream: Revert "soundwire: stream: fix programming slave ports for non-continous port maps" selftests/vm: remove call to ksft_set_plan() selftests/kcmp: remove call to ksft_set_plan() ASoC: allow module autoloading for table db1200_pids pinctrl: at91: make it work with current gpiolib microblaze: don't treat zero reserved memory regions as error net: ftgmac100: Ensure tx descriptor updates are visible wifi: iwlwifi: mvm: fix iwl_mvm_max_scan_ie_fw_cmd_room() wifi: iwlwifi: mvm: don't wait for tx queues if firmware is dead ASoC: tda7419: fix module autoloading spi: bcm63xx: Enable module autoloading x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency ocfs2: add bounds checking to ocfs2_xattr_find_entry() ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() gpio: prevent potential speculation leaks in gpio_device_get_desc() USB: serial: pl2303: add device id for Macrosilicon MS3020 ACPI: PMIC: Remove unneeded check in tps68470_pmic_opregion_probe() wifi: ath9k: fix parameter check in ath9k_init_debug() wifi: ath9k: Remove error checks when creating debugfs entries netfilter: nf_tables: elements with timeout below CONFIG_HZ never expire wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan() wifi: cfg80211: fix two more possible UBSAN-detected off-by-one errors wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). Bluetooth: btusb: Fix not handling ZPL/short-transfer block, bfq: fix possible UAF for bfqq->bic with merge chain block, bfq: choose the last bfqq from merge chain in bfq_setup_cooperator() block, bfq: don't break merge chain in bfq_split_bfqq() spi: ppc4xx: handle irq_of_parse_and_map() errors spi: ppc4xx: Avoid returning 0 when failed to parse and map IRQ ARM: versatile: fix OF node leak in CPUs prepare reset: berlin: fix OF node leak in probe() error path clocksource/drivers/qcom: Add missing iounmap() on errors in msm_dt_timer_init() hwmon: (max16065) Fix overflows seen when writing limits mtd: slram: insert break after errors in parsing the map hwmon: (ntc_thermistor) fix module autoloading power: supply: max17042_battery: Fix SOC threshold calc w/ no current sense fbdev: hpfb: Fix an error handling path in hpfb_dio_probe() drm/stm: Fix an error handling path in stm_drm_platform_probe() drm/amd: fix typo drm/amdgpu: Replace one-element array with flexible-array member drm/amdgpu: properly handle vbios fake edid sizing drm/radeon: Replace one-element array with flexible-array member drm/radeon: properly handle vbios fake edid sizing drm/rockchip: vop: Allow 4096px width scaling drm/radeon/evergreen_cs: fix int overflow errors in cs track offsets jfs: fix out-of-bounds in dbNextAG() and diAlloc() drm/msm/a5xx: properly clear preemption records on resume drm/msm/a5xx: fix races in preemption evaluation stage ipmi: docs: don't advertise deprecated sysfs entries drm/msm: fix %s null argument error xen: use correct end address of kernel for conflict checking xen/swiotlb: simplify range_straddles_page_boundary() xen/swiotlb: add alignment check for dma buffers selftests/bpf: Fix error compiling test_lru_map.c xz: cleanup CRC32 edits from 2018 kthread: add kthread_work tracepoints kthread: fix task state in kthread worker if being frozen jbd2: introduce/export functions jbd2_journal_submit|finish_inode_data_buffers() ext4: clear EXT4_GROUP_INFO_WAS_TRIMMED_BIT even mount with discard smackfs: Use rcu_assign_pointer() to ensure safe assignment in smk_set_cipso ext4: avoid negative min_clusters in find_group_orlov() ext4: return error on ext4_find_inline_entry ext4: avoid OOB when system.data xattr changes underneath the filesystem nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() nilfs2: determine empty node blocks as corrupted nilfs2: fix potential oob read in nilfs_btree_check_delete() perf sched timehist: Fix missing free of session in perf_sched__timehist() perf sched timehist: Fixed timestamp error when unable to confirm event sched_in time perf time-utils: Fix 32-bit nsec parsing clk: rockchip: Set parent rate for DCLK_VOP clock on RK3228 drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error PCI: xilinx-nwl: Fix register misspelling RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency pinctrl: single: fix missing error code in pcs_probe() clk: ti: dra7-atl: Fix leak of of_nodes pinctrl: mvebu: Fix devinit_dove_pinctrl_probe function RDMA/cxgb4: Added NULL check for lookup_atid ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() nfsd: call cache_put if xdr_reserve_space returns NULL f2fs: enhance to update i_mode and acl atomically in f2fs_setattr() f2fs: fix typo f2fs: fix to update i_ctime in __f2fs_setxattr() f2fs: remove unneeded check condition in __f2fs_setxattr() f2fs: reduce expensive checkpoint trigger frequency coresight: tmc: sg: Do not leak sg_table netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition tcp: introduce tcp_skb_timestamp_us() helper tcp: check skb is non-NULL in tcp_rto_delta_us() net: qrtr: Update packets cloning when broadcasting netfilter: ctnetlink: compile ctnetlink_label_size with CONFIG_NF_CONNTRACK_EVENTS crypto: aead,cipher - zeroize key buffer after use Remove *.orig pattern from .gitignore soc: versatile: integrator: fix OF node leak in probe() error path USB: appledisplay: close race between probe and completion handler USB: misc: cypress_cy7c63: check for short transfer firmware_loader: Block path traversal tty: rp2: Fix reset with non forgiving PCIe host bridges drbd: Fix atomicity violation in drbd_uuid_set_bm() drbd: Add NULL check for net_conf to prevent dereference in state validation ACPI: sysfs: validate return type of _STR method f2fs: prevent possible int overflow in dir_block_index() f2fs: avoid potential int overflow in sanity_check_area_boundary() vfs: fix race between evice_inodes() and find_inode()&iput() fs: Fix file_set_fowner LSM hook inconsistencies nfs: fix memory leak in error path of nfs4_do_reclaim PCI: xilinx-nwl: Use irq_data_get_irq_chip_data() PCI: xilinx-nwl: Fix off-by-one in INTx IRQ handler soc: versatile: realview: fix memory leak during device remove soc: versatile: realview: fix soc_dev leak during device remove usb: yurex: Replace snprintf() with the safer scnprintf() variant USB: misc: yurex: fix race between read and write pps: remove usage of the deprecated ida_simple_xx() API pps: add an error check in parport_attach i2c: aspeed: Update the stop sw state when the bus recovery occurs i2c: isch: Add missed 'else' usb: yurex: Fix inconsistent locking bug in yurex_read() mailbox: rockchip: fix a typo in module autoloading mailbox: bcm2835: Fix timeout during suspend mode ceph: remove the incorrect Fw reference check when dirtying pages netfilter: uapi: NFTA_FLOWTABLE_HOOK is NLA_NESTED netfilter: nf_tables: prevent nf_skb_duplicated corruption r8152: Factor out OOB link list waits net: ethernet: lantiq_etop: fix memory disclosure net: avoid potential underflow in qdisc_pkt_len_init() with UFO net: add more sanity checks to qdisc_pkt_len_init() ipv4: ip_gre: Fix drops of small packets in ipgre_xmit sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin f2fs: Require FMODE_WRITE for atomic write ioctls wifi: ath9k: fix possible integer overflow in ath9k_get_et_stats() wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit net: hisilicon: hip04: fix OF node leak in probe() net: hisilicon: hns_dsaf_mac: fix OF node leak in hns_mac_get_info() net: hisilicon: hns_mdio: fix OF node leak in probe() ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails ACPICA: Fix memory leak if acpi_ps_get_next_field() fails ACPI: EC: Do not release locks during operation region accesses ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() tipc: guard against string buffer overrun net: mvpp2: Increase size of queue_name buffer ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR). ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process ACPICA: iasl: handle empty connection_node wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() signal: Replace BUG_ON()s ALSA: asihpi: Fix potential OOB array access ALSA: hdsp: Break infinite MIDI input flush loop fbdev: pxafb: Fix possible use after free in pxafb_task() power: reset: brcmstb: Do not go into infinite loop if reset fails ata: sata_sil: Rename sil_blacklist to sil_quirks jfs: UBSAN: shift-out-of-bounds in dbFindBits jfs: Fix uaf in dbFreeBits jfs: check if leafidx greater than num leaves per dmap tree jfs: Fix uninit-value access of new_ea in ea_buffer drm/amd/display: Check stream before comparing them drm/amd/display: Fix index out of bounds in degamma hardware format translation drm/printer: Allow NULL data in devcoredump printer scsi: aacraid: Rearrange order of struct aac_srb_unit drm/radeon/r100: Handle unknown family in r100_cp_init_microcode() of/irq: Refer to actual buffer size in of_irq_parse_one() ext4: ext4_search_dir should return a proper error ext4: fix i_data_sem unlock order in ext4_ind_migrate() spi: s3c64xx: fix timeout counters in flush_fifo selftests: breakpoints: use remaining time to check if suspend succeed selftests: vDSO: fix vDSO symbols lookup for powerpc64 i2c: xiic: Wait for TX empty to avoid missed TX NAKs spi: bcm63xx: Fix module autoloading perf/core: Fix small negative period being ignored parisc: Fix itlb miss handler for 64-bit programs ALSA: core: add isascii() check to card ID generator ext4: no need to continue when the number of entries is 1 ext4: propagate errors from ext4_find_extent() in ext4_insert_range() ext4: fix incorrect tid assumption in __jbd2_log_wait_for_space() ext4: aovid use-after-free in ext4_ext_insert_extent() ext4: fix double brelse() the buffer of the extents path ext4: fix incorrect tid assumption in ext4_wait_for_tail_page_commit() parisc: Fix 64-bit userspace syscall path of/irq: Support #msi-cells=<0> in of_msi_get_domain jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error ocfs2: fix the la space leak when unmounting an ocfs2 volume ocfs2: fix uninit-value in ocfs2_get_block() ocfs2: reserve space for inline xattr before attaching reflink tree ocfs2: cancel dqi_sync_work before freeing oinfo ocfs2: remove unreasonable unlock in ocfs2_read_blocks ocfs2: fix null-ptr-deref when journal load failed. ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate riscv: define ILLEGAL_POINTER_VALUE for 64bit aoe: fix the potential use-after-free problem in more places clk: rockchip: fix error for unknown clocks media: uapi/linux/cec.h: cec_msg_set_reply_to: zero flags media: venus: fix use after free bug in venus_remove due to race condition iio: magnetometer: ak8975: Fix reading for ak099xx sensors tomoyo: fallback to realpath if symlink's pathname does not exist Input: adp5589-keys - fix adp5589_gpio_get_value() btrfs: wait for fixup workers before stopping cleaner kthread during umount gpio: davinci: fix lazy disable ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path ext4: fix slab-use-after-free in ext4_split_extent_at() ext4: update orig_path in ext4_find_extent() arm64: Add Cortex-715 CPU part definition arm64: cputype: Add Neoverse-N3 definitions arm64: errata: Expand speculative SSBS workaround once more uprobes: fix kernel info leak via "[uprobes]" vma nfsd: use ktime_get_seconds() for timestamps nfsd: fix delegation_blocked() to block correctly for at least 30 seconds rtc: at91sam9: drop platform_data support rtc: at91sam9: fix OF node leak in probe() error path ACPI: battery: Simplify battery hook locking ACPI: battery: Fix possible crash when unregistering a battery hook ext4: fix inode tree inconsistency caused by ENOMEM net: ethernet: cortina: Drop TSO support tracing: Remove precision vsnprintf() check from print event drm: Move drm_mode_setcrtc() local re-init to failure path drm/crtc: fix uninitialized variable use even harder virtio_console: fix misc probe bugs Input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal bpf: Check percpu map value size first s390/facility: Disable compile time optimization for decompressor code s390/mm: Add cond_resched() to cmm_alloc/free_pages() ext4: nested locking for xattr inode s390/cpum_sf: Remove WARN_ON_ONCE statements ktest.pl: Avoid false positives with grub2 skip regex clk: bcm: bcm53573: fix OF node leak in init i2c: i801: Use a different adapter-name for IDF adapters PCI: Mark Creative Labs EMU20k2 INTx masking as broken media: videobuf2-core: clear memory related fields in __vb2_plane_dmabuf_put() usb: chipidea: udc: enable suspend interrupt after usb reset tools/iio: Add memory allocation failure check for trigger_name driver core: bus: Return -EIO instead of 0 when show/store invalid bus attribute fbdev: sisfb: Fix strbuf array overflow NFS: Remove print_overflow_msg() SUNRPC: Fix integer overflow in decode_rc_list() tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe netfilter: br_netfilter: fix panic with metadata_dst skb Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change gpio: aspeed: Add the flush write to ensure the write complete. clk: Add (devm_)clk_get_optional() functions clk: generalize devm_clk_get() a bit clk: Provide new devm_clk helpers for prepared and enabled clocks gpio: aspeed: Use devm_clk api to manage clock source igb: Do not bring the device up after non-fatal error net: ibm: emac: mal: fix wrong goto ppp: fix ppp_async_encode() illegal access net: ipv6: ensure we call ipv6_mc_down() at most once CDC-NCM: avoid overflow in sanity checking HID: plantronics: Workaround for an unexcepted opposite volume key Revert "usb: yurex: Replace snprintf() with the safer scnprintf() variant" usb: xhci: Fix problem with xhci resume from suspend usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip net: Fix an unsafe loop on the list posix-clock: Fix missing timespec64 check in pc_clock_settime() arm64: probes: Remove broken LDR (literal) uprobe support arm64: probes: Fix simulate_ldr*_literal() PCI: Add function 0 DMA alias quirk for Glenfly Arise chip fat: fix uninitialized variable KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() net: dsa: mv88e6xxx: Fix out-of-bound access s390/sclp_vt220: Convert newlines to CRLF instead of LFCR KVM: s390: Change virtual to physical address access in diag 0x258 handler x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET drm/vmwgfx: Handle surface check failure correctly iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig iio: adc: ti-ads8688: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig iio: hid-sensors: Fix an error handling path in _hid_sensor_set_report_latency() iio: light: opt3001: add missing full-scale range value Bluetooth: Remove debugfs directory on module init failure Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001 xhci: Fix incorrect stream context type macro USB: serial: option: add support for Quectel EG916Q-GL USB: serial: option: add Telit FN920C04 MBIM compositions parport: Proper fix for array out-of-bounds access x86/apic: Always explicitly disarm TSC-deadline timer nilfs2: propagate directory read errors from nilfs_find_entry() clk: Fix pointer casting to prevent oops in devm_clk_release() clk: Fix slab-out-of-bounds error in devm_clk_release() RDMA/bnxt_re: Fix incorrect AVID type in WQE structure RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP RDMA/bnxt_re: Return more meaningful error drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate calculation macsec: don't increment counters for an unrelated SA net: ethernet: aeroflex: fix potential memory leak in greth_start_xmit_gbit() net: systemport: fix potential memory leak in bcm_sysport_xmit() usb: typec: altmode should keep reference to parent Bluetooth: bnep: fix wild-memory-access in proto_unregister arm64:uprobe fix the uprobe SWBP_INSN in big-endian arm64: probes: Fix uprobes for big-endian kernels KVM: s390: gaccess: Refactor gpa and length calculation KVM: s390: gaccess: Refactor access address range check KVM: s390: gaccess: Cleanup access to guest pages KVM: s390: gaccess: Check if guest address is in memslot udf: fix uninit-value use in udf_get_fileshortad jfs: Fix sanity check in dbMount net/sun3_82586: fix potential memory leak in sun3_82586_send_packet() be2net: fix potential memory leak in be_xmit() net: usb: usbnet: fix name regression posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() ALSA: hda/realtek: Update default depop procedure drm/amd: Guard against bad data for ATIF ACPI method ACPI: button: Add DMI quirk for Samsung Galaxy Book2 to fix initial lid detection issue nilfs2: fix kernel bug due to missing clearing of buffer delay flag hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event selinux: improve error checking in sel_write_load() arm64/uprobes: change the uprobe_opcode_t typedef to fix the sparse warning xfrm: validate new SA's prefixlen using SA family when sel.family is unset usb: dwc3: remove generic PHY calibrate() calls usb: dwc3: Add splitdisable quirk for Hisilicon Kirin Soc usb: dwc3: core: Stop processing of pending events if controller is halted cgroup: Fix potential overflow issue when checking max_depth wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys gtp: simplify error handling code in 'gtp_encap_enable()' gtp: allow -1 to be specified as file description from userspace net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT bpf: Fix out-of-bounds write in trie_get_next_key() net: support ip generic csum processing in skb_csum_hwoffload_help net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension netfilter: nft_payload: sanitize offset and length before calling skb_checksum() firmware: arm_sdei: Fix the input parameter of cpuhp_remove_state() net: amd: mvme147: Fix probe banner message misc: sgi-gru: Don't disable preemption in GRU driver usbip: tools: Fix detach_port() invalid port error path usb: phy: Fix API devm_usb_put_phy() can not release the phy xhci: Fix Link TRB DMA in command ring stopped completion event Revert "driver core: Fix uevent_show() vs driver detach race" wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower wifi: ath10k: Fix memory leak in management tx wifi: iwlegacy: Clear stale interrupts before resuming device nilfs2: fix potential deadlock with newly created symlinks ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow nilfs2: fix kernel bug due to missing clearing of checked flag mm: shmem: fix data-race in shmem_getattr() vt: prevent kernel-infoleak in con_font_get() Linux 4.19.323 Change-Id: I2348f834187153067ab46b3b48b8fe7da9cee1f1 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Hailey Mothershead
|
89b9b6fa44 |
crypto: aead,cipher - zeroize key buffer after use
commit 23e4099bdc3c8381992f9eb975c79196d6755210 upstream. I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish this by using kfree_sensitive for buffers that previously held the private key. Signed-off-by: Hailey Mothershead <hailmo@amazon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Michael Bestas
|
a5b896d56b |
Merge remote-tracking branch 'sm8250/lineage-20' into lineage-21
* sm8250/lineage-20: msm/sde: prevent double register of input handler scsi: ufs: Use WQ_HIGHPRI for gating work. scsi: ufs: disable clock scaling scsi: ufs: atomic update for clkgating_enable scsi: ufs: call single_release to avoid memory leak scsi: ufs: Disable interrupt in reset path cpuidle: Do not select menu and ladder governors msm: ipa3: Changes to fix memory leak issue msm: ipa: avoid OOM Killer for temp allocations msm: ipa: use lower order pages UPSTREAM: HID: playstation: support updated DualSense rumble mode. UPSTREAM: HID: playstation: add initial DualSense Edge controller support UPSTREAM: HID: playstation: add DualSense player LED support. UPSTREAM: HID: playstation: add microphone mute support for DualSense. UPSTREAM: HID: playstation: add initial DualSense lightbar support. UPSTREAM: HID: playstation: fix array size comparison (off-by-one) UPSTREAM: HID: playstation: fix unused variable in ps_battery_get_property. BACKPORT: HID: playstation: report DualSense hardware and firmware version. BACKPORT: HID: playstation: add DualSense classic rumble support. UPSTREAM: HID: playstation: add DualSense Bluetooth support. ... Conflicts: drivers/platform/msm/ipa/ipa_v3/ipa_debugfs.c drivers/platform/msm/ipa/ipa_v3/ipa_dp.c techpack/display/msm/sde/sde_encoder.c Change-Id: Ib30991f8aac0aefced4ec05f4792482c2439cf83 |
||
|
Michael Bestas
|
18144fafc4 |
Merge tag 'ASB-2024-06-05_4.19-stable' of https://android.googlesource.com/kernel/common into android13-4.19-kona
https://source.android.com/docs/security/bulletin/2024-06-01 CVE-2024-26926 * tag 'ASB-2024-06-05_4.19-stable' of https://android.googlesource.com/kernel/common: BACKPORT: net: fix __dst_negative_advice() race Linux 4.19.315 docs: kernel_include.py: Cope with docutils 0.21 serial: kgdboc: Fix NMI-safety problems from keyboard reset code tracing: Remove unnecessary var_ref destroy in track_data_destroy() tracing: Generalize hist trigger onmax and save action tracing: Split up onmatch action data tracing: Refactor hist trigger action code tracing: Have the historgram use the result of str_has_prefix() for len of prefix tracing: Use str_has_prefix() instead of using fixed sizes tracing: Use str_has_prefix() helper for histogram code string.h: Add str_has_prefix() helper function tracing: Consolidate trace_add/remove_event_call back to the nolock functions tracing: Remove unneeded synth_event_mutex tracing: Use dyn_event framework for synthetic events tracing: Add unified dynamic event framework tracing: Simplify creation and deletion of synthetic events btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() dm: limit the number of targets and parameter size area Revert "selftests: mm: fix map_hugetlb failure on 64K page size systems" Linux 4.19.314 af_unix: Suppress false-positive lockdep splat for spin_lock() in __unix_gc(). net: fix out-of-bounds access in ops_init drm/vmwgfx: Fix invalid reads in fence signaled events dyndbg: fix old BUG_ON in >control parser tipc: fix UAF in error path usb: gadget: f_fs: Fix a race condition when processing setup packets. usb: gadget: composite: fix OS descriptors w_value logic firewire: nosy: ensure user_length is taken into account when fetching packet contents af_unix: Fix garbage collector racing against connect() af_unix: Do not use atomic ops for unix_sk(sk)->inflight. ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() net: bridge: fix corrupted ethernet header on multicast-to-unicast phonet: fix rtm_phonet_notify() skb allocation rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets tcp: remove redundant check on tskb net:usb:qmi_wwan: support Rolling modules fs/9p: drop inodes immediately on non-.L too gpio: crystalcove: Use -ENOTSUPP consistently gpio: wcove: Use -ENOTSUPP consistently 9p: explicitly deny setlease attempts fs/9p: translate O_TRUNC into OTRUNC fs/9p: only translate RWX permissions for plain 9P2000 selftests: timers: Fix valid-adjtimex signed left-shift undefined behavior scsi: target: Fix SELinux error when systemd-modules loads the target module btrfs: always clear PERTRANS metadata during commit btrfs: make btrfs_clear_delalloc_extent() free delalloc reserve tools/power turbostat: Fix Bzy_MHz documentation typo tools/power turbostat: Fix added raw MSR output firewire: ohci: mask bus reset interrupts between ISR and bottom half ata: sata_gemini: Check clk_enable() result net: bcmgenet: Reset RBUF on first open ALSA: line6: Zero-initialize message buffers scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload net: mark racy access on sk->sk_rcvbuf wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc gfs2: Fix invalid metadata access in punch_hole scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic tipc: fix a possible memleak in tipc_buf_append net: bridge: fix multicast-to-unicast with fraglist GSO net: dsa: mv88e6xxx: Fix number of databases for 88E6141 / 88E6341 net: dsa: mv88e6xxx: Add number of MACs in the ATU net l2tp: drop flow hash on forward nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). bna: ensure the copied buf is NUL terminated s390/mm: Fix clearing storage keys for huge pages s390/mm: Fix storage key clearing for guest huge pages pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() power: rt9455: hide unused rt9455_boost_voltage_values pinctrl: core: delete incorrect free in pinctrl_enable() ethernet: Add helper for assigning packet type when dest address does not match device address ethernet: add a helper for assigning port addresses net: slightly optimize eth_type_trans drm/amdgpu: Fix leak when GPU memory allocation fails drm/amdkfd: change system memory overcommit limit wifi: nl80211: don't free NULL coalescing rule dmaengine: Revert "dmaengine: pl330: issue_pending waits until WFP state" dmaengine: pl330: issue_pending waits until WFP state Linux 4.19.313 serial: core: fix kernel-doc for uart_port_unlock_irqrestore() udp: preserve the connected status if only UDP cmsg Revert "y2038: rusage: use __kernel_old_timeval" Revert "loop: Remove sector_t truncation checks" HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up i2c: smbus: fix NULL function pointer dereference idma64: Don't try to serve interrupts when device is powered off dmaengine: owl: fix register access functions tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() tcp: Clean up kernel listener's reqsk in inet_twsk_purge() mtd: diskonchip: work around ubsan link failure stackdepot: respect __GFP_NOLOCKDEP allocation flag net: b44: set pause params only when interface is up irqchip/gic-v3-its: Prevent double free on error arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 Puma btrfs: fix information leak in btrfs_ioctl_logical_to_ino() Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker together tracing: Show size of requested perf buffer Revert "crypto: api - Disallow identical driver names" drm/amdgpu: validate the parameters of bo mapping operations more clearly amdgpu: validate offset_in_bo of drm_amdgpu_gem_va drm/amdgpu: restrict bo mapping within gpu address limits serial: mxs-auart: add spinlock around changing cts state serial: core: Provide port lock wrappers i40e: Do not use WQ_MEM_RECLAIM flag for workqueue net: openvswitch: Fix Use-After-Free in ovs_ct_exit net: openvswitch: ovs_ct_exit to be done under ovs_lock ipvs: Fix checksumming on GSO of SCTP packets net: gtp: Fix Use-After-Free in gtp_dellink net: usb: ax88179_178a: stop lying about skb->truesize NFC: trf7970a: disable all regulators on removal mlxsw: core: Unregister EMAD trap using FORWARD action vxlan: drop packets from invalid src-address ARC: [plat-hsdk]: Remove misplaced interrupt-cells property arm64: dts: mediatek: mt7622: drop "reset-names" from thermal block arm64: dts: mediatek: mt7622: fix ethernet controller "compatible" arm64: dts: mediatek: mt7622: fix IR nodename arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for RK3399 Puma arm64: dts: rockchip: fix alphabetical ordering RK3399 puma tracing: Use var_refs[] for hist trigger reference checking tracing: Remove hist trigger synth_var_refs nilfs2: fix OOB in nilfs_set_de_type nouveau: fix instmem race condition around ptr stores fs: sysfs: Fix reference leak in sysfs_break_active_protection() speakup: Avoid crash on very long word usb: dwc2: host: Fix dereference issue in DDMA completion flow. Revert "usb: cdc-wdm: close race between read and workqueue" USB: serial: option: add Telit FN920C04 rmnet compositions USB: serial: option: add Rolling RW101-GL and RW135-GL support USB: serial: option: support Quectel EM060K sub-models USB: serial: option: add Lonsung U8300/U9300 product USB: serial: option: add support for Fibocom FM650/FG650 USB: serial: option: add Fibocom FM135-GL variants serial/pmac_zilog: Remove flawed mitigation for rx irq flood comedi: vmk80xx: fix incomplete endpoint checking drm: nv04: Fix out of bounds access RDMA/mlx5: Fix port number for counter query in multi-port configuration tun: limit printing rate when illegal packet received by tun dev netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() netfilter: nf_tables: __nft_expr_type_get() selects specific family type Revert "tracing/trigger: Fix to return error if failed to alloc snapshot" kprobes: Fix possible use-after-free issue on kprobe registration selftests/ftrace: Limit length in subsystem-enable tests btrfs: record delayed inode root in transaction x86/apic: Force native_apic_mem_read() to use the MOV instruction selftests: timers: Fix abs() warning in posix_timers test vhost: Add smp_rmb() in vhost_vq_avail_empty() tracing: hide unused ftrace_event_id_fops net/mlx5: Properly link new fs rules into the tree ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr ipv4/route: avoid unused-but-set-variable warning ipv6: fib: hide unused 'pn' variable geneve: fix header validation in geneve[6]_xmit_skb nouveau: fix function cast warning Bluetooth: Fix memory leak in hci_req_sync_complete() batman-adv: Avoid infinite loop trying to resize local TT Conflicts: drivers/net/usb/ax88179_178a.c Change-Id: I73f07cafe3403d98dad2e4a8b34f89cfbd49818c |
||
|
Michael Bestas
|
7b75470252 |
Merge remote-tracking branch 'sm8250/lineage-20' into lineage-21
* sm8250/lineage-20:
alarmtimer: Make alarmtimer platform device child of RTC device
Revert "timers: Rename del_timer_sync() to timer_delete_sync()"
Revert "geneve: make sure to pull inner header in geneve_rx()"
Linux 4.19.312
amdkfd: use calloc instead of kzalloc to avoid integer overflow
initramfs: fix populate_initrd_image() section mismatch
ip_gre: do not report erspan version on GRE interface
erspan: Check IFLA_GRE_ERSPAN_VER is set.
VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler()
Bluetooth: btintel: Fixe build regression
x86/mm/pat: fix VM_PAT handling in COW mappings
virtio: reenable config if freezing device failed
drm/vkms: call drm_atomic_helper_shutdown before drm_dev_put()
tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
fbmon: prevent division by zero in fb_videomode_from_videomode()
fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2
usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined
tools: iio: replace seekdir() in iio_generic_buffer
ktest: force $buildonly = 1 for 'make_warnings_file' test type
Input: allocate keycode for Display refresh rate toggle
block: prevent division by zero in blk_rq_stat_sum()
SUNRPC: increase size of rpc_wait_queue.qlen from unsigned short to unsigned int
drm/amd/display: Fix nanosec stat overflow
media: sta2x11: fix irq handler cast
isofs: handle CDs with bad root inode but good Joliet root directory
scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()
sysv: don't call sb_bread() with pointers_lock held
Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails
Bluetooth: btintel: Fix null ptr deref in btintel_read_version
btrfs: send: handle path ref underflow in header iterate_inode_ref()
btrfs: export: handle invalid inode or root reference in btrfs_get_parent()
btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()
tools/power x86_energy_perf_policy: Fix file leak in get_pkg_num()
arm64: dts: rockchip: fix rk3399 hdmi ports node
VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
wifi: ath9k: fix LNA selection in ath_ant_try_scan()
ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone
ata: sata_mv: Fix PCI device ID table declaration compilation warning
ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit
ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw
erspan: make sure erspan_base_hdr is present in skb->head
erspan: Add type I version 0 support.
init: open /initrd.image with O_LARGEFILE
initramfs: switch initramfs unpacking to struct file based APIs
fs: add a vfs_fchmod helper
fs: add a vfs_fchown helper
initramfs: factor out a helper to populate the initrd image
staging: vc04_services: fix information leak in create_component()
staging: vc04_services: changen strncpy() to strscpy_pad()
staging: mmal-vchiq: Fix client_component for 64 bit kernel
staging: mmal-vchiq: Allocate and free components as required
staging: mmal-vchiq: Avoid use of bool in structures
i40e: fix vf may be used uninitialized in this function warning
ipv6: Fix infinite recursion in fib6_dump_done().
selftests: reuseaddr_conflict: add missing new line at the end of the output
net: stmmac: fix rx queue priority assignment
net/sched: act_skbmod: prevent kernel-infoleak
netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()
mm, vmscan: prevent infinite loop for costly GFP_NOIO | __GFP_RETRY_MAYFAIL allocations
Revert "x86/mm/ident_map: Use gbpages only where full GB page should be mapped."
net/rds: fix possible cp null dereference
netfilter: nf_tables: disallow timeout for anonymous sets
Bluetooth: Fix TOCTOU in HCI debugfs implementation
Bluetooth: hci_event: set the conn encrypted before conn establishes
r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d
tcp: properly terminate timers for kernel sockets
mptcp: add sk_stop_timer_sync helper
nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
USB: core: Fix deadlock in usb_deauthorize_interface()
scsi: lpfc: Correct size for wqe for memset()
x86/cpu: Enable STIBP on AMD if Automatic IBRS is enabled
scsi: qla2xxx: Fix command flush on cable pull
usb: udc: remove warning when queue disabled ep
usb: dwc2: gadget: LPM flow fix
usb: dwc2: host: Fix ISOC flow in DDMA mode
usb: dwc2: host: Fix hibernation flow
usb: dwc2: host: Fix remote wakeup from hibernation
loop: loop_set_status_from_info() check before assignment
loop: Check for overflow while configuring loop
loop: Factor out configuring loop from status
powerpc: xor_vmx: Add '-mhard-float' to CFLAGS
efivarfs: Request at most 512 bytes for variable names
perf/core: Fix reentry problem in perf_output_read_group()
loop: properly observe rotational flag of underlying device
loop: Refactor loop_set_status() size calculation
loop: Factor out setting loop device size
loop: Remove sector_t truncation checks
loop: Call loop_config_discard() only after new config is applied
Revert "loop: Check for overflow while configuring loop"
btrfs: allocate btrfs_ioctl_defrag_range_args on stack
printk: Update @console_may_schedule in console_trylock_spinning()
fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion
ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs
usb: cdc-wdm: close race between read and workqueue
exec: Fix NOMMU linux_binprm::exec in transfer_args_to_stack()
wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes
mm/migrate: set swap entry values of THP tail pages properly.
mm/memory-failure: fix an incorrect use of tail pages
vt: fix memory overlapping when deleting chars in the buffer
vt: fix unicode buffer corruption when deleting characters
tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled
usb: port: Don't try to peer unused USB ports based on location
usb: gadget: ncm: Fix handling of zero block length packets
USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command
ALSA: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897 platform
xfrm: Avoid clang fortify warning in copy_to_user_tmpl()
netfilter: nf_tables: reject constant set with timeout
netfilter: nf_tables: disallow anonymous set with timeout flag
comedi: comedi_test: Prevent timers rescheduling during deletion
ahci: asm1064: asm1166: don't limit reported ports
ahci: asm1064: correct count of reported ports
x86/CPU/AMD: Update the Zenbleed microcode revisions
nilfs2: prevent kernel bug at submit_bh_wbc()
nilfs2: use a more common logging style
nilfs2: fix failure to detect DAT corruption in btree and direct mappings
memtest: use {READ,WRITE}_ONCE in memory scanning
drm/vc4: hdmi: do not return negative values from .get_modes()
drm/imx/ipuv3: do not return negative values from .get_modes()
s390/zcrypt: fix reference counting on zcrypt card objects
soc: fsl: qbman: Use raw spinlock for cgr_lock
soc: fsl: qbman: Add CGR update function
soc: fsl: qbman: Add helper for sanity checking cgr ops
soc: fsl: qbman: Always disable interrupts when taking cgr_lock
vfio/platform: Disable virqfds on cleanup
kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1
speakup: Fix 8bit characters from direct synth
slimbus: core: Remove usage of the deprecated ida_simple_xx() API
ext4: fix corruption during on-line resize
hwmon: (amc6821) add of_match table
mmc: core: Fix switch on gp3 partition
dm-raid: fix lockdep waring in "pers->hot_add_disk"
Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d""
PCI/PM: Drain runtime-idle callbacks before driver removal
PCI: Drop pci_device_remove() test of pci_dev->driver
fuse: don't unhash root
mmc: tmio: avoid concurrent runs of mmc_request_done()
PM: sleep: wakeirq: fix wake irq warning in system suspend
USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M
USB: serial: option: add MeiG Smart SLM320 product
USB: serial: cp210x: add ID for MGP Instruments PDS100
USB: serial: add device ID for VeriFone adapter
USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB
powerpc/fsl: Fix mfpmr build errors with newer binutils
clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays
clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays
clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays
PM: suspend: Set mem_sleep_current during kernel command line setup
parisc: Strip upper 32 bit of sum in csum_ipv6_magic for 64-bit builds
parisc: Fix csum_ipv6_magic on 64-bit systems
parisc: Fix csum_ipv6_magic on 32-bit systems
parisc: Fix ip_fast_csum
parisc: Do not hardcode registers in checksum functions
ubi: correct the calculation of fastmap size
ubi: Check for too small LEB size in VTBL code
ubifs: Set page uptodate in the correct place
fat: fix uninitialized field in nostale filehandles
crypto: qat - resolve race condition during AER recovery
crypto: qat - fix double free during reset
sparc: vDSO: fix return value of __setup handler
sparc64: NMI watchdog: fix return value of __setup handler
KVM: Always flush async #PF workqueue when vCPU is being destroyed
media: xc4000: Fix atomicity violation in xc4000_get_frequency
arm: dts: marvell: Fix maxium->maxim typo in brownstone dts
ARM: dts: mmp2-brownstone: Don't redeclare phandle references
smack: Handle SMACK64TRANSMUTE in smack_inode_setsecurity()
smack: Set SMACK64TRANSMUTE only for dirs in smack_inode_setxattr()
wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
timers: Rename del_timer_sync() to timer_delete_sync()
timers: Use del_timer_sync() even on UP
timers: Update kernel-doc for various functions
timers: Prepare support for PREEMPT_RT
timer/trace: Improve timer tracing
timer/trace: Replace deprecated vsprintf pointer extension %pf by %ps
x86/bugs: Use sysfs_emit()
x86/cpu: Support AMD Automatic IBRS
Documentation/hw-vuln: Update spectre doc
Linux 4.19.311
crypto: af_alg - Work around empty control messages without MSG_MORE
crypto: af_alg - Fix regression on empty requests
spi: spi-mt65xx: Fix NULL pointer access in interrupt handler
net/bnx2x: Prevent access to a freed page in page_pool
hsr: Handle failures in module init
rds: introduce acquire/release ordering in acquire/release_in_xmit()
hsr: Fix uninit-value access in hsr_get_node()
net: hsr: fix placement of logical operator in a multi-line statement
usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin
staging: greybus: fix get_channel_from_mode() failure path
serial: 8250_exar: Don't remove GPIO device on suspend
rtc: mt6397: select IRQ_DOMAIN instead of depending on it
kconfig: fix infinite loop when expanding a macro at the end of file
tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT
serial: max310x: fix syntax error in IRQ error message
clk: qcom: gdsc: Add support to update GDSC transition delay
NFS: Fix an off by one in root_nfs_cat()
net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr()
scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn
scsi: csiostor: Avoid function pointer casts
ALSA: usb-audio: Stop parsing channels bits when all channels are found.
sparc32: Fix section mismatch in leon_pci_grpci
backlight: lp8788: Fully initialize backlight_properties during probe
backlight: lm3639: Fully initialize backlight_properties during probe
backlight: da9052: Fully initialize backlight_properties during probe
backlight: lm3630a: Don't set bl->props.brightness in get_brightness
backlight: lm3630a: Initialize backlight_properties on init
powerpc/embedded6xx: Fix no previous prototype for avr_uart_send() etc.
powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks
drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip
media: go7007: fix a memleak in go7007_load_encoder
media: dvb-frontends: avoid stack overflow warnings with clang
media: pvrusb2: fix uaf in pvr2_context_set_notify
drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int()
ASoC: meson: axg-tdm-interface: fix mclk setup without mclk-fs
mtd: rawnand: lpc32xx_mlc: fix irq handler prototype
crypto: arm/sha - fix function cast warnings
crypto: arm - Rename functions to avoid conflict with crypto/sha256.h
mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref
drm/tegra: put drm_gem_object ref on error in tegra_fb_create
clk: hisilicon: hi3519: Release the correct number of gates in hi3519_clk_unregister()
PCI: Mark 3ware-9650SE Root Port Extended Tags as broken
drm/mediatek: dsi: Fix DSI RGB666 formats and definitions
clk: qcom: dispcc-sdm845: Adjust internal GDSC wait times
firmware: qcom: scm: Add WLAN VMID for Qualcomm SCM interface
media: pvrusb2: fix pvr2_stream_callback casts
media: go7007: add check of return value of go7007_read_addr()
ALSA: seq: fix function cast warnings
drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode()
perf thread_map: Free strlist on normal path in thread_map__new_by_tid_str()
quota: Fix rcu annotations of inode dquot pointers
quota: Fix potential NULL pointer dereference
quota: simplify drop_dquot_ref()
quota: check time limit when back out space/inode change
fs/quota: erase unused but set variable warning
quota: code cleanup for __dquot_alloc_space()
clk: qcom: reset: Ensure write completion on reset de/assertion
clk: qcom: reset: Commonize the de/assert functions
clk: qcom: reset: support resetting multiple bits
clk: qcom: reset: Allow specifying custom reset delay
media: edia: dvbdev: fix a use-after-free
media: dvb-core: Fix use-after-free due to race at dvb_register_device()
media: dvbdev: fix error logic at dvb_register_device()
media: dvbdev: Fix memleak in dvb_register_device
media: media/dvb: Use kmemdup rather than duplicating its implementation
media: dvbdev: remove double-unlock
media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity
media: v4l2-tpg: fix some memleaks in tpg_alloc
media: em28xx: annotate unchecked call to media_device_register()
ABI: sysfs-bus-pci-devices-aer_stats uses an invalid tag
perf evsel: Fix duplicate initialization of data->id in evsel__parse_sample()
media: tc358743: register v4l2 async device only after successful setup
drm/rockchip: lvds: do not print scary message when probing defer
drm/rockchip: lvds: do not overwrite error code
drm: Don't treat 0 as -1 in drm_fixp2int_ceil
drm/rockchip: inno_hdmi: Fix video timing
drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path of tegra_dsi_probe()
drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe()
drm/tegra: dsi: Make use of the helper function dev_err_probe()
gpu: host1x: mipi: Update tegra_mipi_request() to be node based
drm/tegra: dsi: Add missing check for of_find_device_by_node
dm: call the resume method on internal suspend
dm raid: fix false positive for requeue needed during reshape
nfp: flower: handle acti_netdevs allocation failure
net/x25: fix incorrect parameter validation in the x25_getsockopt() function
net: kcm: fix incorrect parameter validation in the kcm_getsockopt) function
udp: fix incorrect parameter validation in the udp_lib_getsockopt() function
l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function
tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function
ipv6: fib6_rules: flush route cache when rule is changed
bpf: Fix stackmap overflow check on 32-bit arches
bpf: Fix hashtab overflow check on 32-bit arches
sr9800: Add check for usbnet_get_endpoints
Bluetooth: hci_core: Fix possible buffer overflow
Bluetooth: Remove superfluous call to hci_conn_check_pending()
igb: Fix missing time sync events
igb: move PEROUT and EXTTS isr logic to separate functions
mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove function
SUNRPC: fix some memleaks in gssx_dec_option_array
x86, relocs: Ignore relocations in .notes section
ACPI: scan: Fix device check notification handling
ARM: dts: arm: realview: Fix development chip ROM compatible value
wifi: brcmsmac: avoid function pointer casts
iommu/amd: Mark interrupt as managed
bus: tegra-aconnect: Update dependency to ARCH_TEGRA
ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()
wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()
af_unix: Annotate data-race of gc_in_progress in wait_for_unix_gc().
sock_diag: annotate data-races around sock_diag_handlers[family]
wifi: mwifiex: debugfs: Drop unnecessary error check for debugfs_create_dir()
wifi: b43: Disable QoS for bcm4331
wifi: b43: Stop correct queue in DMA worker when QoS is disabled
b43: main: Fix use true/false for bool type
wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled
wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled
b43: dma: Fix use true/false for bool type variable
wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev()
timekeeping: Fix cross-timestamp interpolation for non-x86
timekeeping: Fix cross-timestamp interpolation corner case decision
timekeeping: Fix cross-timestamp interpolation on counter wrap
aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
md: Don't clear MD_CLOSING when the raid is about to stop
md: implement ->set_read_only to hook into BLKROSET processing
block: add a new set_read_only method
md: switch to ->check_events for media change notifications
fs/select: rework stack allocation hack for clang
do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
crypto: algif_aead - Only wake up when ctx->more is zero
crypto: af_alg - make some functions static
crypto: algif_aead - fix uninitialized ctx->init
ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll
ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode
ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC
Input: gpio_keys_polled - suppress deferred probe error for gpio
ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet
firewire: core: use long bus reset on gap count error
Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
scsi: mpt3sas: Prevent sending diag_reset when the controller is ready
dm-verity, dm-crypt: align "struct bvec_iter" correctly
block: sed-opal: handle empty atoms when parsing response
net/iucv: fix the allocation size of iucv_path_table array
MIPS: Clear Cause.BD in instruction_pointer_set
x86/xen: Add some null pointer checking to smp.c
ASoC: rt5645: Make LattePanda board DMI match more precise
Linux 4.19.310
selftests/vm: fix map_hugetlb length used for testing read and write
selftests/vm: fix display of page size in map_hugetlb
getrusage: use sig->stats_lock rather than lock_task_sighand()
getrusage: use __for_each_thread()
getrusage: move thread_group_cputime_adjusted() outside of lock_task_sighand()
getrusage: add the "signal_struct *sig" local variable
y2038: rusage: use __kernel_old_timeval
hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed
hv_netvsc: use netif_is_bond_master() instead of open code
hv_netvsc: Make netvsc/VF binding check both MAC and serial number
Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU
um: allow not setting extra rpaths in the linux binary
selftests: mm: fix map_hugetlb failure on 64K page size systems
tools/selftest/vm: allow choosing mem size and page size in map_hugetlb
btrfs: ref-verify: free ref cache before clearing mount opt
netrom: Fix data-races around sysctl_net_busy_read
netrom: Fix a data-race around sysctl_netrom_link_fails_count
netrom: Fix a data-race around sysctl_netrom_routing_control
netrom: Fix a data-race around sysctl_netrom_transport_no_activity_timeout
netrom: Fix a data-race around sysctl_netrom_transport_requested_window_size
netrom: Fix a data-race around sysctl_netrom_transport_busy_delay
netrom: Fix a data-race around sysctl_netrom_transport_acknowledge_delay
netrom: Fix a data-race around sysctl_netrom_transport_maximum_tries
netrom: Fix a data-race around sysctl_netrom_transport_timeout
netrom: Fix data-races around sysctl_netrom_network_ttl_initialiser
netrom: Fix a data-race around sysctl_netrom_obsolescence_count_initialiser
netrom: Fix a data-race around sysctl_netrom_default_path_quality
netfilter: nf_conntrack_h323: Add protection for bmp length out of range
net/rds: fix WARNING in rds_conn_connect_if_down
net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
geneve: make sure to pull inner header in geneve_rx()
net: move definition of pcpu_lstats to header file
net: lan78xx: fix runtime PM count underflow on link stop
lan78xx: Fix race conditions in suspend/resume handling
lan78xx: Fix partial packet errors on suspend/resume
lan78xx: Add missing return code checks
lan78xx: Fix white space and style issues
net: usb: lan78xx: Remove lots of set but unused 'ret' variables
Linux 4.19.309
gpio: 74x164: Enable output pins after registers are reset
cachefiles: fix memory leak in cachefiles_add_cache()
mmc: core: Fix eMMC initialization with 1-bit bus connection
btrfs: dev-replace: properly validate device names
wifi: nl80211: reject iftype change with mesh ID change
gtp: fix use-after-free and null-ptr-deref in gtp_newlink()
ALSA: Drop leftover snd-rtctimer stuff from Makefile
power: supply: bq27xxx-i2c: Do not free non existing IRQ
efi/capsule-loader: fix incorrect allocation size
Bluetooth: Enforce validation on max value of connection interval
Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST
Bluetooth: Avoid potential use-after-free in hci_error_reset
net: usb: dm9601: fix wrong return value in dm9601_mdio_read
lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected
tun: Fix xdp_rxq_info's queue_index when detaching
netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
Linux 4.19.308
scripts/bpf: Fix xdp_md forward declaration typo
fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio
KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler
KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table()
PCI/MSI: Prevent MSI hardware interrupt number truncation
s390: use the correct count for __iowrite64_copy()
packet: move from strlcpy with unused retval to strscpy
ipv6: sr: fix possible use-after-free and null-ptr-deref
nouveau: fix function cast warnings
scsi: jazz_esp: Only build if SCSI core is builtin
bpf, scripts: Correct GPL license name
scripts/bpf: teach bpf_helpers_doc.py to dump BPF helper definitions
RDMA/srpt: fix function pointer cast warnings
RDMA/srpt: Make debug output more detailed
RDMA/ulp: Use dev_name instead of ibdev->name
RDMA/srpt: Support specifying the srpt_service_guid parameter
RDMA/bnxt_re: Return error for SRQ resize
IB/hfi1: Fix a memleak in init_credit_return
usb: roles: don't get/set_role() when usb_role_switch is unregistered
usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs
ARM: ep93xx: Add terminator to gpiod_lookup_table
l2tp: pass correct message length to ip6_append_data
gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp()
dm-crypt: don't modify the data when using authenticated encryption
mm: memcontrol: switch to rcu protection in drain_all_stock()
IB/hfi1: Fix sdma.h tx->num_descs off-by-one error
pmdomain: renesas: r8a77980-sysc: CR7 must be always on
s390/qeth: Fix potential loss of L3-IP@ in case of network issues
virtio-blk: Ensure no requests in virtqueues before deleting vqs.
firewire: core: send bus reset promptly on gap count error
hwmon: (coretemp) Enlarge per package core count limit
regulator: pwm-regulator: Add validity checks in continuous .get_voltage
ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()
ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()
ahci: asm1166: correct count of reported ports
fbdev: sis: Error out if pixclock equals zero
fbdev: savage: Error out if pixclock equals zero
wifi: mac80211: fix race condition on enabling fast-xmit
wifi: cfg80211: fix missing interfaces when dumping
dmaengine: shdma: increase size of 'dev_id'
scsi: target: core: Add TMF to tmr_list handling
sched/rt: Disallow writing invalid values to sched_rt_period_us
sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset
sched/rt: Fix sysctl_sched_rr_timeslice intial value
userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb
nilfs2: replace WARN_ONs for invalid DAT metadata block requests
memcg: add refcnt for pcpu stock to avoid UAF problem in drain_all_stock()
net: stmmac: fix notifier registration
stmmac: no need to check return value of debugfs_create functions
net/sched: Retire dsmark qdisc
net/sched: Retire ATM qdisc
net/sched: Retire CBQ qdisc
Linux 4.19.307
netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval()
lsm: new security_file_ioctl_compat() hook
nilfs2: fix potential bug in end_buffer_async_write
sched/membarrier: reduce the ability to hammer on sys_membarrier
Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"
pmdomain: core: Move the unused cleanup to a _sync initcall
irqchip/irq-brcmstb-l2: Add write memory barrier before exit
nfp: use correct macro for LengthSelect in BAR config
nilfs2: fix hang in nilfs_lookup_dirty_data_buffers()
nilfs2: fix data corruption in dsync block recovery for small block sizes
ALSA: hda/conexant: Add quirk for SWS JS201D
x86/mm/ident_map: Use gbpages only where full GB page should be mapped.
x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6
serial: max310x: improve crystal stable clock detection
serial: max310x: set default value when reading clock ready bit
ring-buffer: Clean ring_buffer_poll_wait() error return
staging: iio: ad5933: fix type mismatch regression
ext4: fix double-free of blocks due to wrong extents moved_len
binder: signal epoll threads of self-work
xen-netback: properly sync TX responses
nfc: nci: free rx_data_reassembly skb on NCI device cleanup
firewire: core: correct documentation of fw_csr_string() kernel API
scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock"
usb: f_mass_storage: forbid async queue when shutdown happen
USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT
HID: wacom: Do not register input devices until after hid_hw_start
HID: wacom: generic: Avoid reporting a serial of '0' to userspace
mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again
tracing/trigger: Fix to return error if failed to alloc snapshot
i40e: Fix waiting for queues of all VSIs to be disabled
MIPS: Add 'memory' clobber to csum_ipv6_magic() inline assembler
net: sysfs: Fix /sys/class/net/<iface> path for statistics
Documentation: net-sysfs: describe missing statistics
ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work()
spi: ppc4xx: Drop write-only variable
btrfs: send: return EOPNOTSUPP on unknown flags
btrfs: forbid creating subvol qgroups
hrtimer: Report offline hrtimer enqueue
vhost: use kzalloc() instead of kmalloc() followed by memset()
Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID
USB: serial: cp210x: add ID for IMST iM871A-USB
USB: serial: option: add Fibocom FM101-GL variant
USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e
net/af_iucv: clean up a try_then_request_module()
netfilter: nft_compat: restrict match/target protocol to u16
netfilter: nft_compat: reject unused compat flag
ppp_async: limit MRU to 64K
tipc: Check the bearer type before calling tipc_udp_nl_bearer_add()
rxrpc: Fix response to PING RESPONSE ACKs to a dead call
inet: read sk->sk_family once in inet_recv_error()
hwmon: (coretemp) Fix bogus core_id to attr name mapping
hwmon: (coretemp) Fix out-of-bounds memory access
hwmon: (aspeed-pwm-tacho) mutex for tach reading
atm: idt77252: fix a memleak in open_card_ubr0
phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP
dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV
bonding: remove print in bond_verify_device_path
HID: apple: Add 2021 magic keyboard FN key mapping
HID: apple: Swap the Fn and Left Control keys on Apple keyboards
HID: apple: Add support for the 2021 Magic Keyboard
net: sysfs: Fix /sys/class/net/<iface> path
af_unix: fix lockdep positive in sk_diag_dump_icons()
net: ipv4: fix a memleak in ip_setup_cork
netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger
llc: call sock_orphan() at release time
ipv6: Ensure natural alignment of const ipv6 loopback and router addresses
ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550()
ixgbe: Refactor overtemp event handling
ixgbe: Refactor returning internal error codes
ixgbe: Remove non-inclusive language
net: remove unneeded break
scsi: isci: Fix an error code problem in isci_io_request_build()
wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update
drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()'
ceph: fix deadlock or deadcode of misusing dget()
blk-mq: fix IO hang from sbitmap wakeup race
virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a region of size 10" warnings
libsubcmd: Fix memory leak in uniq()
usb: hub: Replace hardcoded quirk value with BIT() macro
PCI: Only override AMD USB controller if required
mfd: ti_am335x_tscadc: Fix TI SoC dependencies
um: net: Fix return type of uml_net_start_xmit()
um: Don't use vfprintf() for os_info()
um: Fix naming clash between UML and scheduler
leds: trigger: panic: Don't register panic notifier if creating the trigger failed
drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()'
drm/amdgpu: Let KFD sync with VM fences
clk: mmp: pxa168: Fix memory leak in pxa168_clk_init()
clk: hi3620: Fix memory leak in hi3620_mmc_clk_init()
drm/msm/dpu: Ratelimit framedone timeout msgs
media: ddbridge: fix an error code problem in ddb_probe
IB/ipoib: Fix mcast list locking
drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time
ALSA: hda: Intel: add HDA_ARL PCI ID support
PCI: add INTEL_HDA_ARL to pci_ids.h
media: rockchip: rga: fix swizzling for RGB formats
media: stk1160: Fixed high volume of stk1160_dbg messages
drm/mipi-dsi: Fix detach call without attach
drm/framebuffer: Fix use of uninitialized variable
drm/drm_file: fix use of uninitialized variable
RDMA/IPoIB: Fix error code return in ipoib_mcast_join
fast_dput(): handle underflows gracefully
ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument
f2fs: fix to check return value of f2fs_reserve_new_block()
wifi: cfg80211: free beacon_ies when overridden from hidden BSS
wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift()
wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices
md: Whenassemble the array, consult the superblock of the freshest device
ARM: dts: imx23/28: Fix the DMA controller node name
ARM: dts: imx23-sansa: Use preferred i2c-gpios properties
ARM: dts: imx27-apf27dev: Fix LED name
ARM: dts: imx1: Fix sram node
ARM: dts: imx27: Fix sram node
ARM: dts: imx: Use flash@0,0 pattern
ARM: dts: imx25/27-eukrea: Fix RTC node name
ARM: dts: rockchip: fix rk3036 hdmi ports node
scsi: libfc: Fix up timeout error in fc_fcp_rec_error()
scsi: libfc: Don't schedule abort twice
bpf: Add map and need_defer parameters to .map_fd_put_ptr()
wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus()
ARM: dts: imx7s: Fix nand-controller #size-cells
ARM: dts: imx7s: Fix lcdif compatible
bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk
PCI: Add no PM reset quirk for NVIDIA Spectrum devices
scsi: lpfc: Fix possible file string name overflow when updating firmware
ext4: avoid online resizing failures due to oversized flex bg
ext4: remove unnecessary check from alloc_flex_gd()
ext4: unify the type of flexbg_size to unsigned int
ext4: fix inconsistent between segment fstrim and full fstrim
SUNRPC: Fix a suspicious RCU usage warning
KVM: s390: fix setting of fpc register
s390/ptrace: handle setting of fpc register correctly
jfs: fix array-index-out-of-bounds in diNewExt
rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock()
afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*()
crypto: stm32/crc32 - fix parsing list of devices
pstore/ram: Fix crash when setting number of cpus to an odd number
jfs: fix uaf in jfs_evict_inode
jfs: fix array-index-out-of-bounds in dbAdjTree
jfs: fix slab-out-of-bounds Read in dtSearch
UBSAN: array-index-out-of-bounds in dtSplitRoot
FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree
ACPI: extlog: fix NULL pointer dereference check
PNP: ACPI: fix fortify warning
ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop
audit: Send netlink ACK before setting connection in auditd_set
powerpc/lib: Validate size for vector operations
powerpc/mm: Fix build failures due to arch_reserved_kernel_pages()
powerpc: Fix build error due to is_valid_bugaddr()
powerpc/mm: Fix null-pointer dereference in pgtable_cache_add
net/sched: cbs: Fix not adding cbs instance to list
x86/entry/ia32: Ensure s32 is sign extended to s64
tick/sched: Preserve number of idle sleeps across CPU hotplug events
mips: Call lose_fpu(0) before initializing fcr31 in mips_set_personality_nan
gpio: eic-sprd: Clear interrupt after set the interrupt type
drm/exynos: gsc: minor fix for loop iteration in gsc_runtime_resume
drm/bridge: nxp-ptn3460: simplify some error checking
drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking
drm: Don't unref the same fb many times by mistake due to deadlock handling
gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04
netfilter: nf_tables: reject QUEUE/DROP verdict parameters
btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args
btrfs: don't warn if discard range is not aligned to sector
net: fec: fix the unhandled context fault from smmu
fjes: fix memleaks in fjes_hw_setup
netfilter: nf_tables: restrict anonymous set and map names to 16 bytes
net/mlx5e: fix a double-free in arfs_create_groups
net/mlx5: Use kfree(ft->g) in arfs_create_groups()
netlink: fix potential sleeping issue in mqueue_flush_file
Change-Id: I5e9292f6762747696c2af38ea5b14ae2d86bdaff
|
||
|
Michael Bestas
|
e8e6720b34 |
Merge tag 'ASB-2024-05-05_4.19-stable' of https://android.googlesource.com/kernel/common into android13-4.19-kona
https://source.android.com/docs/security/bulletin/2024-05-01 CVE-2023-4622 * tag 'ASB-2024-05-05_4.19-stable' of https://android.googlesource.com/kernel/common: Revert "timers: Rename del_timer_sync() to timer_delete_sync()" Revert "geneve: make sure to pull inner header in geneve_rx()" Linux 4.19.312 amdkfd: use calloc instead of kzalloc to avoid integer overflow initramfs: fix populate_initrd_image() section mismatch ip_gre: do not report erspan version on GRE interface erspan: Check IFLA_GRE_ERSPAN_VER is set. VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() Bluetooth: btintel: Fixe build regression x86/mm/pat: fix VM_PAT handling in COW mappings virtio: reenable config if freezing device failed drm/vkms: call drm_atomic_helper_shutdown before drm_dev_put() tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc fbmon: prevent division by zero in fb_videomode_from_videomode() fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined tools: iio: replace seekdir() in iio_generic_buffer ktest: force $buildonly = 1 for 'make_warnings_file' test type Input: allocate keycode for Display refresh rate toggle block: prevent division by zero in blk_rq_stat_sum() SUNRPC: increase size of rpc_wait_queue.qlen from unsigned short to unsigned int drm/amd/display: Fix nanosec stat overflow media: sta2x11: fix irq handler cast isofs: handle CDs with bad root inode but good Joliet root directory scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() sysv: don't call sb_bread() with pointers_lock held Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails Bluetooth: btintel: Fix null ptr deref in btintel_read_version btrfs: send: handle path ref underflow in header iterate_inode_ref() btrfs: export: handle invalid inode or root reference in btrfs_get_parent() btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() tools/power x86_energy_perf_policy: Fix file leak in get_pkg_num() arm64: dts: rockchip: fix rk3399 hdmi ports node VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() wifi: ath9k: fix LNA selection in ath_ant_try_scan() ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone ata: sata_mv: Fix PCI device ID table declaration compilation warning ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw erspan: make sure erspan_base_hdr is present in skb->head erspan: Add type I version 0 support. init: open /initrd.image with O_LARGEFILE initramfs: switch initramfs unpacking to struct file based APIs fs: add a vfs_fchmod helper fs: add a vfs_fchown helper initramfs: factor out a helper to populate the initrd image staging: vc04_services: fix information leak in create_component() staging: vc04_services: changen strncpy() to strscpy_pad() staging: mmal-vchiq: Fix client_component for 64 bit kernel staging: mmal-vchiq: Allocate and free components as required staging: mmal-vchiq: Avoid use of bool in structures i40e: fix vf may be used uninitialized in this function warning ipv6: Fix infinite recursion in fib6_dump_done(). selftests: reuseaddr_conflict: add missing new line at the end of the output net: stmmac: fix rx queue priority assignment net/sched: act_skbmod: prevent kernel-infoleak netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() mm, vmscan: prevent infinite loop for costly GFP_NOIO | __GFP_RETRY_MAYFAIL allocations Revert "x86/mm/ident_map: Use gbpages only where full GB page should be mapped." net/rds: fix possible cp null dereference netfilter: nf_tables: disallow timeout for anonymous sets Bluetooth: Fix TOCTOU in HCI debugfs implementation Bluetooth: hci_event: set the conn encrypted before conn establishes r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d tcp: properly terminate timers for kernel sockets mptcp: add sk_stop_timer_sync helper nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet USB: core: Fix deadlock in usb_deauthorize_interface() scsi: lpfc: Correct size for wqe for memset() x86/cpu: Enable STIBP on AMD if Automatic IBRS is enabled scsi: qla2xxx: Fix command flush on cable pull usb: udc: remove warning when queue disabled ep usb: dwc2: gadget: LPM flow fix usb: dwc2: host: Fix ISOC flow in DDMA mode usb: dwc2: host: Fix hibernation flow usb: dwc2: host: Fix remote wakeup from hibernation loop: loop_set_status_from_info() check before assignment loop: Check for overflow while configuring loop loop: Factor out configuring loop from status powerpc: xor_vmx: Add '-mhard-float' to CFLAGS efivarfs: Request at most 512 bytes for variable names perf/core: Fix reentry problem in perf_output_read_group() loop: properly observe rotational flag of underlying device loop: Refactor loop_set_status() size calculation loop: Factor out setting loop device size loop: Remove sector_t truncation checks loop: Call loop_config_discard() only after new config is applied Revert "loop: Check for overflow while configuring loop" btrfs: allocate btrfs_ioctl_defrag_range_args on stack printk: Update @console_may_schedule in console_trylock_spinning() fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs usb: cdc-wdm: close race between read and workqueue exec: Fix NOMMU linux_binprm::exec in transfer_args_to_stack() wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes mm/migrate: set swap entry values of THP tail pages properly. mm/memory-failure: fix an incorrect use of tail pages vt: fix memory overlapping when deleting chars in the buffer vt: fix unicode buffer corruption when deleting characters tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled usb: port: Don't try to peer unused USB ports based on location usb: gadget: ncm: Fix handling of zero block length packets USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command ALSA: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897 platform xfrm: Avoid clang fortify warning in copy_to_user_tmpl() netfilter: nf_tables: reject constant set with timeout netfilter: nf_tables: disallow anonymous set with timeout flag comedi: comedi_test: Prevent timers rescheduling during deletion ahci: asm1064: asm1166: don't limit reported ports ahci: asm1064: correct count of reported ports x86/CPU/AMD: Update the Zenbleed microcode revisions nilfs2: prevent kernel bug at submit_bh_wbc() nilfs2: use a more common logging style nilfs2: fix failure to detect DAT corruption in btree and direct mappings memtest: use {READ,WRITE}_ONCE in memory scanning drm/vc4: hdmi: do not return negative values from .get_modes() drm/imx/ipuv3: do not return negative values from .get_modes() s390/zcrypt: fix reference counting on zcrypt card objects soc: fsl: qbman: Use raw spinlock for cgr_lock soc: fsl: qbman: Add CGR update function soc: fsl: qbman: Add helper for sanity checking cgr ops soc: fsl: qbman: Always disable interrupts when taking cgr_lock vfio/platform: Disable virqfds on cleanup kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1 speakup: Fix 8bit characters from direct synth slimbus: core: Remove usage of the deprecated ida_simple_xx() API ext4: fix corruption during on-line resize hwmon: (amc6821) add of_match table mmc: core: Fix switch on gp3 partition dm-raid: fix lockdep waring in "pers->hot_add_disk" Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"" PCI/PM: Drain runtime-idle callbacks before driver removal PCI: Drop pci_device_remove() test of pci_dev->driver fuse: don't unhash root mmc: tmio: avoid concurrent runs of mmc_request_done() PM: sleep: wakeirq: fix wake irq warning in system suspend USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M USB: serial: option: add MeiG Smart SLM320 product USB: serial: cp210x: add ID for MGP Instruments PDS100 USB: serial: add device ID for VeriFone adapter USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB powerpc/fsl: Fix mfpmr build errors with newer binutils clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays PM: suspend: Set mem_sleep_current during kernel command line setup parisc: Strip upper 32 bit of sum in csum_ipv6_magic for 64-bit builds parisc: Fix csum_ipv6_magic on 64-bit systems parisc: Fix csum_ipv6_magic on 32-bit systems parisc: Fix ip_fast_csum parisc: Do not hardcode registers in checksum functions ubi: correct the calculation of fastmap size ubi: Check for too small LEB size in VTBL code ubifs: Set page uptodate in the correct place fat: fix uninitialized field in nostale filehandles crypto: qat - resolve race condition during AER recovery crypto: qat - fix double free during reset sparc: vDSO: fix return value of __setup handler sparc64: NMI watchdog: fix return value of __setup handler KVM: Always flush async #PF workqueue when vCPU is being destroyed media: xc4000: Fix atomicity violation in xc4000_get_frequency arm: dts: marvell: Fix maxium->maxim typo in brownstone dts ARM: dts: mmp2-brownstone: Don't redeclare phandle references smack: Handle SMACK64TRANSMUTE in smack_inode_setsecurity() smack: Set SMACK64TRANSMUTE only for dirs in smack_inode_setxattr() wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach timers: Rename del_timer_sync() to timer_delete_sync() timers: Use del_timer_sync() even on UP timers: Update kernel-doc for various functions timers: Prepare support for PREEMPT_RT timer/trace: Improve timer tracing timer/trace: Replace deprecated vsprintf pointer extension %pf by %ps x86/bugs: Use sysfs_emit() x86/cpu: Support AMD Automatic IBRS Documentation/hw-vuln: Update spectre doc Linux 4.19.311 crypto: af_alg - Work around empty control messages without MSG_MORE crypto: af_alg - Fix regression on empty requests spi: spi-mt65xx: Fix NULL pointer access in interrupt handler net/bnx2x: Prevent access to a freed page in page_pool hsr: Handle failures in module init rds: introduce acquire/release ordering in acquire/release_in_xmit() hsr: Fix uninit-value access in hsr_get_node() net: hsr: fix placement of logical operator in a multi-line statement usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin staging: greybus: fix get_channel_from_mode() failure path serial: 8250_exar: Don't remove GPIO device on suspend rtc: mt6397: select IRQ_DOMAIN instead of depending on it kconfig: fix infinite loop when expanding a macro at the end of file tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT serial: max310x: fix syntax error in IRQ error message clk: qcom: gdsc: Add support to update GDSC transition delay NFS: Fix an off by one in root_nfs_cat() net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn scsi: csiostor: Avoid function pointer casts ALSA: usb-audio: Stop parsing channels bits when all channels are found. sparc32: Fix section mismatch in leon_pci_grpci backlight: lp8788: Fully initialize backlight_properties during probe backlight: lm3639: Fully initialize backlight_properties during probe backlight: da9052: Fully initialize backlight_properties during probe backlight: lm3630a: Don't set bl->props.brightness in get_brightness backlight: lm3630a: Initialize backlight_properties on init powerpc/embedded6xx: Fix no previous prototype for avr_uart_send() etc. powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip media: go7007: fix a memleak in go7007_load_encoder media: dvb-frontends: avoid stack overflow warnings with clang media: pvrusb2: fix uaf in pvr2_context_set_notify drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int() ASoC: meson: axg-tdm-interface: fix mclk setup without mclk-fs mtd: rawnand: lpc32xx_mlc: fix irq handler prototype crypto: arm/sha - fix function cast warnings crypto: arm - Rename functions to avoid conflict with crypto/sha256.h mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref drm/tegra: put drm_gem_object ref on error in tegra_fb_create clk: hisilicon: hi3519: Release the correct number of gates in hi3519_clk_unregister() PCI: Mark 3ware-9650SE Root Port Extended Tags as broken drm/mediatek: dsi: Fix DSI RGB666 formats and definitions clk: qcom: dispcc-sdm845: Adjust internal GDSC wait times firmware: qcom: scm: Add WLAN VMID for Qualcomm SCM interface media: pvrusb2: fix pvr2_stream_callback casts media: go7007: add check of return value of go7007_read_addr() ALSA: seq: fix function cast warnings drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode() perf thread_map: Free strlist on normal path in thread_map__new_by_tid_str() quota: Fix rcu annotations of inode dquot pointers quota: Fix potential NULL pointer dereference quota: simplify drop_dquot_ref() quota: check time limit when back out space/inode change fs/quota: erase unused but set variable warning quota: code cleanup for __dquot_alloc_space() clk: qcom: reset: Ensure write completion on reset de/assertion clk: qcom: reset: Commonize the de/assert functions clk: qcom: reset: support resetting multiple bits clk: qcom: reset: Allow specifying custom reset delay media: edia: dvbdev: fix a use-after-free media: dvb-core: Fix use-after-free due to race at dvb_register_device() media: dvbdev: fix error logic at dvb_register_device() media: dvbdev: Fix memleak in dvb_register_device media: media/dvb: Use kmemdup rather than duplicating its implementation media: dvbdev: remove double-unlock media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity media: v4l2-tpg: fix some memleaks in tpg_alloc media: em28xx: annotate unchecked call to media_device_register() ABI: sysfs-bus-pci-devices-aer_stats uses an invalid tag perf evsel: Fix duplicate initialization of data->id in evsel__parse_sample() media: tc358743: register v4l2 async device only after successful setup drm/rockchip: lvds: do not print scary message when probing defer drm/rockchip: lvds: do not overwrite error code drm: Don't treat 0 as -1 in drm_fixp2int_ceil drm/rockchip: inno_hdmi: Fix video timing drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path of tegra_dsi_probe() drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe() drm/tegra: dsi: Make use of the helper function dev_err_probe() gpu: host1x: mipi: Update tegra_mipi_request() to be node based drm/tegra: dsi: Add missing check for of_find_device_by_node dm: call the resume method on internal suspend dm raid: fix false positive for requeue needed during reshape nfp: flower: handle acti_netdevs allocation failure net/x25: fix incorrect parameter validation in the x25_getsockopt() function net: kcm: fix incorrect parameter validation in the kcm_getsockopt) function udp: fix incorrect parameter validation in the udp_lib_getsockopt() function l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function ipv6: fib6_rules: flush route cache when rule is changed bpf: Fix stackmap overflow check on 32-bit arches bpf: Fix hashtab overflow check on 32-bit arches sr9800: Add check for usbnet_get_endpoints Bluetooth: hci_core: Fix possible buffer overflow Bluetooth: Remove superfluous call to hci_conn_check_pending() igb: Fix missing time sync events igb: move PEROUT and EXTTS isr logic to separate functions mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove function SUNRPC: fix some memleaks in gssx_dec_option_array x86, relocs: Ignore relocations in .notes section ACPI: scan: Fix device check notification handling ARM: dts: arm: realview: Fix development chip ROM compatible value wifi: brcmsmac: avoid function pointer casts iommu/amd: Mark interrupt as managed bus: tegra-aconnect: Update dependency to ARCH_TEGRA ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() af_unix: Annotate data-race of gc_in_progress in wait_for_unix_gc(). sock_diag: annotate data-races around sock_diag_handlers[family] wifi: mwifiex: debugfs: Drop unnecessary error check for debugfs_create_dir() wifi: b43: Disable QoS for bcm4331 wifi: b43: Stop correct queue in DMA worker when QoS is disabled b43: main: Fix use true/false for bool type wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled b43: dma: Fix use true/false for bool type variable wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() timekeeping: Fix cross-timestamp interpolation for non-x86 timekeeping: Fix cross-timestamp interpolation corner case decision timekeeping: Fix cross-timestamp interpolation on counter wrap aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts md: Don't clear MD_CLOSING when the raid is about to stop md: implement ->set_read_only to hook into BLKROSET processing block: add a new set_read_only method md: switch to ->check_events for media change notifications fs/select: rework stack allocation hack for clang do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak crypto: algif_aead - Only wake up when ctx->more is zero crypto: af_alg - make some functions static crypto: algif_aead - fix uninitialized ctx->init ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC Input: gpio_keys_polled - suppress deferred probe error for gpio ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet firewire: core: use long bus reset on gap count error Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security scsi: mpt3sas: Prevent sending diag_reset when the controller is ready dm-verity, dm-crypt: align "struct bvec_iter" correctly block: sed-opal: handle empty atoms when parsing response net/iucv: fix the allocation size of iucv_path_table array MIPS: Clear Cause.BD in instruction_pointer_set x86/xen: Add some null pointer checking to smp.c ASoC: rt5645: Make LattePanda board DMI match more precise Linux 4.19.310 selftests/vm: fix map_hugetlb length used for testing read and write selftests/vm: fix display of page size in map_hugetlb getrusage: use sig->stats_lock rather than lock_task_sighand() getrusage: use __for_each_thread() getrusage: move thread_group_cputime_adjusted() outside of lock_task_sighand() getrusage: add the "signal_struct *sig" local variable y2038: rusage: use __kernel_old_timeval hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed hv_netvsc: use netif_is_bond_master() instead of open code hv_netvsc: Make netvsc/VF binding check both MAC and serial number Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU um: allow not setting extra rpaths in the linux binary selftests: mm: fix map_hugetlb failure on 64K page size systems tools/selftest/vm: allow choosing mem size and page size in map_hugetlb btrfs: ref-verify: free ref cache before clearing mount opt netrom: Fix data-races around sysctl_net_busy_read netrom: Fix a data-race around sysctl_netrom_link_fails_count netrom: Fix a data-race around sysctl_netrom_routing_control netrom: Fix a data-race around sysctl_netrom_transport_no_activity_timeout netrom: Fix a data-race around sysctl_netrom_transport_requested_window_size netrom: Fix a data-race around sysctl_netrom_transport_busy_delay netrom: Fix a data-race around sysctl_netrom_transport_acknowledge_delay netrom: Fix a data-race around sysctl_netrom_transport_maximum_tries netrom: Fix a data-race around sysctl_netrom_transport_timeout netrom: Fix data-races around sysctl_netrom_network_ttl_initialiser netrom: Fix a data-race around sysctl_netrom_obsolescence_count_initialiser netrom: Fix a data-race around sysctl_netrom_default_path_quality netfilter: nf_conntrack_h323: Add protection for bmp length out of range net/rds: fix WARNING in rds_conn_connect_if_down net/ipv6: avoid possible UAF in ip6_route_mpath_notify() geneve: make sure to pull inner header in geneve_rx() net: move definition of pcpu_lstats to header file net: lan78xx: fix runtime PM count underflow on link stop lan78xx: Fix race conditions in suspend/resume handling lan78xx: Fix partial packet errors on suspend/resume lan78xx: Add missing return code checks lan78xx: Fix white space and style issues net: usb: lan78xx: Remove lots of set but unused 'ret' variables Linux 4.19.309 gpio: 74x164: Enable output pins after registers are reset cachefiles: fix memory leak in cachefiles_add_cache() mmc: core: Fix eMMC initialization with 1-bit bus connection btrfs: dev-replace: properly validate device names wifi: nl80211: reject iftype change with mesh ID change gtp: fix use-after-free and null-ptr-deref in gtp_newlink() ALSA: Drop leftover snd-rtctimer stuff from Makefile power: supply: bq27xxx-i2c: Do not free non existing IRQ efi/capsule-loader: fix incorrect allocation size Bluetooth: Enforce validation on max value of connection interval Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST Bluetooth: Avoid potential use-after-free in hci_error_reset net: usb: dm9601: fix wrong return value in dm9601_mdio_read lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected tun: Fix xdp_rxq_info's queue_index when detaching netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter Linux 4.19.308 scripts/bpf: Fix xdp_md forward declaration typo fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() PCI/MSI: Prevent MSI hardware interrupt number truncation s390: use the correct count for __iowrite64_copy() packet: move from strlcpy with unused retval to strscpy ipv6: sr: fix possible use-after-free and null-ptr-deref nouveau: fix function cast warnings scsi: jazz_esp: Only build if SCSI core is builtin bpf, scripts: Correct GPL license name scripts/bpf: teach bpf_helpers_doc.py to dump BPF helper definitions RDMA/srpt: fix function pointer cast warnings RDMA/srpt: Make debug output more detailed RDMA/ulp: Use dev_name instead of ibdev->name RDMA/srpt: Support specifying the srpt_service_guid parameter RDMA/bnxt_re: Return error for SRQ resize IB/hfi1: Fix a memleak in init_credit_return usb: roles: don't get/set_role() when usb_role_switch is unregistered usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs ARM: ep93xx: Add terminator to gpiod_lookup_table l2tp: pass correct message length to ip6_append_data gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() dm-crypt: don't modify the data when using authenticated encryption mm: memcontrol: switch to rcu protection in drain_all_stock() IB/hfi1: Fix sdma.h tx->num_descs off-by-one error pmdomain: renesas: r8a77980-sysc: CR7 must be always on s390/qeth: Fix potential loss of L3-IP@ in case of network issues virtio-blk: Ensure no requests in virtqueues before deleting vqs. firewire: core: send bus reset promptly on gap count error hwmon: (coretemp) Enlarge per package core count limit regulator: pwm-regulator: Add validity checks in continuous .get_voltage ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() ahci: asm1166: correct count of reported ports fbdev: sis: Error out if pixclock equals zero fbdev: savage: Error out if pixclock equals zero wifi: mac80211: fix race condition on enabling fast-xmit wifi: cfg80211: fix missing interfaces when dumping dmaengine: shdma: increase size of 'dev_id' scsi: target: core: Add TMF to tmr_list handling sched/rt: Disallow writing invalid values to sched_rt_period_us sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset sched/rt: Fix sysctl_sched_rr_timeslice intial value userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb nilfs2: replace WARN_ONs for invalid DAT metadata block requests memcg: add refcnt for pcpu stock to avoid UAF problem in drain_all_stock() net: stmmac: fix notifier registration stmmac: no need to check return value of debugfs_create functions net/sched: Retire dsmark qdisc net/sched: Retire ATM qdisc net/sched: Retire CBQ qdisc Linux 4.19.307 netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() lsm: new security_file_ioctl_compat() hook nilfs2: fix potential bug in end_buffer_async_write sched/membarrier: reduce the ability to hammer on sys_membarrier Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d" pmdomain: core: Move the unused cleanup to a _sync initcall irqchip/irq-brcmstb-l2: Add write memory barrier before exit nfp: use correct macro for LengthSelect in BAR config nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() nilfs2: fix data corruption in dsync block recovery for small block sizes ALSA: hda/conexant: Add quirk for SWS JS201D x86/mm/ident_map: Use gbpages only where full GB page should be mapped. x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 serial: max310x: improve crystal stable clock detection serial: max310x: set default value when reading clock ready bit ring-buffer: Clean ring_buffer_poll_wait() error return staging: iio: ad5933: fix type mismatch regression ext4: fix double-free of blocks due to wrong extents moved_len binder: signal epoll threads of self-work xen-netback: properly sync TX responses nfc: nci: free rx_data_reassembly skb on NCI device cleanup firewire: core: correct documentation of fw_csr_string() kernel API scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" usb: f_mass_storage: forbid async queue when shutdown happen USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT HID: wacom: Do not register input devices until after hid_hw_start HID: wacom: generic: Avoid reporting a serial of '0' to userspace mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again tracing/trigger: Fix to return error if failed to alloc snapshot i40e: Fix waiting for queues of all VSIs to be disabled MIPS: Add 'memory' clobber to csum_ipv6_magic() inline assembler net: sysfs: Fix /sys/class/net/<iface> path for statistics Documentation: net-sysfs: describe missing statistics ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work() spi: ppc4xx: Drop write-only variable btrfs: send: return EOPNOTSUPP on unknown flags btrfs: forbid creating subvol qgroups hrtimer: Report offline hrtimer enqueue vhost: use kzalloc() instead of kmalloc() followed by memset() Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID USB: serial: cp210x: add ID for IMST iM871A-USB USB: serial: option: add Fibocom FM101-GL variant USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e net/af_iucv: clean up a try_then_request_module() netfilter: nft_compat: restrict match/target protocol to u16 netfilter: nft_compat: reject unused compat flag ppp_async: limit MRU to 64K tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() rxrpc: Fix response to PING RESPONSE ACKs to a dead call inet: read sk->sk_family once in inet_recv_error() hwmon: (coretemp) Fix bogus core_id to attr name mapping hwmon: (coretemp) Fix out-of-bounds memory access hwmon: (aspeed-pwm-tacho) mutex for tach reading atm: idt77252: fix a memleak in open_card_ubr0 phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV bonding: remove print in bond_verify_device_path HID: apple: Add 2021 magic keyboard FN key mapping HID: apple: Swap the Fn and Left Control keys on Apple keyboards HID: apple: Add support for the 2021 Magic Keyboard net: sysfs: Fix /sys/class/net/<iface> path af_unix: fix lockdep positive in sk_diag_dump_icons() net: ipv4: fix a memleak in ip_setup_cork netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger llc: call sock_orphan() at release time ipv6: Ensure natural alignment of const ipv6 loopback and router addresses ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550() ixgbe: Refactor overtemp event handling ixgbe: Refactor returning internal error codes ixgbe: Remove non-inclusive language net: remove unneeded break scsi: isci: Fix an error code problem in isci_io_request_build() wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' ceph: fix deadlock or deadcode of misusing dget() blk-mq: fix IO hang from sbitmap wakeup race virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a region of size 10" warnings libsubcmd: Fix memory leak in uniq() usb: hub: Replace hardcoded quirk value with BIT() macro PCI: Only override AMD USB controller if required mfd: ti_am335x_tscadc: Fix TI SoC dependencies um: net: Fix return type of uml_net_start_xmit() um: Don't use vfprintf() for os_info() um: Fix naming clash between UML and scheduler leds: trigger: panic: Don't register panic notifier if creating the trigger failed drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' drm/amdgpu: Let KFD sync with VM fences clk: mmp: pxa168: Fix memory leak in pxa168_clk_init() clk: hi3620: Fix memory leak in hi3620_mmc_clk_init() drm/msm/dpu: Ratelimit framedone timeout msgs media: ddbridge: fix an error code problem in ddb_probe IB/ipoib: Fix mcast list locking drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time ALSA: hda: Intel: add HDA_ARL PCI ID support PCI: add INTEL_HDA_ARL to pci_ids.h media: rockchip: rga: fix swizzling for RGB formats media: stk1160: Fixed high volume of stk1160_dbg messages drm/mipi-dsi: Fix detach call without attach drm/framebuffer: Fix use of uninitialized variable drm/drm_file: fix use of uninitialized variable RDMA/IPoIB: Fix error code return in ipoib_mcast_join fast_dput(): handle underflows gracefully ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument f2fs: fix to check return value of f2fs_reserve_new_block() wifi: cfg80211: free beacon_ies when overridden from hidden BSS wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices md: Whenassemble the array, consult the superblock of the freshest device ARM: dts: imx23/28: Fix the DMA controller node name ARM: dts: imx23-sansa: Use preferred i2c-gpios properties ARM: dts: imx27-apf27dev: Fix LED name ARM: dts: imx1: Fix sram node ARM: dts: imx27: Fix sram node ARM: dts: imx: Use flash@0,0 pattern ARM: dts: imx25/27-eukrea: Fix RTC node name ARM: dts: rockchip: fix rk3036 hdmi ports node scsi: libfc: Fix up timeout error in fc_fcp_rec_error() scsi: libfc: Don't schedule abort twice bpf: Add map and need_defer parameters to .map_fd_put_ptr() wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() ARM: dts: imx7s: Fix nand-controller #size-cells ARM: dts: imx7s: Fix lcdif compatible bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk PCI: Add no PM reset quirk for NVIDIA Spectrum devices scsi: lpfc: Fix possible file string name overflow when updating firmware ext4: avoid online resizing failures due to oversized flex bg ext4: remove unnecessary check from alloc_flex_gd() ext4: unify the type of flexbg_size to unsigned int ext4: fix inconsistent between segment fstrim and full fstrim SUNRPC: Fix a suspicious RCU usage warning KVM: s390: fix setting of fpc register s390/ptrace: handle setting of fpc register correctly jfs: fix array-index-out-of-bounds in diNewExt rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock() afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() crypto: stm32/crc32 - fix parsing list of devices pstore/ram: Fix crash when setting number of cpus to an odd number jfs: fix uaf in jfs_evict_inode jfs: fix array-index-out-of-bounds in dbAdjTree jfs: fix slab-out-of-bounds Read in dtSearch UBSAN: array-index-out-of-bounds in dtSplitRoot FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree ACPI: extlog: fix NULL pointer dereference check PNP: ACPI: fix fortify warning ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop audit: Send netlink ACK before setting connection in auditd_set powerpc/lib: Validate size for vector operations powerpc/mm: Fix build failures due to arch_reserved_kernel_pages() powerpc: Fix build error due to is_valid_bugaddr() powerpc/mm: Fix null-pointer dereference in pgtable_cache_add net/sched: cbs: Fix not adding cbs instance to list x86/entry/ia32: Ensure s32 is sign extended to s64 tick/sched: Preserve number of idle sleeps across CPU hotplug events mips: Call lose_fpu(0) before initializing fcr31 in mips_set_personality_nan gpio: eic-sprd: Clear interrupt after set the interrupt type drm/exynos: gsc: minor fix for loop iteration in gsc_runtime_resume drm/bridge: nxp-ptn3460: simplify some error checking drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking drm: Don't unref the same fb many times by mistake due to deadlock handling gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04 netfilter: nf_tables: reject QUEUE/DROP verdict parameters btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args btrfs: don't warn if discard range is not aligned to sector net: fec: fix the unhandled context fault from smmu fjes: fix memleaks in fjes_hw_setup netfilter: nf_tables: restrict anonymous set and map names to 16 bytes net/mlx5e: fix a double-free in arfs_create_groups net/mlx5: Use kfree(ft->g) in arfs_create_groups() netlink: fix potential sleeping issue in mqueue_flush_file Conflicts: include/linux/fs.h include/linux/timer.h init/initramfs.c kernel/time/timer.c mm/memory-failure.c mm/page_alloc.c net/core/sock.c scripts/Makefile.extrawarn Change-Id: I0ccfce4c1a43240cfb997b426ef9fc59e61e3c55 |
||
|
Greg Kroah-Hartman
|
5c67c90113 |
Merge 4.19.313 into android-4.19-stable
Changes in 4.19.313
batman-adv: Avoid infinite loop trying to resize local TT
Bluetooth: Fix memory leak in hci_req_sync_complete()
nouveau: fix function cast warning
geneve: fix header validation in geneve[6]_xmit_skb
ipv6: fib: hide unused 'pn' variable
ipv4/route: avoid unused-but-set-variable warning
ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr
net/mlx5: Properly link new fs rules into the tree
tracing: hide unused ftrace_event_id_fops
vhost: Add smp_rmb() in vhost_vq_avail_empty()
selftests: timers: Fix abs() warning in posix_timers test
x86/apic: Force native_apic_mem_read() to use the MOV instruction
btrfs: record delayed inode root in transaction
selftests/ftrace: Limit length in subsystem-enable tests
kprobes: Fix possible use-after-free issue on kprobe registration
Revert "tracing/trigger: Fix to return error if failed to alloc snapshot"
netfilter: nf_tables: __nft_expr_type_get() selects specific family type
netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()
tun: limit printing rate when illegal packet received by tun dev
RDMA/mlx5: Fix port number for counter query in multi-port configuration
drm: nv04: Fix out of bounds access
comedi: vmk80xx: fix incomplete endpoint checking
serial/pmac_zilog: Remove flawed mitigation for rx irq flood
USB: serial: option: add Fibocom FM135-GL variants
USB: serial: option: add support for Fibocom FM650/FG650
USB: serial: option: add Lonsung U8300/U9300 product
USB: serial: option: support Quectel EM060K sub-models
USB: serial: option: add Rolling RW101-GL and RW135-GL support
USB: serial: option: add Telit FN920C04 rmnet compositions
Revert "usb: cdc-wdm: close race between read and workqueue"
usb: dwc2: host: Fix dereference issue in DDMA completion flow.
speakup: Avoid crash on very long word
fs: sysfs: Fix reference leak in sysfs_break_active_protection()
nouveau: fix instmem race condition around ptr stores
nilfs2: fix OOB in nilfs_set_de_type
tracing: Remove hist trigger synth_var_refs
tracing: Use var_refs[] for hist trigger reference checking
arm64: dts: rockchip: fix alphabetical ordering RK3399 puma
arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for RK3399 Puma
arm64: dts: mediatek: mt7622: fix IR nodename
arm64: dts: mediatek: mt7622: fix ethernet controller "compatible"
arm64: dts: mediatek: mt7622: drop "reset-names" from thermal block
ARC: [plat-hsdk]: Remove misplaced interrupt-cells property
vxlan: drop packets from invalid src-address
mlxsw: core: Unregister EMAD trap using FORWARD action
NFC: trf7970a: disable all regulators on removal
net: usb: ax88179_178a: stop lying about skb->truesize
net: gtp: Fix Use-After-Free in gtp_dellink
ipvs: Fix checksumming on GSO of SCTP packets
net: openvswitch: ovs_ct_exit to be done under ovs_lock
net: openvswitch: Fix Use-After-Free in ovs_ct_exit
i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
serial: core: Provide port lock wrappers
serial: mxs-auart: add spinlock around changing cts state
drm/amdgpu: restrict bo mapping within gpu address limits
amdgpu: validate offset_in_bo of drm_amdgpu_gem_va
drm/amdgpu: validate the parameters of bo mapping operations more clearly
Revert "crypto: api - Disallow identical driver names"
tracing: Show size of requested perf buffer
tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker together
Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 Puma
irqchip/gic-v3-its: Prevent double free on error
net: b44: set pause params only when interface is up
stackdepot: respect __GFP_NOLOCKDEP allocation flag
mtd: diskonchip: work around ubsan link failure
tcp: Clean up kernel listener's reqsk in inet_twsk_purge()
tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge()
dmaengine: owl: fix register access functions
idma64: Don't try to serve interrupts when device is powered off
i2c: smbus: fix NULL function pointer dereference
HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up
Revert "loop: Remove sector_t truncation checks"
Revert "y2038: rusage: use __kernel_old_timeval"
udp: preserve the connected status if only UDP cmsg
serial: core: fix kernel-doc for uart_port_unlock_irqrestore()
Linux 4.19.313
Change-Id: I6558068fa522b4cd853251716389c0d30a47522f
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Greg Kroah-Hartman
|
69dc8fc830 |
Revert "crypto: api - Disallow identical driver names"
This reverts commit
|
||
|
Michael Bestas
|
8af156d428 |
Merge remote-tracking branch 'sm8250/lineage-20' into lineage-21
* sm8250/lineage-20: BACKPORT: erofs: fix lz4 inplace decompression ANDROID: Enable percpu high priority kthreads for erofs UPSTREAM: erofs: fix an error code in z_erofs_init_zip_subsystem() BACKPORT: erofs: add per-cpu threads for decompression as an option sched: Provide sched_set_fifo() ANDROID: GKI: enable CONFIG_EROFS_FS=y Revert "erofs: add REQ_RAHEAD flag to readahead requests" erofs: Switch to attach/detach_page_private include/linux/pagemap.h: introduce attach/detach_page_private BACKPORT: erofs: fix use-after-free of on-stack io[] MAINTAINERS: erofs: update my email address MAINTAINERS: erofs: complete sub-entries for erofs erofs: move erofs out of staging staging: erofs: turn cache strategies into mount options staging: erofs: kill CONFIG_EROFS_FS_USE_VM_MAP_RAM staging: erofs: support IO read error injection staging: erofs: complete POSIX ACL support staging: erofs: add document Reapply "erofs: support decompress big pcluster for lz4 backend" Revert "erofs: fix lz4 inplace decompression" Revert "Reapply "cred: switch to using atomic_long_t"" Reapply "cred: switch to using atomic_long_t" BACKPORT: net: core: enable SO_BINDTODEVICE for non-root users tcp: Add memory barrier to tcp_push() tracing: Ensure visibility when inserting an element into tracing_map net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv llc: Drop support for ETH_P_TR_802_2. llc: make llc_ui_sendmsg() more robust against bonding changes vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING net/smc: fix illegal rmb_desc access in SMC-D connection dump drivers: core: fix kernel-doc markup for dev_err_probe() driver code: print symbolic error code block: Remove special-casing of compound pages Revert "driver core: Annotate dev_err_probe() with __must_check" nouveau/vmm: don't set addr on the fail path to avoid warning driver core: Annotate dev_err_probe() with __must_check parisc/firmware: Fix F-extend for PDC addresses x86/CPU/AMD: Fix disabling XSAVES on AMD family 0x17 due to erratum rpmsg: virtio: Free driver_override when rpmsg_remove() powerpc: Use always instead of always-y in for crtsavres.o hwrng: core - Fix page fault dead lock on mmap-ed hwrng PM: hibernate: Enforce ordering during image compression/decompression crypto: api - Disallow identical driver names ext4: allow for the last group to be marked as trimmed serial: sc16is7xx: add check for unsupported SPI modes during probe spi: introduce SPI_MODE_X_MASK macro driver core: add device probe log helper serial: sc16is7xx: set safe default SPI clock frequency units: add the HZ macros units: change from 'L' to 'UL' units: Add Watt units include/linux/units.h: add helpers for kelvin to/from Celsius conversion PCI: mediatek: Clear interrupt status before dispatching handler soc: qcom: smem: Add boundary checks for partitions clk: qcom: gcc-sdm660: Add SDCC1 BCR clocks for SDM660 dt-bindings: clock: Add support for SDCC BCR id for SDM660 exfat: github action: run buiuld and tests on for-kernel-version-from-4.1.0 branch exfat: fix ALIGN_DOWN undefined error exfat: using ffs instead of internal logic exfat: using hweight instead of internal logic exfat: fix ctime is not updated exfat: fix setting uninitialized time to ctime/atime exfat: convert to new timestamp accessors exfat: convert to ctime accessor functions exfat: fs: pass the request_mask to generic_fillattr exfat: convert to simple_rename_timestamp exfat: ensure that ctime is updated whenever the mtime is exfat: fs: add CONFIG_BUFFER_HEAD exfat: use fat ioctls definitions from include/uapi/linux/msdos_fs.h exfat: github action: remove liunx-4.1 source to get more disk space exfat: support create zero-size directory exfat: support handle zero-size directory exfat: add ioctls for accessing attributes exfat: vfs: get rid of old '->iterate' directory operation Change-Id: Ic3c668bcdf1d207266e80b0672543e0164626fc4 |
||
|
Michael Bestas
|
a8804204c0 |
Merge tag 'ASB-2024-04-05_4.19-stable' of https://android.googlesource.com/kernel/common into android13-4.19-kona
https://source.android.com/docs/security/bulletin/2024-04-01 * tag 'ASB-2024-04-05_4.19-stable' of https://android.googlesource.com/kernel/common: Revert "Reapply "cred: switch to using atomic_long_t"" Reapply "cred: switch to using atomic_long_t" BACKPORT: net: core: enable SO_BINDTODEVICE for non-root users tcp: Add memory barrier to tcp_push() tracing: Ensure visibility when inserting an element into tracing_map net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv llc: Drop support for ETH_P_TR_802_2. llc: make llc_ui_sendmsg() more robust against bonding changes vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING net/smc: fix illegal rmb_desc access in SMC-D connection dump drivers: core: fix kernel-doc markup for dev_err_probe() driver code: print symbolic error code block: Remove special-casing of compound pages Revert "driver core: Annotate dev_err_probe() with __must_check" nouveau/vmm: don't set addr on the fail path to avoid warning driver core: Annotate dev_err_probe() with __must_check parisc/firmware: Fix F-extend for PDC addresses x86/CPU/AMD: Fix disabling XSAVES on AMD family 0x17 due to erratum rpmsg: virtio: Free driver_override when rpmsg_remove() powerpc: Use always instead of always-y in for crtsavres.o hwrng: core - Fix page fault dead lock on mmap-ed hwrng PM: hibernate: Enforce ordering during image compression/decompression crypto: api - Disallow identical driver names ext4: allow for the last group to be marked as trimmed serial: sc16is7xx: add check for unsupported SPI modes during probe spi: introduce SPI_MODE_X_MASK macro driver core: add device probe log helper serial: sc16is7xx: set safe default SPI clock frequency units: add the HZ macros units: change from 'L' to 'UL' units: Add Watt units include/linux/units.h: add helpers for kelvin to/from Celsius conversion PCI: mediatek: Clear interrupt status before dispatching handler Change-Id: I5a5f215e11cc4d2ae7ad65c53d50819f18988acf |
||
|
Greg Kroah-Hartman
|
32e0a5db51 |
Merge 4.19.311 into android-4.19-stable
Changes in 4.19.311 ASoC: rt5645: Make LattePanda board DMI match more precise x86/xen: Add some null pointer checking to smp.c MIPS: Clear Cause.BD in instruction_pointer_set net/iucv: fix the allocation size of iucv_path_table array block: sed-opal: handle empty atoms when parsing response dm-verity, dm-crypt: align "struct bvec_iter" correctly scsi: mpt3sas: Prevent sending diag_reset when the controller is ready Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security firewire: core: use long bus reset on gap count error ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet Input: gpio_keys_polled - suppress deferred probe error for gpio ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll crypto: algif_aead - fix uninitialized ctx->init crypto: af_alg - make some functions static crypto: algif_aead - Only wake up when ctx->more is zero do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak fs/select: rework stack allocation hack for clang md: switch to ->check_events for media change notifications block: add a new set_read_only method md: implement ->set_read_only to hook into BLKROSET processing md: Don't clear MD_CLOSING when the raid is about to stop aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts timekeeping: Fix cross-timestamp interpolation on counter wrap timekeeping: Fix cross-timestamp interpolation corner case decision timekeeping: Fix cross-timestamp interpolation for non-x86 wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() b43: dma: Fix use true/false for bool type variable wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled b43: main: Fix use true/false for bool type wifi: b43: Stop correct queue in DMA worker when QoS is disabled wifi: b43: Disable QoS for bcm4331 wifi: mwifiex: debugfs: Drop unnecessary error check for debugfs_create_dir() sock_diag: annotate data-races around sock_diag_handlers[family] af_unix: Annotate data-race of gc_in_progress in wait_for_unix_gc(). wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() bus: tegra-aconnect: Update dependency to ARCH_TEGRA iommu/amd: Mark interrupt as managed wifi: brcmsmac: avoid function pointer casts ARM: dts: arm: realview: Fix development chip ROM compatible value ACPI: scan: Fix device check notification handling x86, relocs: Ignore relocations in .notes section SUNRPC: fix some memleaks in gssx_dec_option_array mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove function igb: move PEROUT and EXTTS isr logic to separate functions igb: Fix missing time sync events Bluetooth: Remove superfluous call to hci_conn_check_pending() Bluetooth: hci_core: Fix possible buffer overflow sr9800: Add check for usbnet_get_endpoints bpf: Fix hashtab overflow check on 32-bit arches bpf: Fix stackmap overflow check on 32-bit arches ipv6: fib6_rules: flush route cache when rule is changed tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function udp: fix incorrect parameter validation in the udp_lib_getsockopt() function net: kcm: fix incorrect parameter validation in the kcm_getsockopt) function net/x25: fix incorrect parameter validation in the x25_getsockopt() function nfp: flower: handle acti_netdevs allocation failure dm raid: fix false positive for requeue needed during reshape dm: call the resume method on internal suspend drm/tegra: dsi: Add missing check for of_find_device_by_node gpu: host1x: mipi: Update tegra_mipi_request() to be node based drm/tegra: dsi: Make use of the helper function dev_err_probe() drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe() drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path of tegra_dsi_probe() drm/rockchip: inno_hdmi: Fix video timing drm: Don't treat 0 as -1 in drm_fixp2int_ceil drm/rockchip: lvds: do not overwrite error code drm/rockchip: lvds: do not print scary message when probing defer media: tc358743: register v4l2 async device only after successful setup perf evsel: Fix duplicate initialization of data->id in evsel__parse_sample() ABI: sysfs-bus-pci-devices-aer_stats uses an invalid tag media: em28xx: annotate unchecked call to media_device_register() media: v4l2-tpg: fix some memleaks in tpg_alloc media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity media: dvbdev: remove double-unlock media: media/dvb: Use kmemdup rather than duplicating its implementation media: dvbdev: Fix memleak in dvb_register_device media: dvbdev: fix error logic at dvb_register_device() media: dvb-core: Fix use-after-free due to race at dvb_register_device() media: edia: dvbdev: fix a use-after-free clk: qcom: reset: Allow specifying custom reset delay clk: qcom: reset: support resetting multiple bits clk: qcom: reset: Commonize the de/assert functions clk: qcom: reset: Ensure write completion on reset de/assertion quota: code cleanup for __dquot_alloc_space() fs/quota: erase unused but set variable warning quota: check time limit when back out space/inode change quota: simplify drop_dquot_ref() quota: Fix potential NULL pointer dereference quota: Fix rcu annotations of inode dquot pointers perf thread_map: Free strlist on normal path in thread_map__new_by_tid_str() drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode() ALSA: seq: fix function cast warnings media: go7007: add check of return value of go7007_read_addr() media: pvrusb2: fix pvr2_stream_callback casts firmware: qcom: scm: Add WLAN VMID for Qualcomm SCM interface clk: qcom: dispcc-sdm845: Adjust internal GDSC wait times drm/mediatek: dsi: Fix DSI RGB666 formats and definitions PCI: Mark 3ware-9650SE Root Port Extended Tags as broken clk: hisilicon: hi3519: Release the correct number of gates in hi3519_clk_unregister() drm/tegra: put drm_gem_object ref on error in tegra_fb_create mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref crypto: arm - Rename functions to avoid conflict with crypto/sha256.h crypto: arm/sha - fix function cast warnings mtd: rawnand: lpc32xx_mlc: fix irq handler prototype ASoC: meson: axg-tdm-interface: fix mclk setup without mclk-fs drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int() media: pvrusb2: fix uaf in pvr2_context_set_notify media: dvb-frontends: avoid stack overflow warnings with clang media: go7007: fix a memleak in go7007_load_encoder drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks powerpc/embedded6xx: Fix no previous prototype for avr_uart_send() etc. backlight: lm3630a: Initialize backlight_properties on init backlight: lm3630a: Don't set bl->props.brightness in get_brightness backlight: da9052: Fully initialize backlight_properties during probe backlight: lm3639: Fully initialize backlight_properties during probe backlight: lp8788: Fully initialize backlight_properties during probe sparc32: Fix section mismatch in leon_pci_grpci ALSA: usb-audio: Stop parsing channels bits when all channels are found. scsi: csiostor: Avoid function pointer casts scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() NFS: Fix an off by one in root_nfs_cat() clk: qcom: gdsc: Add support to update GDSC transition delay serial: max310x: fix syntax error in IRQ error message tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT kconfig: fix infinite loop when expanding a macro at the end of file rtc: mt6397: select IRQ_DOMAIN instead of depending on it serial: 8250_exar: Don't remove GPIO device on suspend staging: greybus: fix get_channel_from_mode() failure path usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin net: hsr: fix placement of logical operator in a multi-line statement hsr: Fix uninit-value access in hsr_get_node() rds: introduce acquire/release ordering in acquire/release_in_xmit() hsr: Handle failures in module init net/bnx2x: Prevent access to a freed page in page_pool spi: spi-mt65xx: Fix NULL pointer access in interrupt handler crypto: af_alg - Fix regression on empty requests crypto: af_alg - Work around empty control messages without MSG_MORE Linux 4.19.311 Change-Id: I034e9a44b6dec1a7b5c600b3cd77aabc401044d7 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Herbert Xu
|
ba1f292491 |
crypto: af_alg - Work around empty control messages without MSG_MORE
commit c195d66a8a75c60515819b101975f38b7ec6577f upstream. The iwd daemon uses libell which sets up the skcipher operation with two separate control messages. As the first control message is sent without MSG_MORE, it is interpreted as an empty request. While libell should be fixed to use MSG_MORE where appropriate, this patch works around the bug in the kernel so that existing binaries continue to work. We will print a warning however. A separate issue is that the new kernel code no longer allows the control message to be sent twice within the same request. This restriction is obviously incompatible with what iwd was doing (first setting an IV and then sending the real control message). This patch changes the kernel so that this is explicitly allowed. Reported-by: Caleb Jorden <caljorden@hotmail.com> Fixes: f3c802a1f300 ("crypto: algif_aead - Only wake up when...") Cc: <stable@vger.kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Herbert Xu
|
546e3961b5 |
crypto: af_alg - Fix regression on empty requests
commit 662bb52f50bca16a74fe92b487a14d7dccb85e1a upstream. Some user-space programs rely on crypto requests that have no control metadata. This broke when a check was added to require the presence of control metadata with the ctx->init flag. This patch fixes the regression by setting ctx->init as long as one sendmsg(2) has been made, with or without a control message. Reported-by: Sachin Sant <sachinp@linux.vnet.ibm.com> Reported-by: Naresh Kamboju <naresh.kamboju@linaro.org> Fixes: f3c802a1f300 ("crypto: algif_aead - Only wake up when...") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Herbert Xu
|
de564b5975 |
crypto: algif_aead - Only wake up when ctx->more is zero
[ Upstream commit f3c802a1f30013f8f723b62d7fa49eb9e991da23 ]
AEAD does not support partial requests so we must not wake up
while ctx->more is set. In order to distinguish between the
case of no data sent yet and a zero-length request, a new init
flag has been added to ctx.
SKCIPHER has also been modified to ensure that at least a block
of data is available if there is more data to come.
Fixes:
|
||
|
Eric Biggers
|
0ca02d4bee |
crypto: af_alg - make some functions static
[ Upstream commit 466e0759269d31485074126700574230bfff3b1c ] Some exported functions in af_alg.c aren't used outside of that file. Therefore, un-export them and make them 'static'. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Stable-dep-of: f3c802a1f300 ("crypto: algif_aead - Only wake up when ctx->more is zero") Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Ondrej Mosnacek
|
17a1144baa |
crypto: algif_aead - fix uninitialized ctx->init
[ Upstream commit 21dfbcd1f5cbff9cf2f9e7e43475aed8d072b0dd ] In skcipher_accept_parent_nokey() the whole af_alg_ctx structure is cleared by memset() after allocation, so add such memset() also to aead_accept_parent_nokey() so that the new "init" field is also initialized to zero. Without that the initial ctx->init checks might randomly return true and cause errors. While there, also remove the redundant zero assignments in both functions. Found via libkcapi testsuite. Cc: Stephan Mueller <smueller@chronox.de> Fixes: f3c802a1f300 ("crypto: algif_aead - Only wake up when ctx->more is zero") Suggested-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
038c0dcdcd |
Merge d2d0b95ca1 ("block: Remove special-casing of compound pages") into android-mainline
Steps on the way to 4.19.307 Change-Id: Ia57840d96d36c5c4a67be2f7c69807e449728406 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Herbert Xu
|
15a67115d4 |
crypto: api - Disallow identical driver names
commit 27016f75f5ed47e2d8e0ca75a8ff1f40bc1a5e27 upstream. Disallow registration of two algorithms with identical driver names. Cc: <stable@vger.kernel.org> Reported-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Michael Bestas
|
ef098aedd9 |
Merge remote-tracking branch 'sm8250/lineage-20' into lineage-20
* sm8250/lineage-20:
msm: kgsl: Do not release dma and anon buffers if unmap fails
Reapply "perf: Fix perf_event_validate_size()"
UPSTREAM: usb: raw-gadget: properly handle interrupted requests
UPSTREAM: mm/cma: use nth_page() in place of direct struct page manipulation
UPSTREAM: wireguard: allowedips: expand maximum node depth
UPSTREAM: coresight: tmc: Explicit type conversions to prevent integer overflow
UPSTREAM: wireguard: netlink: send staged packets when setting initial private key
UPSTREAM: wireguard: queueing: use saner cpu selection wrapping
UPSTREAM: kheaders: Use array declaration instead of char
UPSTREAM: arm64: efi: Make efi_rt_lock a raw_spinlock
UPSTREAM: sched/psi: Fix use-after-free in ep_remove_wait_queue()
UPSTREAM: usb: musb: mediatek: don't unregister something that wasn't registered
UPSTREAM: xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr()
UPSTREAM: xfrm: compat: change expression for switch in xfrm_xlate64
UPSTREAM: perf/core: Call LSM hook after copying perf_event_attr
Linux 4.19.306
crypto: scompress - initialize per-CPU variables on each CPU
Revert "NFSD: Fix possible sleep during nfsd4_release_lockowner()"
i2c: s3c24xx: fix transferring more than one message in polling mode
i2c: s3c24xx: fix read transfers in polling mode
kdb: Fix a potential buffer overflow in kdb_local()
kdb: Censor attempts to set PROMPT without ENABLE_MEM_READ
ipvs: avoid stat macros calls from preemptible context
net: dsa: vsc73xx: Add null pointer check to vsc73xx_gpio_probe
net: ravb: Fix dma_addr_t truncation in error case
net: qualcomm: rmnet: fix global oob in rmnet_policy
serial: imx: Correct clock error message in function probe()
apparmor: avoid crash when parsed profile name is empty
perf genelf: Set ELF program header addresses properly
acpi: property: Let args be NULL in __acpi_node_get_property_reference
MIPS: Alchemy: Fix an out-of-bound access in db1550_dev_setup()
MIPS: Alchemy: Fix an out-of-bound access in db1200_dev_setup()
HID: wacom: Correct behavior when processing some confidence == false touches
wifi: mwifiex: configure BSSID consistently when starting AP
wifi: rtlwifi: Convert LNKCTL change to PCIe cap RMW accessors
wifi: rtlwifi: Remove bogus and dangerous ASPM disable/enable code
fbdev: flush deferred work in fb_deferred_io_fsync()
ALSA: oxygen: Fix right channel of capture volume mixer
usb: mon: Fix atomicity violation in mon_bin_vma_fault
usb: typec: class: fix typec_altmode_put_partner to put plugs
Revert "usb: typec: class: fix typec_altmode_put_partner to put plugs"
usb: chipidea: wait controller resume finished for wakeup irq
Revert "usb: dwc3: don't reset device side if dwc3 was configured as host-only"
Revert "usb: dwc3: Soft reset phy on probe for host"
usb: dwc: ep0: Update request status in dwc3_ep0_stall_restart
usb: phy: mxs: remove CONFIG_USB_OTG condition for mxs_phy_is_otg_host()
tick-sched: Fix idle and iowait sleeptime accounting vs CPU hotplug
binder: fix unused alloc->free_async_space
binder: fix race between mmput() and do_exit()
xen-netback: don't produce zero-size SKB frags
Revert "ASoC: atmel: Remove system clock tree configuration for at91sam9g20ek"
Input: atkbd - use ab83 as id when skipping the getid command
binder: fix async space check for 0-sized buffers
of: unittest: Fix of_count_phandle_with_args() expected value message
of: Fix double free in of_parse_phandle_with_args_map
mmc: sdhci_omap: Fix TI SoC dependencies
watchdog: bcm2835_wdt: Fix WDIOC_SETTIMEOUT handling
watchdog/hpwdt: Only claim UNKNOWN NMI if from iLO
watchdog: set cdev owner before adding
gpu/drm/radeon: fix two memleaks in radeon_vm_init
drivers/amd/pm: fix a use-after-free in kv_parse_power_table
drm/amd/pm: fix a double-free in si_dpm_init
drm/amdgpu/debugfs: fix error code when smc register accessors are NULL
media: dvbdev: drop refcount on error path in dvb_device_open()
media: cx231xx: fix a memleak in cx231xx_init_isoc
drm/radeon/trinity_dpm: fix a memleak in trinity_parse_power_table
drm/radeon/dpm: fix a memleak in sumo_parse_power_table
drm/radeon: check the alloc_workqueue return value in radeon_crtc_init()
drm/drv: propagate errors from drm_modeset_register_all()
drm/msm/mdp4: flush vblank event on disable
ASoC: cs35l34: Fix GPIO name and drop legacy include
ASoC: cs35l33: Fix GPIO name and drop legacy include
drm/radeon: check return value of radeon_ring_lock()
drm/radeon/r100: Fix integer overflow issues in r100_cs_track_check()
drm/radeon/r600_cs: Fix possible int overflows in r600_cs_check_reg()
f2fs: fix to avoid dirent corruption
drm/bridge: Fix typo in post_disable() description
media: pvrusb2: fix use after free on context disconnection
RDMA/usnic: Silence uninitialized symbol smatch warnings
ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim()
Bluetooth: btmtkuart: fix recv_buf() return value
Bluetooth: Fix bogus check for re-auth no supported with non-ssp
wifi: rtlwifi: rtl8192se: using calculate_bit_shift()
wifi: rtlwifi: rtl8192ee: using calculate_bit_shift()
wifi: rtlwifi: rtl8192de: using calculate_bit_shift()
rtlwifi: rtl8192de: make arrays static const, makes object smaller
wifi: rtlwifi: rtl8192ce: using calculate_bit_shift()
wifi: rtlwifi: rtl8192cu: using calculate_bit_shift()
wifi: rtlwifi: rtl8192c: using calculate_bit_shift()
wifi: rtlwifi: rtl8188ee: phy: using calculate_bit_shift()
wifi: rtlwifi: add calculate_bit_shift()
dma-mapping: clear dev->dma_mem to NULL after freeing it
scsi: hisi_sas: Replace with standard error code return value
wifi: rtlwifi: rtl8821ae: phy: fix an undefined bitwise shift behavior
rtlwifi: Use ffs in <foo>_phy_calculate_bit_shift
firmware: ti_sci: Fix an off-by-one in ti_sci_debugfs_create()
net/ncsi: Fix netlink major/minor version numbers
ncsi: internal.h: Fix a spello
ARM: dts: qcom: apq8064: correct XOADC register address
wifi: libertas: stop selecting wext
bpf, lpm: Fix check prefixlen before walking trie
NFSv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT
blocklayoutdriver: Fix reference leak of pnfs_device_node
crypto: scomp - fix req->dst buffer overflow
crypto: scompress - Use per-CPU struct instead multiple variables
crypto: scompress - return proper error code for allocation failure
crypto: sahara - do not resize req->src when doing hash operations
crypto: sahara - fix processing hash requests with req->nbytes < sg->length
crypto: sahara - improve error handling in sahara_sha_process()
crypto: sahara - fix wait_for_completion_timeout() error handling
crypto: sahara - fix ahash reqsize
crypto: virtio - Wait for tasklet to complete on device remove
pstore: ram_core: fix possible overflow in persistent_ram_init_ecc()
crypto: sahara - fix error handling in sahara_hw_descriptor_create()
crypto: sahara - fix processing requests with cryptlen < sg->length
crypto: sahara - fix ahash selftest failure
crypto: sahara - remove FLAGS_NEW_KEY logic
crypto: af_alg - Disallow multiple in-flight AIO requests
crypto: ccp - fix memleak in ccp_init_dm_workarea
crypto: virtio - Handle dataq logic with tasklet
selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socket
mtd: Fix gluebi NULL pointer dereference caused by ftl notifier
calipso: fix memory leak in netlbl_calipso_add_pass()
netlabel: remove unused parameter in netlbl_netlink_auditinfo()
net: netlabel: Fix kerneldoc warnings
ACPI: LPIT: Avoid u32 multiplication overflow
ACPI: video: check for error while searching for backlight device parent
mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller response
powerpc/imc-pmu: Add a null pointer check in update_events_in_group()
powerpc/powernv: Add a null pointer check in opal_event_init()
selftests/powerpc: Fix error handling in FPU/VMX preemption tests
powerpc/pseries/memhp: Fix access beyond end of drmem array
powerpc/pseries/memhotplug: Quieten some DLPAR operations
powerpc/44x: select I2C for CURRITUCK
powerpc: remove redundant 'default n' from Kconfig-s
powerpc: add crtsavres.o to always-y instead of extra-y
EDAC/thunderx: Fix possible out-of-bounds string access
x86/lib: Fix overflow when counting digits
coresight: etm4x: Fix width of CCITMIN field
uio: Fix use-after-free in uio_open
binder: fix comment on binder_alloc_new_buf() return value
binder: use EPOLLERR from eventpoll.h
drm/crtc: fix uninitialized variable use
ARM: sun9i: smp: fix return code check of of_property_match_string
Input: xpad - add Razer Wolverine V2 support
ARC: fix spare error
s390/scm: fix virtual vs physical address confusion
Input: i8042 - add nomux quirk for Acer P459-G2-M
Input: atkbd - skip ATKBD_CMD_GETID in translated mode
reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning
ring-buffer: Do not record in NMI if the arch does not support cmpxchg in NMI
tracing: Add size check when printing trace_marker output
tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing
drm/crtc: Fix uninit-value bug in drm_mode_setcrtc
jbd2: correct the printing of write_flags in jbd2_write_superblock()
clk: rockchip: rk3128: Fix HCLK_OTG gate register
drm/exynos: fix a potential error pointer dereference
ASoC: da7219: Support low DC impedance headset
net/tg3: fix race condition in tg3_reset_task()
ASoC: rt5650: add mutex to avoid the jack detection failure
ASoC: cs43130: Fix incorrect frame delay configuration
ASoC: cs43130: Fix the position of const qualifier
ASoC: Intel: Skylake: mem leak in skl register function
f2fs: explicitly null-terminate the xattr list
UPSTREAM: wifi: cfg80211: fix buffer overflow in elem comparison
UPSTREAM: gcov: clang: fix the buffer overflow issue
BACKPORT: selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()
UPSTREAM: wifi: cfg80211: avoid nontransmitted BSS list corruption
UPSTREAM: wifi: cfg80211: fix BSS refcounting bugs
UPSTREAM: wifi: cfg80211: ensure length byte is present before access
UPSTREAM: wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
UPSTREAM: wireguard: netlink: avoid variable-sized memcpy on sockaddr
UPSTREAM: wireguard: ratelimiter: disable timings test by default
UPSTREAM: crypto: lib - remove unneeded selection of XOR_BLOCKS
UPSTREAM: wireguard: allowedips: don't corrupt stack when detecting overflow
UPSTREAM: wireguard: ratelimiter: use hrtimer in selftest
UPSTREAM: crypto: arm64/poly1305 - fix a read out-of-bound
UPSTREAM: wifi: mac80211_hwsim: set virtio device ready in probe()
UPSTREAM: crypto: memneq - move into lib/
UPSTREAM: dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace
BACKPORT: usb: typec: mux: Check dev_set_name() return value
UPSTREAM: wireguard: device: check for metadata_dst with skb_valid_dst()
UPSTREAM: sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq
UPSTREAM: cfg80211: hold bss_lock while updating nontrans_list
UPSTREAM: wireguard: socket: ignore v6 endpoints when ipv6 is disabled
UPSTREAM: wireguard: socket: free skb in send6 when ipv6 is disabled
UPSTREAM: wireguard: queueing: use CFI-safe ptr_ring cleanup function
UPSTREAM: mm: don't try to NUMA-migrate COW pages that have other uses
UPSTREAM: copy_process(): Move fd_install() out of sighand->siglock critical section
UPSTREAM: usb: raw-gadget: fix handling of dual-direction-capable endpoints
UPSTREAM: psi: Fix "no previous prototype" warnings when CONFIG_CGROUPS=n
UPSTREAM: sched/uclamp: Fix rq->uclamp_max not set on first enqueue
UPSTREAM: wireguard: selftests: increase default dmesg log size
UPSTREAM: wireguard: allowedips: add missing __rcu annotation to satisfy sparse
UPSTREAM: sched/uclamp: Fix uclamp_tg_restrict()
UPSTREAM: coresight: etm4x: Fix etm4_count race by moving cpuhp callbacks to init
UPSTREAM: sched/uclamp: Fix a deadlock when enabling uclamp static key
UPSTREAM: mac80211_hwsim: use GFP_ATOMIC under spin lock
UPSTREAM: usercopy: Avoid soft lockups in test_check_nonzero_user()
UPSTREAM: lib: test_user_copy: style cleanup
UPSTREAM: fork: return proper negative error code
Revert "ipv6: make ip6_rt_gc_expire an atomic_t"
Revert "ipv6: remove max_size check inline with ipv4"
Linux 4.19.305
ipv6: remove max_size check inline with ipv4
ipv6: make ip6_rt_gc_expire an atomic_t
net/dst: use a smaller percpu_counter batch for dst entries accounting
net: add a route cache full diagnostic message
PCI: Disable ATS for specific Intel IPU E2000 devices
PCI: Extract ATS disabling to a helper function
netfilter: nf_tables: Reject tables of unsupported family
fuse: nlookup missing decrement in fuse_direntplus_link
mmc: core: Cancel delayed work before releasing host
mmc: rpmb: fixes pause retune on all RPMB partitions.
mm: fix unmap_mapping_range high bits shift bug
firewire: ohci: suppress unexpected system reboot in AMD Ryzen machines and ASM108x/VT630x PCIe cards
mm/memory-failure: check the mapcount of the precise page
bnxt_en: Remove mis-applied code from bnxt_cfg_ntp_filters()
asix: Add check for usbnet_get_endpoints
net/qla3xxx: fix potential memleak in ql_alloc_buffer_queues
net/qla3xxx: switch from 'pci_' to 'dma_' API
i40e: Restore VF MSI-X state during PCI reset
i40e: fix use-after-free in i40e_aqc_add_filters()
net: Save and restore msg_namelen in sock_sendmsg
net: bcmgenet: Fix FCS generation for fragmented skbuffs
ARM: sun9i: smp: Fix array-index-out-of-bounds read in sunxi_mc_smp_init
net: sched: em_text: fix possible memory leak in em_text_destroy()
i40e: Fix filter input checks to prevent config with invalid values
nfc: llcp_core: Hold a ref to llcp_local->dev when holding a ref to llcp_local
UPSTREAM: fsverity: skip PKCS#7 parser when keyring is empty
Audio legacy: Integer overflow in msm_lsm_ioctl_compat during audio playback usecase. size = sizeof(p_info_32) + p_info_32.param_size; This overflow issue may result heap overflow during copying the data: memcpy(param_info_rsp, &p_info_32, sizeof(p_info_32));
mmc: sdhci-msm: Reset GCC_SDCC_BCR register for SDHC
usb: phy: Enable clock before accessing EUD register space
loop: Select I/O scheduler 'none' from inside add_disk()
BACKPORT: loop: Fix missing discard support when using LOOP_CONFIGURE
UPSTREAM: loop: unset GENHD_FL_NO_PART_SCAN on LOOP_CONFIGURE
loop: Check for overflow while configuring loop
BACKPORT: loop: Set correct device size when using LOOP_CONFIGURE
cnss2: Add support for configuring calibration duration
fw-api: CL 25639871 - update fw common interface files
fw-api: CL 25638846 - update fw common interface files
fw-api: CL 25637760 - update fw common interface files
fw-api: CL 25636238 - update fw common interface files
fw-api: CL 25618622 - update fw common interface files
fw-api: CL 25612024 - update fw common interface files
fw-api: CL 25601210 - update fw common interface files
fw-api: CL 25598308 - update fw common interface files
fw-api: CL 25585821 - update fw common interface files
fw-api: CL 25582070 - update fw common interface files
fw-api: CL 25582068 - update fw common interface files
block: delete part_round_stats and switch to less precise counting
BACKPORT: media: venus: hfi_parser: Add check for number of codecs
BACKPORT: media: venus: hfi: add checks in capabilities from firmware
BACKPORT: media: venus: hfi: fix the check in session buffer requirement
BACKPORT: media: venus: hfi: add checks to perform sanity on queue pointers
fw-api: CL 25560130 - update fw common interface files
fw-api: CL 25538998 - update fw common interface files
fw-api: CL 25538692 - update fw common interface files
fw-api: CL 25526295 - update fw common interface files
qcacmn: Add sanity check to fix OOB issue
vidc_3x: venc: Add missing level in h263
fw-api: CL 25522189 - update fw common interface files
fw-api: CL 25493022 - update fw common interface files
fw-api: CL 25473754 - update fw common interface files
msm: kgsl: Do not free sharedmem if it cannot be unmapped
vidc_3x: Return EBUSY if mbpf check fails
fw-api: CL 25397057 - update fw common interface files
fw-api: CL 25394812 - update fw common interface files
fw-api: CL 25328958 - update fw common interface files
fw-api: CL 25314900 - update fw common interface files
soc: qcom: qmi_encdec: out of bound check for input buffer
fw-api: CL 25308727 - update fw common interface files
fw-api: CL 25273382 - update fw common interface files
fw-api: CL 25272219 - update fw common interface files
fw-api: CL 25266026 - update fw common interface files
fw-api: CL 25234042 - update fw common interface files
fw-api: CL 25234039 - update fw common interface files
fw-api: CL 25210870 - update fw common interface files
fw-api: CL 25171661 - update fw common interface files
fw-api: CL 25170657 - update fw common interface files
fw-api: CL 25166743 - update fw common interface files
fw-api: CL 25134675 - update fw common interface files
fw-api: CL 25104555 - update fw common interface files
fw-api: CL 25104553 - update fw common interface files
fw-api: CL 25045621 - update fw common interface files
fw-api: CL 25043321 - update fw common interface files
fw-api: CL 25039727 - update fw common interface files
fw-api: CL 25039724 - update fw common interface files
fw-api: CL 25036225 - update fw common interface files
fw-api: CL 25027860 - update fw common interface files
fw-api: CL 25012076 - update fw common interface files
fw-api: CL 25001184 - update fw common interface files
fw-api: CL 24972727 - update fw common interface files
fw-api: CL 24952424 - update fw common interface files
fw-api: CL 24942753 - update fw common interface files
fw-api: CL 24927565 - update fw common interface files
fw-api: CL 24914490 - update fw common interface files
fw-api: CL 24886188 - update fw common interface files
fw-api: CL 24865228 - update fw common interface files
fw-api: CL 24822236 - update fw common interface files
fw-api: CL 24815200 - update fw common interface files
fw-api: CL 24803979 - update fw common interface files
fw-api: CL 24760251 - update fw common interface files
fw-api: CL 24704966 - update fw common interface files
qcacmn: Fix OOB issue
Release 5.2.022.12B
qcacld-3.0: Ignore CSA request for invalid channel
Conflicts:
drivers/android/binder_alloc.c
kernel/fork.c
Change-Id: Ie3a3dee43522c756c92ed9734e292c826e882ee4
|
||
|
Michael Bestas
|
2ad5dc817b |
Merge tag 'ASB-2024-02-05_4.19-stable' of https://android.googlesource.com/kernel/common into android13-4.19-kona
https://source.android.com/docs/security/bulletin/2024-02-01 * tag 'ASB-2024-02-05_4.19-stable' of https://android.googlesource.com/kernel/common: Reapply "perf: Fix perf_event_validate_size()" UPSTREAM: usb: raw-gadget: properly handle interrupted requests UPSTREAM: mm/cma: use nth_page() in place of direct struct page manipulation UPSTREAM: wireguard: allowedips: expand maximum node depth UPSTREAM: coresight: tmc: Explicit type conversions to prevent integer overflow UPSTREAM: wireguard: netlink: send staged packets when setting initial private key UPSTREAM: wireguard: queueing: use saner cpu selection wrapping UPSTREAM: kheaders: Use array declaration instead of char UPSTREAM: arm64: efi: Make efi_rt_lock a raw_spinlock UPSTREAM: sched/psi: Fix use-after-free in ep_remove_wait_queue() UPSTREAM: usb: musb: mediatek: don't unregister something that wasn't registered UPSTREAM: xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr() UPSTREAM: xfrm: compat: change expression for switch in xfrm_xlate64 UPSTREAM: perf/core: Call LSM hook after copying perf_event_attr Linux 4.19.306 crypto: scompress - initialize per-CPU variables on each CPU Revert "NFSD: Fix possible sleep during nfsd4_release_lockowner()" i2c: s3c24xx: fix transferring more than one message in polling mode i2c: s3c24xx: fix read transfers in polling mode kdb: Fix a potential buffer overflow in kdb_local() kdb: Censor attempts to set PROMPT without ENABLE_MEM_READ ipvs: avoid stat macros calls from preemptible context net: dsa: vsc73xx: Add null pointer check to vsc73xx_gpio_probe net: ravb: Fix dma_addr_t truncation in error case net: qualcomm: rmnet: fix global oob in rmnet_policy serial: imx: Correct clock error message in function probe() apparmor: avoid crash when parsed profile name is empty perf genelf: Set ELF program header addresses properly acpi: property: Let args be NULL in __acpi_node_get_property_reference MIPS: Alchemy: Fix an out-of-bound access in db1550_dev_setup() MIPS: Alchemy: Fix an out-of-bound access in db1200_dev_setup() HID: wacom: Correct behavior when processing some confidence == false touches wifi: mwifiex: configure BSSID consistently when starting AP wifi: rtlwifi: Convert LNKCTL change to PCIe cap RMW accessors wifi: rtlwifi: Remove bogus and dangerous ASPM disable/enable code fbdev: flush deferred work in fb_deferred_io_fsync() ALSA: oxygen: Fix right channel of capture volume mixer usb: mon: Fix atomicity violation in mon_bin_vma_fault usb: typec: class: fix typec_altmode_put_partner to put plugs Revert "usb: typec: class: fix typec_altmode_put_partner to put plugs" usb: chipidea: wait controller resume finished for wakeup irq Revert "usb: dwc3: don't reset device side if dwc3 was configured as host-only" Revert "usb: dwc3: Soft reset phy on probe for host" usb: dwc: ep0: Update request status in dwc3_ep0_stall_restart usb: phy: mxs: remove CONFIG_USB_OTG condition for mxs_phy_is_otg_host() tick-sched: Fix idle and iowait sleeptime accounting vs CPU hotplug binder: fix unused alloc->free_async_space binder: fix race between mmput() and do_exit() xen-netback: don't produce zero-size SKB frags Revert "ASoC: atmel: Remove system clock tree configuration for at91sam9g20ek" Input: atkbd - use ab83 as id when skipping the getid command binder: fix async space check for 0-sized buffers of: unittest: Fix of_count_phandle_with_args() expected value message of: Fix double free in of_parse_phandle_with_args_map mmc: sdhci_omap: Fix TI SoC dependencies watchdog: bcm2835_wdt: Fix WDIOC_SETTIMEOUT handling watchdog/hpwdt: Only claim UNKNOWN NMI if from iLO watchdog: set cdev owner before adding gpu/drm/radeon: fix two memleaks in radeon_vm_init drivers/amd/pm: fix a use-after-free in kv_parse_power_table drm/amd/pm: fix a double-free in si_dpm_init drm/amdgpu/debugfs: fix error code when smc register accessors are NULL media: dvbdev: drop refcount on error path in dvb_device_open() media: cx231xx: fix a memleak in cx231xx_init_isoc drm/radeon/trinity_dpm: fix a memleak in trinity_parse_power_table drm/radeon/dpm: fix a memleak in sumo_parse_power_table drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() drm/drv: propagate errors from drm_modeset_register_all() drm/msm/mdp4: flush vblank event on disable ASoC: cs35l34: Fix GPIO name and drop legacy include ASoC: cs35l33: Fix GPIO name and drop legacy include drm/radeon: check return value of radeon_ring_lock() drm/radeon/r100: Fix integer overflow issues in r100_cs_track_check() drm/radeon/r600_cs: Fix possible int overflows in r600_cs_check_reg() f2fs: fix to avoid dirent corruption drm/bridge: Fix typo in post_disable() description media: pvrusb2: fix use after free on context disconnection RDMA/usnic: Silence uninitialized symbol smatch warnings ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() Bluetooth: btmtkuart: fix recv_buf() return value Bluetooth: Fix bogus check for re-auth no supported with non-ssp wifi: rtlwifi: rtl8192se: using calculate_bit_shift() wifi: rtlwifi: rtl8192ee: using calculate_bit_shift() wifi: rtlwifi: rtl8192de: using calculate_bit_shift() rtlwifi: rtl8192de: make arrays static const, makes object smaller wifi: rtlwifi: rtl8192ce: using calculate_bit_shift() wifi: rtlwifi: rtl8192cu: using calculate_bit_shift() wifi: rtlwifi: rtl8192c: using calculate_bit_shift() wifi: rtlwifi: rtl8188ee: phy: using calculate_bit_shift() wifi: rtlwifi: add calculate_bit_shift() dma-mapping: clear dev->dma_mem to NULL after freeing it scsi: hisi_sas: Replace with standard error code return value wifi: rtlwifi: rtl8821ae: phy: fix an undefined bitwise shift behavior rtlwifi: Use ffs in <foo>_phy_calculate_bit_shift firmware: ti_sci: Fix an off-by-one in ti_sci_debugfs_create() net/ncsi: Fix netlink major/minor version numbers ncsi: internal.h: Fix a spello ARM: dts: qcom: apq8064: correct XOADC register address wifi: libertas: stop selecting wext bpf, lpm: Fix check prefixlen before walking trie NFSv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT blocklayoutdriver: Fix reference leak of pnfs_device_node crypto: scomp - fix req->dst buffer overflow crypto: scompress - Use per-CPU struct instead multiple variables crypto: scompress - return proper error code for allocation failure crypto: sahara - do not resize req->src when doing hash operations crypto: sahara - fix processing hash requests with req->nbytes < sg->length crypto: sahara - improve error handling in sahara_sha_process() crypto: sahara - fix wait_for_completion_timeout() error handling crypto: sahara - fix ahash reqsize crypto: virtio - Wait for tasklet to complete on device remove pstore: ram_core: fix possible overflow in persistent_ram_init_ecc() crypto: sahara - fix error handling in sahara_hw_descriptor_create() crypto: sahara - fix processing requests with cryptlen < sg->length crypto: sahara - fix ahash selftest failure crypto: sahara - remove FLAGS_NEW_KEY logic crypto: af_alg - Disallow multiple in-flight AIO requests crypto: ccp - fix memleak in ccp_init_dm_workarea crypto: virtio - Handle dataq logic with tasklet selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socket mtd: Fix gluebi NULL pointer dereference caused by ftl notifier calipso: fix memory leak in netlbl_calipso_add_pass() netlabel: remove unused parameter in netlbl_netlink_auditinfo() net: netlabel: Fix kerneldoc warnings ACPI: LPIT: Avoid u32 multiplication overflow ACPI: video: check for error while searching for backlight device parent mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller response powerpc/imc-pmu: Add a null pointer check in update_events_in_group() powerpc/powernv: Add a null pointer check in opal_event_init() selftests/powerpc: Fix error handling in FPU/VMX preemption tests powerpc/pseries/memhp: Fix access beyond end of drmem array powerpc/pseries/memhotplug: Quieten some DLPAR operations powerpc/44x: select I2C for CURRITUCK powerpc: remove redundant 'default n' from Kconfig-s powerpc: add crtsavres.o to always-y instead of extra-y EDAC/thunderx: Fix possible out-of-bounds string access x86/lib: Fix overflow when counting digits coresight: etm4x: Fix width of CCITMIN field uio: Fix use-after-free in uio_open binder: fix comment on binder_alloc_new_buf() return value binder: use EPOLLERR from eventpoll.h drm/crtc: fix uninitialized variable use ARM: sun9i: smp: fix return code check of of_property_match_string Input: xpad - add Razer Wolverine V2 support ARC: fix spare error s390/scm: fix virtual vs physical address confusion Input: i8042 - add nomux quirk for Acer P459-G2-M Input: atkbd - skip ATKBD_CMD_GETID in translated mode reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning ring-buffer: Do not record in NMI if the arch does not support cmpxchg in NMI tracing: Add size check when printing trace_marker output tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing drm/crtc: Fix uninit-value bug in drm_mode_setcrtc jbd2: correct the printing of write_flags in jbd2_write_superblock() clk: rockchip: rk3128: Fix HCLK_OTG gate register drm/exynos: fix a potential error pointer dereference ASoC: da7219: Support low DC impedance headset net/tg3: fix race condition in tg3_reset_task() ASoC: rt5650: add mutex to avoid the jack detection failure ASoC: cs43130: Fix incorrect frame delay configuration ASoC: cs43130: Fix the position of const qualifier ASoC: Intel: Skylake: mem leak in skl register function f2fs: explicitly null-terminate the xattr list UPSTREAM: wifi: cfg80211: fix buffer overflow in elem comparison UPSTREAM: gcov: clang: fix the buffer overflow issue BACKPORT: selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context() UPSTREAM: wifi: cfg80211: avoid nontransmitted BSS list corruption UPSTREAM: wifi: cfg80211: fix BSS refcounting bugs UPSTREAM: wifi: cfg80211: ensure length byte is present before access UPSTREAM: wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans() UPSTREAM: wireguard: netlink: avoid variable-sized memcpy on sockaddr UPSTREAM: wireguard: ratelimiter: disable timings test by default UPSTREAM: crypto: lib - remove unneeded selection of XOR_BLOCKS UPSTREAM: wireguard: allowedips: don't corrupt stack when detecting overflow UPSTREAM: wireguard: ratelimiter: use hrtimer in selftest UPSTREAM: crypto: arm64/poly1305 - fix a read out-of-bound UPSTREAM: wifi: mac80211_hwsim: set virtio device ready in probe() UPSTREAM: crypto: memneq - move into lib/ UPSTREAM: dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace BACKPORT: usb: typec: mux: Check dev_set_name() return value UPSTREAM: wireguard: device: check for metadata_dst with skb_valid_dst() UPSTREAM: sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq UPSTREAM: cfg80211: hold bss_lock while updating nontrans_list UPSTREAM: wireguard: socket: ignore v6 endpoints when ipv6 is disabled UPSTREAM: wireguard: socket: free skb in send6 when ipv6 is disabled UPSTREAM: wireguard: queueing: use CFI-safe ptr_ring cleanup function UPSTREAM: mm: don't try to NUMA-migrate COW pages that have other uses UPSTREAM: copy_process(): Move fd_install() out of sighand->siglock critical section UPSTREAM: usb: raw-gadget: fix handling of dual-direction-capable endpoints UPSTREAM: psi: Fix "no previous prototype" warnings when CONFIG_CGROUPS=n UPSTREAM: sched/uclamp: Fix rq->uclamp_max not set on first enqueue UPSTREAM: wireguard: selftests: increase default dmesg log size UPSTREAM: wireguard: allowedips: add missing __rcu annotation to satisfy sparse UPSTREAM: sched/uclamp: Fix uclamp_tg_restrict() UPSTREAM: coresight: etm4x: Fix etm4_count race by moving cpuhp callbacks to init UPSTREAM: sched/uclamp: Fix a deadlock when enabling uclamp static key UPSTREAM: mac80211_hwsim: use GFP_ATOMIC under spin lock UPSTREAM: usercopy: Avoid soft lockups in test_check_nonzero_user() UPSTREAM: lib: test_user_copy: style cleanup UPSTREAM: fork: return proper negative error code Revert "ipv6: make ip6_rt_gc_expire an atomic_t" Revert "ipv6: remove max_size check inline with ipv4" Linux 4.19.305 ipv6: remove max_size check inline with ipv4 ipv6: make ip6_rt_gc_expire an atomic_t net/dst: use a smaller percpu_counter batch for dst entries accounting net: add a route cache full diagnostic message PCI: Disable ATS for specific Intel IPU E2000 devices PCI: Extract ATS disabling to a helper function netfilter: nf_tables: Reject tables of unsupported family fuse: nlookup missing decrement in fuse_direntplus_link mmc: core: Cancel delayed work before releasing host mmc: rpmb: fixes pause retune on all RPMB partitions. mm: fix unmap_mapping_range high bits shift bug firewire: ohci: suppress unexpected system reboot in AMD Ryzen machines and ASM108x/VT630x PCIe cards mm/memory-failure: check the mapcount of the precise page bnxt_en: Remove mis-applied code from bnxt_cfg_ntp_filters() asix: Add check for usbnet_get_endpoints net/qla3xxx: fix potential memleak in ql_alloc_buffer_queues net/qla3xxx: switch from 'pci_' to 'dma_' API i40e: Restore VF MSI-X state during PCI reset i40e: fix use-after-free in i40e_aqc_add_filters() net: Save and restore msg_namelen in sock_sendmsg net: bcmgenet: Fix FCS generation for fragmented skbuffs ARM: sun9i: smp: Fix array-index-out-of-bounds read in sunxi_mc_smp_init net: sched: em_text: fix possible memory leak in em_text_destroy() i40e: Fix filter input checks to prevent config with invalid values nfc: llcp_core: Hold a ref to llcp_local->dev when holding a ref to llcp_local UPSTREAM: fsverity: skip PKCS#7 parser when keyring is empty Conflicts: drivers/hwtracing/coresight/coresight-etm4x.c drivers/net/ethernet/qualcomm/rmnet/rmnet_config.c include/linux/psi.h mm/memory-failure.c net/wireless/scan.c Change-Id: I49b769cb8387e5d5f28730d13cbdf4ffd335dc70 |
||
|
Greg Kroah-Hartman
|
bee81d3469 |
Merge 4.19.306 into android-4.19-stable
Changes in 4.19.306 f2fs: explicitly null-terminate the xattr list ASoC: Intel: Skylake: mem leak in skl register function ASoC: cs43130: Fix the position of const qualifier ASoC: cs43130: Fix incorrect frame delay configuration ASoC: rt5650: add mutex to avoid the jack detection failure net/tg3: fix race condition in tg3_reset_task() ASoC: da7219: Support low DC impedance headset drm/exynos: fix a potential error pointer dereference clk: rockchip: rk3128: Fix HCLK_OTG gate register jbd2: correct the printing of write_flags in jbd2_write_superblock() drm/crtc: Fix uninit-value bug in drm_mode_setcrtc tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing tracing: Add size check when printing trace_marker output ring-buffer: Do not record in NMI if the arch does not support cmpxchg in NMI reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning Input: atkbd - skip ATKBD_CMD_GETID in translated mode Input: i8042 - add nomux quirk for Acer P459-G2-M s390/scm: fix virtual vs physical address confusion ARC: fix spare error Input: xpad - add Razer Wolverine V2 support ARM: sun9i: smp: fix return code check of of_property_match_string drm/crtc: fix uninitialized variable use binder: use EPOLLERR from eventpoll.h binder: fix comment on binder_alloc_new_buf() return value uio: Fix use-after-free in uio_open coresight: etm4x: Fix width of CCITMIN field x86/lib: Fix overflow when counting digits EDAC/thunderx: Fix possible out-of-bounds string access powerpc: add crtsavres.o to always-y instead of extra-y powerpc: remove redundant 'default n' from Kconfig-s powerpc/44x: select I2C for CURRITUCK powerpc/pseries/memhotplug: Quieten some DLPAR operations powerpc/pseries/memhp: Fix access beyond end of drmem array selftests/powerpc: Fix error handling in FPU/VMX preemption tests powerpc/powernv: Add a null pointer check in opal_event_init() powerpc/imc-pmu: Add a null pointer check in update_events_in_group() mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller response ACPI: video: check for error while searching for backlight device parent ACPI: LPIT: Avoid u32 multiplication overflow net: netlabel: Fix kerneldoc warnings netlabel: remove unused parameter in netlbl_netlink_auditinfo() calipso: fix memory leak in netlbl_calipso_add_pass() mtd: Fix gluebi NULL pointer dereference caused by ftl notifier selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socket crypto: virtio - Handle dataq logic with tasklet crypto: ccp - fix memleak in ccp_init_dm_workarea crypto: af_alg - Disallow multiple in-flight AIO requests crypto: sahara - remove FLAGS_NEW_KEY logic crypto: sahara - fix ahash selftest failure crypto: sahara - fix processing requests with cryptlen < sg->length crypto: sahara - fix error handling in sahara_hw_descriptor_create() pstore: ram_core: fix possible overflow in persistent_ram_init_ecc() crypto: virtio - Wait for tasklet to complete on device remove crypto: sahara - fix ahash reqsize crypto: sahara - fix wait_for_completion_timeout() error handling crypto: sahara - improve error handling in sahara_sha_process() crypto: sahara - fix processing hash requests with req->nbytes < sg->length crypto: sahara - do not resize req->src when doing hash operations crypto: scompress - return proper error code for allocation failure crypto: scompress - Use per-CPU struct instead multiple variables crypto: scomp - fix req->dst buffer overflow blocklayoutdriver: Fix reference leak of pnfs_device_node NFSv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT bpf, lpm: Fix check prefixlen before walking trie wifi: libertas: stop selecting wext ARM: dts: qcom: apq8064: correct XOADC register address ncsi: internal.h: Fix a spello net/ncsi: Fix netlink major/minor version numbers firmware: ti_sci: Fix an off-by-one in ti_sci_debugfs_create() rtlwifi: Use ffs in <foo>_phy_calculate_bit_shift wifi: rtlwifi: rtl8821ae: phy: fix an undefined bitwise shift behavior scsi: hisi_sas: Replace with standard error code return value dma-mapping: clear dev->dma_mem to NULL after freeing it wifi: rtlwifi: add calculate_bit_shift() wifi: rtlwifi: rtl8188ee: phy: using calculate_bit_shift() wifi: rtlwifi: rtl8192c: using calculate_bit_shift() wifi: rtlwifi: rtl8192cu: using calculate_bit_shift() wifi: rtlwifi: rtl8192ce: using calculate_bit_shift() rtlwifi: rtl8192de: make arrays static const, makes object smaller wifi: rtlwifi: rtl8192de: using calculate_bit_shift() wifi: rtlwifi: rtl8192ee: using calculate_bit_shift() wifi: rtlwifi: rtl8192se: using calculate_bit_shift() Bluetooth: Fix bogus check for re-auth no supported with non-ssp Bluetooth: btmtkuart: fix recv_buf() return value ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() RDMA/usnic: Silence uninitialized symbol smatch warnings media: pvrusb2: fix use after free on context disconnection drm/bridge: Fix typo in post_disable() description f2fs: fix to avoid dirent corruption drm/radeon/r600_cs: Fix possible int overflows in r600_cs_check_reg() drm/radeon/r100: Fix integer overflow issues in r100_cs_track_check() drm/radeon: check return value of radeon_ring_lock() ASoC: cs35l33: Fix GPIO name and drop legacy include ASoC: cs35l34: Fix GPIO name and drop legacy include drm/msm/mdp4: flush vblank event on disable drm/drv: propagate errors from drm_modeset_register_all() drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() drm/radeon/dpm: fix a memleak in sumo_parse_power_table drm/radeon/trinity_dpm: fix a memleak in trinity_parse_power_table media: cx231xx: fix a memleak in cx231xx_init_isoc media: dvbdev: drop refcount on error path in dvb_device_open() drm/amdgpu/debugfs: fix error code when smc register accessors are NULL drm/amd/pm: fix a double-free in si_dpm_init drivers/amd/pm: fix a use-after-free in kv_parse_power_table gpu/drm/radeon: fix two memleaks in radeon_vm_init watchdog: set cdev owner before adding watchdog/hpwdt: Only claim UNKNOWN NMI if from iLO watchdog: bcm2835_wdt: Fix WDIOC_SETTIMEOUT handling mmc: sdhci_omap: Fix TI SoC dependencies of: Fix double free in of_parse_phandle_with_args_map of: unittest: Fix of_count_phandle_with_args() expected value message binder: fix async space check for 0-sized buffers Input: atkbd - use ab83 as id when skipping the getid command Revert "ASoC: atmel: Remove system clock tree configuration for at91sam9g20ek" xen-netback: don't produce zero-size SKB frags binder: fix race between mmput() and do_exit() binder: fix unused alloc->free_async_space tick-sched: Fix idle and iowait sleeptime accounting vs CPU hotplug usb: phy: mxs: remove CONFIG_USB_OTG condition for mxs_phy_is_otg_host() usb: dwc: ep0: Update request status in dwc3_ep0_stall_restart Revert "usb: dwc3: Soft reset phy on probe for host" Revert "usb: dwc3: don't reset device side if dwc3 was configured as host-only" usb: chipidea: wait controller resume finished for wakeup irq Revert "usb: typec: class: fix typec_altmode_put_partner to put plugs" usb: typec: class: fix typec_altmode_put_partner to put plugs usb: mon: Fix atomicity violation in mon_bin_vma_fault ALSA: oxygen: Fix right channel of capture volume mixer fbdev: flush deferred work in fb_deferred_io_fsync() wifi: rtlwifi: Remove bogus and dangerous ASPM disable/enable code wifi: rtlwifi: Convert LNKCTL change to PCIe cap RMW accessors wifi: mwifiex: configure BSSID consistently when starting AP HID: wacom: Correct behavior when processing some confidence == false touches MIPS: Alchemy: Fix an out-of-bound access in db1200_dev_setup() MIPS: Alchemy: Fix an out-of-bound access in db1550_dev_setup() acpi: property: Let args be NULL in __acpi_node_get_property_reference perf genelf: Set ELF program header addresses properly apparmor: avoid crash when parsed profile name is empty serial: imx: Correct clock error message in function probe() net: qualcomm: rmnet: fix global oob in rmnet_policy net: ravb: Fix dma_addr_t truncation in error case net: dsa: vsc73xx: Add null pointer check to vsc73xx_gpio_probe ipvs: avoid stat macros calls from preemptible context kdb: Censor attempts to set PROMPT without ENABLE_MEM_READ kdb: Fix a potential buffer overflow in kdb_local() i2c: s3c24xx: fix read transfers in polling mode i2c: s3c24xx: fix transferring more than one message in polling mode Revert "NFSD: Fix possible sleep during nfsd4_release_lockowner()" crypto: scompress - initialize per-CPU variables on each CPU Linux 4.19.306 Change-Id: Ib746be8cff1e4086680c032a03b0fc0ab5968a51 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Sebastian Andrzej Siewior
|
a132ff9171 |
crypto: scompress - initialize per-CPU variables on each CPU
commit 8c3fffe3993b06dd1955a79bd2f0f3b143d259b3 upstream.
In commit 71052dcf4be70 ("crypto: scompress - Use per-CPU struct instead
multiple variables") I accidentally initialized multiple times the memory on a
random CPU. I should have initialize the memory on every CPU like it has
been done earlier. I didn't notice this because the scheduler didn't
move the task to another CPU.
Guenter managed to do that and the code crashed as expected.
Allocate / free per-CPU memory on each CPU.
Fixes: 71052dcf4be70 ("crypto: scompress - Use per-CPU struct instead multiple variables")
Reported-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Tested-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Chengming Zhou
|
1142d65c5b |
crypto: scomp - fix req->dst buffer overflow
[ Upstream commit 744e1885922a9943458954cfea917b31064b4131 ]
The req->dst buffer size should be checked before copying from the
scomp_scratch->dst to avoid req->dst buffer overflow problem.
Fixes:
|
||
|
Sebastian Andrzej Siewior
|
f8f261f9ad |
crypto: scompress - Use per-CPU struct instead multiple variables
[ Upstream commit 71052dcf4be70be4077817297dcde7b155e745f2 ] Two per-CPU variables are allocated as pointer to per-CPU memory which then are used as scratch buffers. We could be smart about this and use instead a per-CPU struct which contains the pointers already and then we need to allocate just the scratch buffers. Add a lock to the struct. By doing so we can avoid the get_cpu() statement and gain lockdep coverage (if enabled) to ensure that the lock is always acquired in the right context. On non-preemptible kernels the lock vanishes. It is okay to use raw_cpu_ptr() in order to get a pointer to the struct since it is protected by the spinlock. The diffstat of this is negative and according to size scompress.o: text data bss dec hex filename 1847 160 24 2031 7ef dbg_before.o 1754 232 4 1990 7c6 dbg_after.o 1799 64 24 1887 75f no_dbg-before.o 1703 88 4 1795 703 no_dbg-after.o The overall size increase difference is also negative. The increase in the data section is only four bytes without lockdep. Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Stable-dep-of: 744e1885922a ("crypto: scomp - fix req->dst buffer overflow") Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Sebastian Andrzej Siewior
|
1915874d67 |
crypto: scompress - return proper error code for allocation failure
[ Upstream commit 6a4d1b18ef00a7b182740b7b4d8a0fcd317368f8 ] If scomp_acomp_comp_decomp() fails to allocate memory for the destination then we never copy back the data we compressed. It is probably best to return an error code instead 0 in case of failure. I haven't found any user that is using acomp_request_set_params() without the `dst' buffer so there is probably no harm. Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Stable-dep-of: 744e1885922a ("crypto: scomp - fix req->dst buffer overflow") Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Herbert Xu
|
19af0310c8 |
crypto: af_alg - Disallow multiple in-flight AIO requests
[ Upstream commit 67b164a871af1d736f131fd6fe78a610909f06f3 ] Having multiple in-flight AIO requests results in unpredictable output because they all share the same IV. Fix this by only allowing one request at a time. Fixes: |
||
|
Jason A. Donenfeld
|
a2243f0ffd |
UPSTREAM: crypto: memneq - move into lib/
This is used by code that doesn't need CONFIG_CRYPTO, so move this into lib/ with a Kconfig option so that it can be selected by whatever needs it. This fixes a linker error Zheng pointed out when CRYPTO_MANAGER_DISABLE_TESTS!=y and CRYPTO=m: lib/crypto/curve25519-selftest.o: In function `curve25519_selftest': curve25519-selftest.c:(.init.text+0x60): undefined reference to `__crypto_memneq' curve25519-selftest.c:(.init.text+0xec): undefined reference to `__crypto_memneq' curve25519-selftest.c:(.init.text+0x114): undefined reference to `__crypto_memneq' curve25519-selftest.c:(.init.text+0x154): undefined reference to `__crypto_memneq' Bug: 254441685 Reported-by: Zheng Bin <zhengbin13@huawei.com> Cc: Eric Biggers <ebiggers@kernel.org> Cc: stable@vger.kernel.org Fixes: aa127963f1ca ("crypto: lib/curve25519 - re-add selftests") Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Reviewed-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 920b0442b9f884f55f4745b53430c80e71e90275) Signed-off-by: Lee Jones <joneslee@google.com> Change-Id: If70cd31f6e09f4312a7c7f815cc93637e00e1fb7 |
||
|
Michael Bestas
|
fc25408795 |
Merge remote-tracking branch 'sm8250/lineage-20' into lineage-20
* sm8250/lineage-20: msm: vidc: fix error during debugfs init Squashed revert of recent blk-mq changes fixup! qcacld-3.0: Use freq hint in scan for ssid Revert "macsec: use DEV_STATS_INC()" Revert "net: add DEV_STATS_READ() helper" Linux 4.19.300 net: sched: fix race condition in qdisc_graft() iomap: Set all uptodate bits for an Uptodate page scsi: virtio_scsi: limit number of hw queues by nr_cpu_ids drm/amdgpu: fix error handling in amdgpu_bo_list_get() ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks ext4: correct return value of ext4_convert_meta_bg ext4: correct offset of gdb backup in non meta_bg group to update_backups ext4: apply umask if ACL support is disabled Revert "net: r8169: Disable multicast filter for RTL8168H and RTL8107E" media: venus: hfi: add checks to handle capabilities from firmware media: venus: hfi: fix the check to handle session buffer requirement media: venus: hfi_parser: Add check to keep the number of codecs within range media: sharp: fix sharp encoding media: lirc: drop trailing space from scancode transmit i2c: i801: fix potential race in i801_block_transaction_byte_by_byte net: dsa: lan9303: consequently nested-lock physical MDIO tty: serial: meson: fix hard LOCKUP on crtscts mode serial: meson: Use platform_get_irq() to get the interrupt tty: serial: meson: retrieve port FIFO size from DT serial: meson: remove redundant initialization of variable id tty: serial: meson: if no alias specified use an available id ALSA: hda/realtek - Enable internal speaker of ASUS K6500ZC ALSA: info: Fix potential deadlock at disconnection parisc/pgtable: Do not drop upper 5 address bits of physical address parisc: Prevent booting 64-bit kernels on PA1.x machines dmaengine: stm32-mdma: correct desc prep when channel running mcb: fix error handling for different scenarios when parsing quota: explicitly forbid quota files from being encrypted jbd2: fix potential data lost in recovering journal raced with synchronizing fs bdev PM: hibernate: Clean up sync_read handling in snapshot_write_next() PM: hibernate: Use __get_safe_page() rather than touching the list mmc: vub300: fix an error code clk: qcom: ipq8074: drop the CLK_SET_RATE_PARENT flag from PLL clocks parisc/pdc: Add width field to struct pdc_model PCI: keystone: Don't discard .probe() callback PCI: keystone: Don't discard .remove() callback genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware mmc: meson-gx: Remove setting of CMD_CFG_ERROR PCI/sysfs: Protect driver's D3cold preference from user space hvc/xen: fix error path in xen_hvc_init() to always register frontend driver audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare() audit: don't take task_lock() in audit_exe_compare() code path KVM: x86: Ignore MSR_AMD64_TW_CFG access randstruct: Fix gcc-plugin performance mode to stay in group media: venus: hfi: add checks to perform sanity on queue pointers cifs: spnego: add ';' in HOST_KEY_LEN macvlan: Don't propagate promisc change to lower dev in passthru net: ethernet: cortina: Fix MTU max setting net: ethernet: cortina: Handle large frames net: ethernet: cortina: Fix max RX frame define ptp: annotate data-race around q->head and q->tail xen/events: fix delayed eoi list handling ppp: limit MRU to 64K tipc: Fix kernel-infoleak due to uninitialized TLV value tty: Fix uninit-value access in ppp_sync_receive() ipvlan: add ipvlan_route_v6_outbound() helper NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO pwm: Fix double shift bug drm/amd/display: Avoid NULL dereference of timing generator gfs2: ignore negated quota changes media: vivid: avoid integer overflow media: gspca: cpia1: shift-out-of-bounds in set_flicker i2c: sun6i-p2wi: Prevent potential division by zero usb: gadget: f_ncm: Always set current gadget in ncm_bind() tty: vcc: Add check for kstrdup() in vcc_probe() HID: Add quirk for Dell Pro Wireless Keyboard and Mouse KM5221W scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() atm: iphase: Do PCI error checks on own line ALSA: hda: Fix possible null-ptr-deref when assigning a stream ARM: 9320/1: fix stack depot IRQ stack filter jfs: fix array-index-out-of-bounds in diAlloc jfs: fix array-index-out-of-bounds in dbFindLeaf fs/jfs: Add validity check for db_maxag and db_agpref fs/jfs: Add check for negative db_l2nbperpage RDMA/hfi1: Use FIELD_GET() to extract Link Width crypto: pcrypt - Fix hungtask for PADATA_RESET selftests/efivarfs: create-read: fix a resource leak drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e Bluetooth: Fix double free in hci_conn_cleanup net: annotate data-races around sk->sk_dst_pending_confirm net: annotate data-races around sk->sk_tx_queue_mapping wifi: ath10k: fix clang-specific fortify warning wifi: ath9k: fix clang-specific fortify warnings wifi: mac80211: don't return unset power in ieee80211_get_tx_power() x86/mm: Drop the 4 MB restriction on minimal NUMA node memory size clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware clocksource/drivers/timer-imx-gpt: Fix potential memory leak perf/core: Bail out early if the request AUX area is out of bound locking/ww_mutex/test: Fix potential workqueue corruption Revert "ipvlan: properly track tx_errors" ANDROID: fix up platform_device ABI break Linux 4.19.299 btrfs: use u64 for buffer sizes in the tree search ioctls Revert "mmc: core: Capture correct oemid-bits for eMMC cards" fbdev: fsl-diu-fb: mark wr_reg_wa() static fbdev: imsttfb: fix a resource leak in probe fbdev: imsttfb: Fix error path of imsttfb_probe() netfilter: xt_recent: fix (increase) ipv6 literal buffer length r8169: respect userspace disabling IFF_MULTICAST tg3: power down device only on SYSTEM_POWER_OFF net/smc: fix dangling sock under state SMC_APPFINCLOSEWAIT net/smc: wait for pending work before clcsock release_sock net/smc: postpone release of clcsock net: r8169: Disable multicast filter for RTL8168H and RTL8107E r8169: improve rtl_set_rx_mode dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses. dccp: Call security_inet_conn_request() after setting IPv4 addresses. tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING llc: verify mac len before reading mac header Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() pwm: brcmstb: Utilize appropriate clock APIs in suspend/resume pwm: sti: Reduce number of allocations and drop usage of chip_data pwm: sti: Avoid conditional gotos media: dvb-usb-v2: af9035: fix missing unlock media: s3c-camif: Avoid inappropriate kfree() media: bttv: fix use after free error due to btv->timeout timer pcmcia: ds: fix possible name leak in error path in pcmcia_device_add() pcmcia: ds: fix refcount leak in pcmcia_device_add() pcmcia: cs: fix possible hung task and memory leak pccardd() f2fs: fix to initialize map.m_pblk in f2fs_precache_extents() dmaengine: pxa_dma: Remove an erroneous BUG_ON() in pxad_free_desc() USB: usbip: fix stub_dev hub disconnect tools: iio: iio_generic_buffer ensure alignment tools: iio: iio_generic_buffer: Fix some integer type and calculation tools: iio: privatize globals and functions in iio_generic_buffer.c file misc: st_core: Do not call kfree_skb() under spin_lock_irqsave() dmaengine: ti: edma: handle irq_of_parse_and_map() errors usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency tty: tty_jobctrl: fix pid memleak in disassociate_ctty() leds: trigger: ledtrig-cpu:: Fix 'output may be truncated' issue for 'cpu' ledtrig-cpu: Limit to 8 CPUs leds: pwm: Don't disable the PWM when the LED should be off leds: pwm: convert to atomic PWM API leds: pwm: simplify if condition mfd: dln2: Fix double put in dln2_probe ASoC: ams-delta.c: use component after check ASoC: Intel: Skylake: Fix mem leak when parsing UUIDs fails sh: bios: Revive earlyprintk support RDMA/hfi1: Workaround truncation compilation error ext4: move 'ix' sanity check to corrent position ARM: 9321/1: memset: cast the constant byte to unsigned char hid: cp2112: Fix duplicate workqueue initialization HID: cp2112: Use irqchip template nd_btt: Make BTT lanes preemptible sched/rt: Provide migrate_disable/enable() inlines hwrng: geode - fix accessing registers clk: scmi: Free scmi_clk allocated when the clocks with invalid info are skipped firmware: ti_sci: Mark driver as non removable ARM: dts: qcom: mdm9615: populate vsdcc fixed regulator drm/rockchip: cdn-dp: Fix some error handling paths in cdn_dp_probe() drm/radeon: possible buffer overflow drm/rockchip: vop: Fix reset of state in duplicate state crtc funcs hwmon: (coretemp) Fix potentially truncated sysfs attribute name platform/x86: wmi: Fix opening of char device platform/x86: wmi: remove unnecessary initializations platform/x86: wmi: Fix probe failure when failing to register WMI devices clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data clk: npcm7xx: Fix incorrect kfree clk: keystone: pll: fix a couple NULL vs IS_ERR() checks clk: qcom: clk-rcg2: Fix clock rate overflow for high parent frequencies regmap: debugfs: Fix a erroneous check after snprintf() ipvlan: properly track tx_errors net: add DEV_STATS_READ() helper macsec: use DEV_STATS_INC() macsec: Fix traffic counters/statistics ipv6: avoid atomic fragment on GSO packets ACPI: sysfs: Fix create_pnp_modalias() and create_of_modalias() chtls: fix tp->rcv_tstamp initialization thermal: core: prevent potential string overflow can: dev: can_restart(): fix race condition between controller restart and netif_carrier_on() can: dev: can_restart(): don't crash kernel if carrier is OK can: dev: move driver related infrastructure into separate subdir wifi: rtlwifi: fix EDCA limit set by BT coexistence tcp_metrics: do not create an entry from tcp_init_metrics() tcp_metrics: properly set tp->snd_ssthresh in tcp_init_metrics() tcp_metrics: add missing barriers on delete i40e: fix potential memory leaks in i40e_remove() genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() vfs: fix readahead(2) on block devices Linux 4.19.298 tty: 8250: Add support for Intashield IS-100 tty: 8250: Add support for Brainboxes UP cards tty: 8250: Add support for additional Brainboxes UC cards tty: 8250: Remove UC-257 and UC-431 usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device remove the sx8 block driver ata: ahci: fix enum constants for gcc-13 net: chelsio: cxgb4: add an error code check in t4_load_phy_fw platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to 0x2e scsi: mpt3sas: Fix in error path fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() ASoC: rt5650: fix the wrong result of key button netfilter: nfnetlink_log: silence bogus compiler warning fbdev: atyfb: only use ioremap_uc() on i386 and ia64 Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe irqchip/stm32-exti: add missing DT IRQ flag translation Input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table ASoC: simple-card: fixup asoc_simple_probe() error handling MAINTAINERS: r8169: Update path to the driver x86: Fix .brk attribute in linker script rpmsg: Fix possible refcount leak in rpmsg_register_device_override() rpmsg: glink: Release driver_override rpmsg: Fix calling device_lock() on non-initialized device rpmsg: Fix kfree() of static memory on setting driver_override rpmsg: Constify local variable in field store macro driver: platform: Add helper for safer setting of driver_override x86/mm: Fix RESERVE_BRK() for older binutils x86/mm: Simplify RESERVE_BRK() nfsd: lock_rename() needs both directories to live on the same fs f2fs: fix to do sanity check on inode type during garbage collection smbdirect: missing rc checks while waiting for rdma events kobject: Fix slab-out-of-bounds in fill_kobj_path() arm64: fix a concurrency issue in emulation_proc_handler() drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() ARM: 8933/1: replace Sun/Solaris style flag on section directive NFS: Don't call generic_error_remove_page() while holding locks x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility iio: exynos-adc: request second interupt only when touchscreen mode is used perf/core: Fix potential NULL deref nvmem: imx: correct nregs for i.MX6UL nvmem: imx: correct nregs for i.MX6SLL i2c: stm32f7: Fix PEC handling in case of SMBUS transfers i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR gtp: fix fragmentation needed check with gso igb: Fix potential memory leak in igb_add_ethtool_nfc_entry treewide: Spelling fix in comment r8169: fix the KCSAN reported data race in rtl_rx while reading desc->opts1 r8169: fix the KCSAN reported data-race in rtl_tx while reading TxDescArray[entry].opts1 r8169: rename r8169.c to r8169_main.c virtio-mmio: fix memory leak of vm_dev virtio_balloon: Fix endless deflation and inflation on arm64 mcb-lpc: Reallocate memory region to avoid memory overlapping mcb: Return actual parsed size when reading chameleon table selftests/ftrace: Add new test case which checks non unique symbol mmc: core: sdio: hold retuning if sdio in 1-bit mode mmc: sdio: Don't re-initialize powered-on removable SDIO cards at resume BACKPORT: blk-mq: fix is_flush_rq BACKPORT: blk-mq: clear stale request in tags->rq[] before freeing one request pool BACKPORT: blk-mq: clearing flush request reference in tags->rqs[] BACKPORT: blk-mq: grab rq->refcount before calling ->fn in blk_mq_tagset_busy_iter Change-Id: I37f10dcb0a88e18d4c104895d24235ab238da2d8 |
||
|
Michael Bestas
|
33ef102789 |
Merge tag 'ASB-2023-12-05_4.19-stable' of https://android.googlesource.com/kernel/common into android13-4.19-kona
https://source.android.com/docs/security/bulletin/2023-12-01 * tag 'ASB-2023-12-05_4.19-stable' of https://android.googlesource.com/kernel/common: Revert "macsec: use DEV_STATS_INC()" Revert "net: add DEV_STATS_READ() helper" Linux 4.19.300 net: sched: fix race condition in qdisc_graft() iomap: Set all uptodate bits for an Uptodate page scsi: virtio_scsi: limit number of hw queues by nr_cpu_ids drm/amdgpu: fix error handling in amdgpu_bo_list_get() ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks ext4: correct return value of ext4_convert_meta_bg ext4: correct offset of gdb backup in non meta_bg group to update_backups ext4: apply umask if ACL support is disabled Revert "net: r8169: Disable multicast filter for RTL8168H and RTL8107E" media: venus: hfi: add checks to handle capabilities from firmware media: venus: hfi: fix the check to handle session buffer requirement media: venus: hfi_parser: Add check to keep the number of codecs within range media: sharp: fix sharp encoding media: lirc: drop trailing space from scancode transmit i2c: i801: fix potential race in i801_block_transaction_byte_by_byte net: dsa: lan9303: consequently nested-lock physical MDIO tty: serial: meson: fix hard LOCKUP on crtscts mode serial: meson: Use platform_get_irq() to get the interrupt tty: serial: meson: retrieve port FIFO size from DT serial: meson: remove redundant initialization of variable id tty: serial: meson: if no alias specified use an available id ALSA: hda/realtek - Enable internal speaker of ASUS K6500ZC ALSA: info: Fix potential deadlock at disconnection parisc/pgtable: Do not drop upper 5 address bits of physical address parisc: Prevent booting 64-bit kernels on PA1.x machines dmaengine: stm32-mdma: correct desc prep when channel running mcb: fix error handling for different scenarios when parsing quota: explicitly forbid quota files from being encrypted jbd2: fix potential data lost in recovering journal raced with synchronizing fs bdev PM: hibernate: Clean up sync_read handling in snapshot_write_next() PM: hibernate: Use __get_safe_page() rather than touching the list mmc: vub300: fix an error code clk: qcom: ipq8074: drop the CLK_SET_RATE_PARENT flag from PLL clocks parisc/pdc: Add width field to struct pdc_model PCI: keystone: Don't discard .probe() callback PCI: keystone: Don't discard .remove() callback genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware mmc: meson-gx: Remove setting of CMD_CFG_ERROR PCI/sysfs: Protect driver's D3cold preference from user space hvc/xen: fix error path in xen_hvc_init() to always register frontend driver audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare() audit: don't take task_lock() in audit_exe_compare() code path KVM: x86: Ignore MSR_AMD64_TW_CFG access randstruct: Fix gcc-plugin performance mode to stay in group media: venus: hfi: add checks to perform sanity on queue pointers cifs: spnego: add ';' in HOST_KEY_LEN macvlan: Don't propagate promisc change to lower dev in passthru net: ethernet: cortina: Fix MTU max setting net: ethernet: cortina: Handle large frames net: ethernet: cortina: Fix max RX frame define ptp: annotate data-race around q->head and q->tail xen/events: fix delayed eoi list handling ppp: limit MRU to 64K tipc: Fix kernel-infoleak due to uninitialized TLV value tty: Fix uninit-value access in ppp_sync_receive() ipvlan: add ipvlan_route_v6_outbound() helper NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO pwm: Fix double shift bug drm/amd/display: Avoid NULL dereference of timing generator gfs2: ignore negated quota changes media: vivid: avoid integer overflow media: gspca: cpia1: shift-out-of-bounds in set_flicker i2c: sun6i-p2wi: Prevent potential division by zero usb: gadget: f_ncm: Always set current gadget in ncm_bind() tty: vcc: Add check for kstrdup() in vcc_probe() HID: Add quirk for Dell Pro Wireless Keyboard and Mouse KM5221W scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() atm: iphase: Do PCI error checks on own line ALSA: hda: Fix possible null-ptr-deref when assigning a stream ARM: 9320/1: fix stack depot IRQ stack filter jfs: fix array-index-out-of-bounds in diAlloc jfs: fix array-index-out-of-bounds in dbFindLeaf fs/jfs: Add validity check for db_maxag and db_agpref fs/jfs: Add check for negative db_l2nbperpage RDMA/hfi1: Use FIELD_GET() to extract Link Width crypto: pcrypt - Fix hungtask for PADATA_RESET selftests/efivarfs: create-read: fix a resource leak drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e Bluetooth: Fix double free in hci_conn_cleanup net: annotate data-races around sk->sk_dst_pending_confirm net: annotate data-races around sk->sk_tx_queue_mapping wifi: ath10k: fix clang-specific fortify warning wifi: ath9k: fix clang-specific fortify warnings wifi: mac80211: don't return unset power in ieee80211_get_tx_power() x86/mm: Drop the 4 MB restriction on minimal NUMA node memory size clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware clocksource/drivers/timer-imx-gpt: Fix potential memory leak perf/core: Bail out early if the request AUX area is out of bound locking/ww_mutex/test: Fix potential workqueue corruption Revert "ipvlan: properly track tx_errors" ANDROID: fix up platform_device ABI break Linux 4.19.299 btrfs: use u64 for buffer sizes in the tree search ioctls Revert "mmc: core: Capture correct oemid-bits for eMMC cards" fbdev: fsl-diu-fb: mark wr_reg_wa() static fbdev: imsttfb: fix a resource leak in probe fbdev: imsttfb: Fix error path of imsttfb_probe() netfilter: xt_recent: fix (increase) ipv6 literal buffer length r8169: respect userspace disabling IFF_MULTICAST tg3: power down device only on SYSTEM_POWER_OFF net/smc: fix dangling sock under state SMC_APPFINCLOSEWAIT net/smc: wait for pending work before clcsock release_sock net/smc: postpone release of clcsock net: r8169: Disable multicast filter for RTL8168H and RTL8107E r8169: improve rtl_set_rx_mode dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses. dccp: Call security_inet_conn_request() after setting IPv4 addresses. tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING llc: verify mac len before reading mac header Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() pwm: brcmstb: Utilize appropriate clock APIs in suspend/resume pwm: sti: Reduce number of allocations and drop usage of chip_data pwm: sti: Avoid conditional gotos media: dvb-usb-v2: af9035: fix missing unlock media: s3c-camif: Avoid inappropriate kfree() media: bttv: fix use after free error due to btv->timeout timer pcmcia: ds: fix possible name leak in error path in pcmcia_device_add() pcmcia: ds: fix refcount leak in pcmcia_device_add() pcmcia: cs: fix possible hung task and memory leak pccardd() f2fs: fix to initialize map.m_pblk in f2fs_precache_extents() dmaengine: pxa_dma: Remove an erroneous BUG_ON() in pxad_free_desc() USB: usbip: fix stub_dev hub disconnect tools: iio: iio_generic_buffer ensure alignment tools: iio: iio_generic_buffer: Fix some integer type and calculation tools: iio: privatize globals and functions in iio_generic_buffer.c file misc: st_core: Do not call kfree_skb() under spin_lock_irqsave() dmaengine: ti: edma: handle irq_of_parse_and_map() errors usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency tty: tty_jobctrl: fix pid memleak in disassociate_ctty() leds: trigger: ledtrig-cpu:: Fix 'output may be truncated' issue for 'cpu' ledtrig-cpu: Limit to 8 CPUs leds: pwm: Don't disable the PWM when the LED should be off leds: pwm: convert to atomic PWM API leds: pwm: simplify if condition mfd: dln2: Fix double put in dln2_probe ASoC: ams-delta.c: use component after check ASoC: Intel: Skylake: Fix mem leak when parsing UUIDs fails sh: bios: Revive earlyprintk support RDMA/hfi1: Workaround truncation compilation error ext4: move 'ix' sanity check to corrent position ARM: 9321/1: memset: cast the constant byte to unsigned char hid: cp2112: Fix duplicate workqueue initialization HID: cp2112: Use irqchip template nd_btt: Make BTT lanes preemptible sched/rt: Provide migrate_disable/enable() inlines hwrng: geode - fix accessing registers clk: scmi: Free scmi_clk allocated when the clocks with invalid info are skipped firmware: ti_sci: Mark driver as non removable ARM: dts: qcom: mdm9615: populate vsdcc fixed regulator drm/rockchip: cdn-dp: Fix some error handling paths in cdn_dp_probe() drm/radeon: possible buffer overflow drm/rockchip: vop: Fix reset of state in duplicate state crtc funcs hwmon: (coretemp) Fix potentially truncated sysfs attribute name platform/x86: wmi: Fix opening of char device platform/x86: wmi: remove unnecessary initializations platform/x86: wmi: Fix probe failure when failing to register WMI devices clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data clk: npcm7xx: Fix incorrect kfree clk: keystone: pll: fix a couple NULL vs IS_ERR() checks clk: qcom: clk-rcg2: Fix clock rate overflow for high parent frequencies regmap: debugfs: Fix a erroneous check after snprintf() ipvlan: properly track tx_errors net: add DEV_STATS_READ() helper macsec: use DEV_STATS_INC() macsec: Fix traffic counters/statistics ipv6: avoid atomic fragment on GSO packets ACPI: sysfs: Fix create_pnp_modalias() and create_of_modalias() chtls: fix tp->rcv_tstamp initialization thermal: core: prevent potential string overflow can: dev: can_restart(): fix race condition between controller restart and netif_carrier_on() can: dev: can_restart(): don't crash kernel if carrier is OK can: dev: move driver related infrastructure into separate subdir wifi: rtlwifi: fix EDCA limit set by BT coexistence tcp_metrics: do not create an entry from tcp_init_metrics() tcp_metrics: properly set tp->snd_ssthresh in tcp_init_metrics() tcp_metrics: add missing barriers on delete i40e: fix potential memory leaks in i40e_remove() genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() vfs: fix readahead(2) on block devices Linux 4.19.298 tty: 8250: Add support for Intashield IS-100 tty: 8250: Add support for Brainboxes UP cards tty: 8250: Add support for additional Brainboxes UC cards tty: 8250: Remove UC-257 and UC-431 usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device remove the sx8 block driver ata: ahci: fix enum constants for gcc-13 net: chelsio: cxgb4: add an error code check in t4_load_phy_fw platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to 0x2e scsi: mpt3sas: Fix in error path fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() ASoC: rt5650: fix the wrong result of key button netfilter: nfnetlink_log: silence bogus compiler warning fbdev: atyfb: only use ioremap_uc() on i386 and ia64 Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe irqchip/stm32-exti: add missing DT IRQ flag translation Input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table ASoC: simple-card: fixup asoc_simple_probe() error handling MAINTAINERS: r8169: Update path to the driver x86: Fix .brk attribute in linker script rpmsg: Fix possible refcount leak in rpmsg_register_device_override() rpmsg: glink: Release driver_override rpmsg: Fix calling device_lock() on non-initialized device rpmsg: Fix kfree() of static memory on setting driver_override rpmsg: Constify local variable in field store macro driver: platform: Add helper for safer setting of driver_override x86/mm: Fix RESERVE_BRK() for older binutils x86/mm: Simplify RESERVE_BRK() nfsd: lock_rename() needs both directories to live on the same fs f2fs: fix to do sanity check on inode type during garbage collection smbdirect: missing rc checks while waiting for rdma events kobject: Fix slab-out-of-bounds in fill_kobj_path() arm64: fix a concurrency issue in emulation_proc_handler() drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() ARM: 8933/1: replace Sun/Solaris style flag on section directive NFS: Don't call generic_error_remove_page() while holding locks x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility iio: exynos-adc: request second interupt only when touchscreen mode is used perf/core: Fix potential NULL deref nvmem: imx: correct nregs for i.MX6UL nvmem: imx: correct nregs for i.MX6SLL i2c: stm32f7: Fix PEC handling in case of SMBUS transfers i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR gtp: fix fragmentation needed check with gso igb: Fix potential memory leak in igb_add_ethtool_nfc_entry treewide: Spelling fix in comment r8169: fix the KCSAN reported data race in rtl_rx while reading desc->opts1 r8169: fix the KCSAN reported data-race in rtl_tx while reading TxDescArray[entry].opts1 r8169: rename r8169.c to r8169_main.c virtio-mmio: fix memory leak of vm_dev virtio_balloon: Fix endless deflation and inflation on arm64 mcb-lpc: Reallocate memory region to avoid memory overlapping mcb: Return actual parsed size when reading chameleon table selftests/ftrace: Add new test case which checks non unique symbol mmc: core: sdio: hold retuning if sdio in 1-bit mode mmc: sdio: Don't re-initialize powered-on removable SDIO cards at resume Conflicts: drivers/clk/qcom/clk-rcg2.c drivers/leds/leds-pwm.c drivers/mmc/core/sdio.c drivers/rpmsg/qcom_glink_native.c drivers/thermal/thermal_core.c drivers/usb/gadget/function/f_ncm.c Change-Id: I230a2c820e39dd863a874bfc0c7a411896b0ba9c |
||
|
Greg Kroah-Hartman
|
11806753ba |
Merge 4.19.300 into android-4.19-stable
Changes in 4.19.300 locking/ww_mutex/test: Fix potential workqueue corruption perf/core: Bail out early if the request AUX area is out of bound clocksource/drivers/timer-imx-gpt: Fix potential memory leak clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware x86/mm: Drop the 4 MB restriction on minimal NUMA node memory size wifi: mac80211: don't return unset power in ieee80211_get_tx_power() wifi: ath9k: fix clang-specific fortify warnings wifi: ath10k: fix clang-specific fortify warning net: annotate data-races around sk->sk_tx_queue_mapping net: annotate data-races around sk->sk_dst_pending_confirm Bluetooth: Fix double free in hci_conn_cleanup platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL selftests/efivarfs: create-read: fix a resource leak crypto: pcrypt - Fix hungtask for PADATA_RESET RDMA/hfi1: Use FIELD_GET() to extract Link Width fs/jfs: Add check for negative db_l2nbperpage fs/jfs: Add validity check for db_maxag and db_agpref jfs: fix array-index-out-of-bounds in dbFindLeaf jfs: fix array-index-out-of-bounds in diAlloc ARM: 9320/1: fix stack depot IRQ stack filter ALSA: hda: Fix possible null-ptr-deref when assigning a stream atm: iphase: Do PCI error checks on own line scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() HID: Add quirk for Dell Pro Wireless Keyboard and Mouse KM5221W tty: vcc: Add check for kstrdup() in vcc_probe() usb: gadget: f_ncm: Always set current gadget in ncm_bind() i2c: sun6i-p2wi: Prevent potential division by zero media: gspca: cpia1: shift-out-of-bounds in set_flicker media: vivid: avoid integer overflow gfs2: ignore negated quota changes drm/amd/display: Avoid NULL dereference of timing generator pwm: Fix double shift bug NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO ipvlan: add ipvlan_route_v6_outbound() helper tty: Fix uninit-value access in ppp_sync_receive() tipc: Fix kernel-infoleak due to uninitialized TLV value ppp: limit MRU to 64K xen/events: fix delayed eoi list handling ptp: annotate data-race around q->head and q->tail net: ethernet: cortina: Fix max RX frame define net: ethernet: cortina: Handle large frames net: ethernet: cortina: Fix MTU max setting macvlan: Don't propagate promisc change to lower dev in passthru cifs: spnego: add ';' in HOST_KEY_LEN media: venus: hfi: add checks to perform sanity on queue pointers randstruct: Fix gcc-plugin performance mode to stay in group KVM: x86: Ignore MSR_AMD64_TW_CFG access audit: don't take task_lock() in audit_exe_compare() code path audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare() hvc/xen: fix error path in xen_hvc_init() to always register frontend driver PCI/sysfs: Protect driver's D3cold preference from user space mmc: meson-gx: Remove setting of CMD_CFG_ERROR genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware PCI: keystone: Don't discard .remove() callback PCI: keystone: Don't discard .probe() callback parisc/pdc: Add width field to struct pdc_model clk: qcom: ipq8074: drop the CLK_SET_RATE_PARENT flag from PLL clocks mmc: vub300: fix an error code PM: hibernate: Use __get_safe_page() rather than touching the list PM: hibernate: Clean up sync_read handling in snapshot_write_next() jbd2: fix potential data lost in recovering journal raced with synchronizing fs bdev quota: explicitly forbid quota files from being encrypted mcb: fix error handling for different scenarios when parsing dmaengine: stm32-mdma: correct desc prep when channel running parisc: Prevent booting 64-bit kernels on PA1.x machines parisc/pgtable: Do not drop upper 5 address bits of physical address ALSA: info: Fix potential deadlock at disconnection ALSA: hda/realtek - Enable internal speaker of ASUS K6500ZC tty: serial: meson: if no alias specified use an available id serial: meson: remove redundant initialization of variable id tty: serial: meson: retrieve port FIFO size from DT serial: meson: Use platform_get_irq() to get the interrupt tty: serial: meson: fix hard LOCKUP on crtscts mode net: dsa: lan9303: consequently nested-lock physical MDIO i2c: i801: fix potential race in i801_block_transaction_byte_by_byte media: lirc: drop trailing space from scancode transmit media: sharp: fix sharp encoding media: venus: hfi_parser: Add check to keep the number of codecs within range media: venus: hfi: fix the check to handle session buffer requirement media: venus: hfi: add checks to handle capabilities from firmware Revert "net: r8169: Disable multicast filter for RTL8168H and RTL8107E" ext4: apply umask if ACL support is disabled ext4: correct offset of gdb backup in non meta_bg group to update_backups ext4: correct return value of ext4_convert_meta_bg ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks drm/amdgpu: fix error handling in amdgpu_bo_list_get() scsi: virtio_scsi: limit number of hw queues by nr_cpu_ids iomap: Set all uptodate bits for an Uptodate page net: sched: fix race condition in qdisc_graft() Linux 4.19.300 Change-Id: I21f68d5f5dc85afe62bbc6e9a7aac12faee56621 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Lu Jialin
|
039fec48e0 |
crypto: pcrypt - Fix hungtask for PADATA_RESET
[ Upstream commit 8f4f68e788c3a7a696546291258bfa5fdb215523 ]
We found a hungtask bug in test_aead_vec_cfg as follows:
INFO: task cryptomgr_test:391009 blocked for more than 120 seconds.
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
Call trace:
__switch_to+0x98/0xe0
__schedule+0x6c4/0xf40
schedule+0xd8/0x1b4
schedule_timeout+0x474/0x560
wait_for_common+0x368/0x4e0
wait_for_completion+0x20/0x30
wait_for_completion+0x20/0x30
test_aead_vec_cfg+0xab4/0xd50
test_aead+0x144/0x1f0
alg_test_aead+0xd8/0x1e0
alg_test+0x634/0x890
cryptomgr_test+0x40/0x70
kthread+0x1e0/0x220
ret_from_fork+0x10/0x18
Kernel panic - not syncing: hung_task: blocked tasks
For padata_do_parallel, when the return err is 0 or -EBUSY, it will call
wait_for_completion(&wait->completion) in test_aead_vec_cfg. In normal
case, aead_request_complete() will be called in pcrypt_aead_serial and the
return err is 0 for padata_do_parallel. But, when pinst->flags is
PADATA_RESET, the return err is -EBUSY for padata_do_parallel, and it
won't call aead_request_complete(). Therefore, test_aead_vec_cfg will
hung at wait_for_completion(&wait->completion), which will cause
hungtask.
The problem comes as following:
(padata_do_parallel) |
rcu_read_lock_bh(); |
err = -EINVAL; | (padata_replace)
| pinst->flags |= PADATA_RESET;
err = -EBUSY |
if (pinst->flags & PADATA_RESET) |
rcu_read_unlock_bh() |
return err
In order to resolve the problem, we replace the return err -EBUSY with
-EAGAIN, which means parallel_data is changing, and the caller should call
it again.
v3:
remove retry and just change the return err.
v2:
introduce padata_try_do_parallel() in pcrypt_aead_encrypt and
pcrypt_aead_decrypt to solve the hungtask.
Signed-off-by: Lu Jialin <lujialin4@huawei.com>
Signed-off-by: Guo Zihua <guozihua@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Michael Bestas
|
c3edc3a6af |
Merge remote-tracking branch 'sm8250/lineage-20' into lineage-20
* sm8250/lineage-20:
UPSTREAM: net/sched: sch_hfsc: Ensure inner classes have fsc curve
UPSTREAM: net: sched: sch_qfq: Fix UAF in qfq_dequeue()
Linux 4.19.295
net/sched: Retire rsvp classifier
net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
mtd: rawnand: brcmnand: Fix ECC level field setting for v7.2 controller
nfsd: fix change_info in NFSv4 RENAME replies
btrfs: fix lockdep splat and potential deadlock after failure running delayed items
attr: block mode changes of symlinks
md/raid1: fix error: ISO C90 forbids mixed declarations
kobject: Add sanity check for kset->kobj.ktype in kset_register()
media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler warning
serial: cpm_uart: Avoid suspicious locking
scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()
usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc
media: pci: cx23885: replace BUG with error return
media: tuners: qt1010: replace BUG_ON with a regular error
iio: core: Use min() instead of min_t() to make code more robust
media: az6007: Fix null-ptr-deref in az6007_i2c_xfer()
media: anysee: fix null-ptr-deref in anysee_master_xfer
media: af9005: Fix null-ptr-deref in af9005_i2c_xfer
media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()
media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer
powerpc/pseries: fix possible memory leak in ibmebus_bus_init()
jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount
fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount()
ext2: fix datatype of block number in ext2_xattr_set2()
md: raid1: fix potential OOB in raid1_remove_disk()
drm/exynos: fix a possible null-pointer dereference due to data race in exynos_drm_crtc_atomic_disable()
alx: fix OOB-read compiler warning
tpm_tis: Resend command to recover from data transfer errors
crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui()
wifi: mwifiex: fix fortify warning
wifi: ath9k: fix printk specifier
hw_breakpoint: fix single-stepping when using bpf_overflow_handler
ACPI: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470
ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer
btrfs: output extra debug info if we failed to find an inline backref
autofs: fix memory leak of waitqueues in autofs_catatonic_mode
parisc: Drop loops_per_jiffy from per_cpu struct
drm/amd/display: Fix a bug when searching for insert_above_mpcc
kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg().
ixgbe: fix timestamp configuration code
kcm: Fix memory leak in error path of kcm_sendmsg()
net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in mtk_hwlro_get_fdir_all()
perf hists browser: Fix hierarchy mode header
mtd: rawnand: brcmnand: Fix potential false time out warning
mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write
mtd: rawnand: brcmnand: Fix crash during the panic_write
btrfs: don't start transaction when joining with TRANS_JOIN_NOSTART
ata: pata_ftide010: Add missing MODULE_DESCRIPTION
ata: sata_gemini: Add missing MODULE_DESCRIPTION
netfilter: nfnetlink_osf: avoid OOB read
idr: fix param name in idr_alloc_cyclic() doc
igb: Change IGB_MIN to allow set rx/tx value between 64 and 80
igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80
kcm: Destroy mutex in kcm_exit_net()
net: sched: sch_qfq: Fix UAF in qfq_dequeue()
af_unix: Fix data race around sk->sk_err.
af_unix: Fix data-races around sk->sk_shutdown.
af_unix: Fix data-race around unix_tot_inflight.
af_unix: Fix data-races around user->unix_inflight.
net: ipv6/addrconf: avoid integer underflow in ipv6_create_tempaddr
veth: Fixing transmit return status for dropped packets
igb: disable virtualization features on 82580
net: read sk->sk_family once in sk_mc_loop()
pwm: lpc32xx: Remove handling of PWM channels
watchdog: intel-mid_wdt: add MODULE_ALIAS() to allow auto-load
x86/virt: Drop unnecessary check on extended CPUID level in cpu_has_svm()
kconfig: fix possible buffer overflow
NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info
soc: qcom: qmi_encdec: Restrict string length in decode
clk: qcom: gcc-mdm9615: use proper parent for pll0_vote clock
parisc: led: Reduce CPU overhead for disk & lan LED computation
parisc: led: Fix LAN receive and transmit LEDs
drm/ast: Fix DRAM init on AST2200
fbdev/ep93xx-fb: Do not assign to struct fb_info.dev
scsi: qla2xxx: Turn off noisy message log
scsi: qla2xxx: fix inconsistent TMF timeout
udf: initialize newblock to 0
usb: typec: tcpci: clear the fault status bit
serial: sc16is7xx: fix broken port 0 uart init
sc16is7xx: Set iobase to device index
PCI/ATS: Add inline to pci_prg_resp_pasid_required()
pstore/ram: Check start of empty przs during init
net: handle ARPHRD_PPP in dev_is_mac_header_xmit()
X.509: if signature is unsupported skip validation
cpufreq: brcmstb-avs-cpufreq: Fix -Warray-bounds bug
crypto: stm32 - fix loop iterating through scatterlist for DMA
dccp: Fix out of bounds access in DCCP error handler
dlm: fix plock lookup when using multiple lockspaces
parisc: Fix /proc/cpuinfo output for lscpu
procfs: block chmod on /proc/thread-self/comm
Revert "PCI: Mark NVIDIA T4 GPUs to avoid bus reset"
ntb: Fix calculation ntb_transport_tx_free_entry()
ntb: Clean up tx tail index on link down
ntb: Drop packets when qp link is down
media: dvb: symbol fixup for dvb_attach()
backlight/lv5207lp: Compare against struct fb_info.device
backlight/bd6107: Compare against struct fb_info.device
backlight/gpio_backlight: Compare against struct fb_info.device
ARM: OMAP2+: Fix -Warray-bounds warning in _pwrdm_state_switch()
ipmi_si: fix a memleak in try_smi_init()
ALSA: pcm: Fix missing fixup call in compat hw_refine ioctl
PM / devfreq: Fix leak in devfreq_dev_release()
igb: set max size RX buffer when store bad packet is enabled
skbuff: skb_segment, Call zero copy functions before using skbuff frags
netfilter: xt_sctp: validate the flag_info count
netfilter: xt_u32: validate user space input
netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
dmaengine: ste_dma40: Add missing IRQ check in d40_probe
um: Fix hostaudio build errors
arch: um: drivers: Kconfig: pedantic formatting
rpmsg: glink: Add check for kstrdup
HID: multitouch: Correct devm device reference for hidinput input_dev name
Revert "IB/isert: Fix incorrect release of isert connection"
amba: bus: fix refcount leak
serial: tegra: handle clk prepare error in tegra_uart_hw_init()
scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock
scsi: core: Use 32-bit hostnum in scsi_host_lookup()
cgroup:namespace: Remove unused cgroup_namespaces_init()
media: ov2680: Fix regulators being left enabled on ov2680_power_on() errors
media: ov2680: Fix vflip / hflip set functions
media: ov2680: Fix ov2680_bayer_order()
media: ov2680: Remove auto-gain and auto-exposure controls
media: i2c: ov2680: Set V4L2_CTRL_FLAG_MODIFY_LAYOUT on flips
USB: gadget: f_mass_storage: Fix unused variable warning
media: go7007: Remove redundant if statement
IB/uverbs: Fix an potential error pointer dereference
dma-buf/sync_file: Fix docs syntax
scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read() directly
scsi: qedf: Do not touch __user pointer in qedf_dbg_stop_io_on_error_cmd_read() directly
x86/APM: drop the duplicate APM_MINOR_DEV macro
scsi: qla4xxx: Add length check when parsing nlattrs
scsi: be2iscsi: Add length check when parsing nlattrs
scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param()
usb: phy: mxs: fix getting wrong state with mxs_phy_is_otg_host()
media: mediatek: vcodec: Return NULL if no vdec_fb is found
media: cx24120: Add retval check for cx24120_message_send()
media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()
media: dib7000p: Fix potential division by zero
drivers: usb: smsusb: fix error handling code in smsusb_init_device
media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link()
media: v4l2-fwnode: simplify v4l2_fwnode_parse_link
media: v4l2-fwnode: fix v4l2_fwnode_parse_link handling
media: Use of_node_name_eq for node name comparisons
NFSD: da_addr_body field missing in some GETDEVICEINFO replies
fs: lockd: avoid possible wrong NULL parameter
jfs: validate max amount of blocks before allocation.
powerpc/iommu: Fix notifiers being shared by PCI and VIO buses
nfs/blocklayout: Use the passed in gfp flags
wifi: ath10k: Use RMW accessors for changing LNKCTL
drm/radeon: Use RMW accessors for changing LNKCTL
drm/radeon: Prefer pcie_capability_read_word()
drm/radeon: Replace numbers with PCI_EXP_LNKCTL2 definitions
drm/radeon: Correct Transmit Margin masks
drm/amdgpu: Use RMW accessors for changing LNKCTL
drm/amdgpu: Prefer pcie_capability_read_word()
drm/amdgpu: Replace numbers with PCI_EXP_LNKCTL2 definitions
drm/amdgpu: Correct Transmit Margin masks
PCI: Add #defines for Enter Compliance, Transmit Margin
PCI: Decode PCIe 32 GT/s link speed
PCI: Cleanup register definition width and whitespace
PCI/ATS: Add pci_prg_resp_pasid_required() interface.
PCI/ASPM: Use RMW accessors for changing LNKCTL
PCI: pciehp: Use RMW accessors for changing LNKCTL
PCI: Mark NVIDIA T4 GPUs to avoid bus reset
clk: sunxi-ng: Modify mismatched function name
drivers: clk: keystone: Fix parameter judgment in _of_pll_clk_init()
ALSA: ac97: Fix possible error value of *rac97
of: unittest: Fix overlay type in apply/revert check
audit: fix possible soft lockup in __audit_inode_child()
smackfs: Prevent underflow in smk_set_cipso()
drm/msm/mdp5: Don't leak some plane state
drm/msm: Replace drm_framebuffer_{un/reference} with put, get functions
of: unittest: fix null pointer dereferencing in of_unittest_find_node_by_name()
drm/tegra: dpaux: Fix incorrect return value of platform_get_irq
drm/tegra: Remove superfluous error messages around platform_get_irq()
ARM: dts: BCM53573: Fix Ethernet info for Luxul devices
drm: adv7511: Fix low refresh rate register for ADV7533/5
ARM: dts: samsung: s5pv210-smdkv210: correct ethernet reg addresses (split)
ARM: dts: s5pv210: add dummy 5V regulator for backlight on SMDKv210
ARM: dts: s5pv210: correct ethernet unit address in SMDKV210
ARM: dts: s5pv210: use defines for IRQ flags in SMDKV210
ARM: dts: s5pv210: add RTC 32 KHz clock in SMDKV210
ARM: dts: samsung: s3c6410-mini6410: correct ethernet reg addresses (split)
ARM: dts: s3c64xx: align pinctrl with dtschema
ARM: dts: s3c6410: align node SROM bus node name with dtschema in Mini6410
ARM: dts: s3c6410: move fixed clocks under root node in Mini6410
ARM: dts: BCM53573: Use updated "spi-gpio" binding properties
ARM: dts: BCM53573: Add cells sizes to PCIe node
ARM: dts: BCM53573: Drop nonexistent #usb-cells
ARM: dts: BCM53573: Describe on-SoC BCM53125 rev 4 switch
ARM: dts: BCM5301X: Harmonize EHCI/OHCI DT nodes name
drm/amdgpu: avoid integer overflow warning in amdgpu_device_resize_fb_bar()
arm64: dts: qcom: msm8996: Add missing interrupt to the USB2 controller
arm64: dts: msm8996: thermal: Add interrupt support
quota: fix dqput() to follow the guarantees dquot_srcu should provide
quota: add new helper dquot_active()
quota: rename dquot_active() to inode_quota_active()
quota: factor out dquot_write_dquot()
quota: avoid increasing DQST_LOOKUPS when iterating over dirty/inuse list
quota: add dqi_dirty_list description to comment of Dquot List Management
netrom: Deny concurrent connect().
net/sched: sch_hfsc: Ensure inner classes have fsc curve
net: arcnet: Do not call kfree_skb() under local_irq_disable()
wifi: ath9k: use IS_ERR() with debugfs_create_dir()
wifi: mwifiex: avoid possible NULL skb pointer dereference
wifi: ath9k: protect WMI command response buffer replacement with a lock
wifi: ath9k: fix races between ath9k_wmi_cmd and ath9k_wmi_ctrl_rx
wifi: mwifiex: Fix missed return in oob checks failed path
wifi: mwifiex: fix memory leak in mwifiex_histogram_read()
fs: ocfs2: namei: check return value of ocfs2_add_entry()
lwt: Check LWTUNNEL_XMIT_CONTINUE strictly
crypto: caam - fix unchecked return value error
Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe()
wifi: mwifiex: fix error recovery in PCIE buffer descriptor management
mwifiex: switch from 'pci_' to 'dma_' API
mwifiex: drop 'set_consistent_dma_mask' log message
wifi: mwifiex: Fix OOB and integer underflow when rx packets
can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also in case of OOM
spi: tegra20-sflash: fix to check return value of platform_get_irq() in tegra_sflash_probe()
regmap: rbtree: Use alloc_flags for memory allocations
tcp: tcp_enter_quickack_mode() should be static
bpf: Clear the probe_addr for uprobe
cpufreq: powernow-k8: Use related_cpus instead of cpus in driver.exit()
fs: Fix error checking for d_hash_and_lookup()
netfilter: nf_tables: missing NFT_TRANS_PREPARE_ERROR in flowtable deactivatation
netfilter: nft_flow_offload: fix underflow in flowtable reference counter
new helper: lookup_positive_unlocked()
eventfd: prevent underflow for eventfd semaphores
eventfd: Export eventfd_ctx_do_read()
reiserfs: Check the return value from __getblk()
Revert "net: macsec: preserve ingress frame ordering"
udf: Handle error when adding extent to a file
udf: Check consistency of Space Bitmap Descriptor
powerpc/32s: Fix assembler warning about r0
powerpc/32: Include .branch_lt in data section
net: Avoid address overwrite in kernel_connect
ALSA: seq: oss: Fix racy open/close of MIDI devices
cifs: add a warning when the in-flight count goes negative
sctp: handle invalid error codes without calling BUG()
bnx2x: fix page fault following EEH recovery
netlabel: fix shift wrapping bug in netlbl_catmap_setlong()
scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock
idmaengine: make FSL_EDMA and INTEL_IDMA64 depends on HAS_IOMEM
net: usb: qmi_wwan: add Quectel EM05GV2
security: keys: perform capable check only on privileged operations
platform/x86: intel: hid: Always call BTNL ACPI method
ASoC: atmel: Fix the 8K sample parameter in I2SC master
ASoc: codecs: ES8316: Fix DMIC config
fs/nls: make load_nls() take a const parameter
s390/dasd: fix hanging device after request requeue
s390/dasd: use correct number of retries for ERP requests
m68k: Fix invalid .section syntax
vxlan: generalize vxlan_parse_gpe_hdr and remove unused args
ethernet: atheros: fix return value check in atl1c_tso_csum()
ASoC: da7219: Check for failure reading AAD IRQ events
ASoC: da7219: Flush pending AAD IRQ when suspending
9p: virtio: make sure 'offs' is initialized in zc_request
pinctrl: amd: Don't show `Invalid config param` errors
nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
fsi: master-ast-cf: Add MODULE_FIRMWARE macro
serial: sc16is7xx: fix bug when first setting GPIO direction
Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition
HID: wacom: remove the battery when the EKR is off
USB: serial: option: add FOXCONN T99W368/T99W373 product
USB: serial: option: add Quectel EM05G variant (0x030e)
modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
mmc: au1xmmc: force non-modular build and remove symbol_get usage
ARM: pxa: remove use of symbol_get()
erofs: ensure that the post-EOF tails are all zeroed
dsp: add lock in ion free to avoid use after free
mdm: dataipa: increase the size of prefetch buffer
exec: Force single empty string when argv is empty
BACKPORT: FROMLIST: mm: protect free_pgtables with mmap_lock write lock in exit_mmap
ASoC: Resolve use after free in listen sound client
qseecom: Release ion buffer in case of keymaster TA
msm: camera: cci: Optimize the processing of CCI timeout
Conflicts:
techpack/camera/drivers/cam_sensor_module/cam_cci/cam_cci_core.c
techpack/camera/drivers/cam_sensor_module/cam_cci/cam_cci_dev.h
Change-Id: Idb318c7a018327c9cbd1707ff98634851b514b31
|
||
|
Michael Bestas
|
dd55724109 |
Merge tag 'ASB-2023-10-06_4.19-stable' of https://android.googlesource.com/kernel/common into android13-4.19-kona
https://source.android.com/docs/security/bulletin/2023-10-01 * tag 'ASB-2023-10-06_4.19-stable' of https://android.googlesource.com/kernel/common: UPSTREAM: net/sched: sch_hfsc: Ensure inner classes have fsc curve UPSTREAM: net: sched: sch_qfq: Fix UAF in qfq_dequeue() Linux 4.19.295 net/sched: Retire rsvp classifier net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free mtd: rawnand: brcmnand: Fix ECC level field setting for v7.2 controller nfsd: fix change_info in NFSv4 RENAME replies btrfs: fix lockdep splat and potential deadlock after failure running delayed items attr: block mode changes of symlinks md/raid1: fix error: ISO C90 forbids mixed declarations kobject: Add sanity check for kset->kobj.ktype in kset_register() media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler warning serial: cpm_uart: Avoid suspicious locking scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc media: pci: cx23885: replace BUG with error return media: tuners: qt1010: replace BUG_ON with a regular error iio: core: Use min() instead of min_t() to make code more robust media: az6007: Fix null-ptr-deref in az6007_i2c_xfer() media: anysee: fix null-ptr-deref in anysee_master_xfer media: af9005: Fix null-ptr-deref in af9005_i2c_xfer media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer() media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer powerpc/pseries: fix possible memory leak in ibmebus_bus_init() jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount() ext2: fix datatype of block number in ext2_xattr_set2() md: raid1: fix potential OOB in raid1_remove_disk() drm/exynos: fix a possible null-pointer dereference due to data race in exynos_drm_crtc_atomic_disable() alx: fix OOB-read compiler warning tpm_tis: Resend command to recover from data transfer errors crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui() wifi: mwifiex: fix fortify warning wifi: ath9k: fix printk specifier hw_breakpoint: fix single-stepping when using bpf_overflow_handler ACPI: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470 ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer btrfs: output extra debug info if we failed to find an inline backref autofs: fix memory leak of waitqueues in autofs_catatonic_mode parisc: Drop loops_per_jiffy from per_cpu struct drm/amd/display: Fix a bug when searching for insert_above_mpcc kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg(). ixgbe: fix timestamp configuration code kcm: Fix memory leak in error path of kcm_sendmsg() net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in mtk_hwlro_get_fdir_all() perf hists browser: Fix hierarchy mode header mtd: rawnand: brcmnand: Fix potential false time out warning mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write mtd: rawnand: brcmnand: Fix crash during the panic_write btrfs: don't start transaction when joining with TRANS_JOIN_NOSTART ata: pata_ftide010: Add missing MODULE_DESCRIPTION ata: sata_gemini: Add missing MODULE_DESCRIPTION netfilter: nfnetlink_osf: avoid OOB read idr: fix param name in idr_alloc_cyclic() doc igb: Change IGB_MIN to allow set rx/tx value between 64 and 80 igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80 kcm: Destroy mutex in kcm_exit_net() net: sched: sch_qfq: Fix UAF in qfq_dequeue() af_unix: Fix data race around sk->sk_err. af_unix: Fix data-races around sk->sk_shutdown. af_unix: Fix data-race around unix_tot_inflight. af_unix: Fix data-races around user->unix_inflight. net: ipv6/addrconf: avoid integer underflow in ipv6_create_tempaddr veth: Fixing transmit return status for dropped packets igb: disable virtualization features on 82580 net: read sk->sk_family once in sk_mc_loop() pwm: lpc32xx: Remove handling of PWM channels watchdog: intel-mid_wdt: add MODULE_ALIAS() to allow auto-load x86/virt: Drop unnecessary check on extended CPUID level in cpu_has_svm() kconfig: fix possible buffer overflow NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info soc: qcom: qmi_encdec: Restrict string length in decode clk: qcom: gcc-mdm9615: use proper parent for pll0_vote clock parisc: led: Reduce CPU overhead for disk & lan LED computation parisc: led: Fix LAN receive and transmit LEDs drm/ast: Fix DRAM init on AST2200 fbdev/ep93xx-fb: Do not assign to struct fb_info.dev scsi: qla2xxx: Turn off noisy message log scsi: qla2xxx: fix inconsistent TMF timeout udf: initialize newblock to 0 usb: typec: tcpci: clear the fault status bit serial: sc16is7xx: fix broken port 0 uart init sc16is7xx: Set iobase to device index PCI/ATS: Add inline to pci_prg_resp_pasid_required() pstore/ram: Check start of empty przs during init net: handle ARPHRD_PPP in dev_is_mac_header_xmit() X.509: if signature is unsupported skip validation cpufreq: brcmstb-avs-cpufreq: Fix -Warray-bounds bug crypto: stm32 - fix loop iterating through scatterlist for DMA dccp: Fix out of bounds access in DCCP error handler dlm: fix plock lookup when using multiple lockspaces parisc: Fix /proc/cpuinfo output for lscpu procfs: block chmod on /proc/thread-self/comm Revert "PCI: Mark NVIDIA T4 GPUs to avoid bus reset" ntb: Fix calculation ntb_transport_tx_free_entry() ntb: Clean up tx tail index on link down ntb: Drop packets when qp link is down media: dvb: symbol fixup for dvb_attach() backlight/lv5207lp: Compare against struct fb_info.device backlight/bd6107: Compare against struct fb_info.device backlight/gpio_backlight: Compare against struct fb_info.device ARM: OMAP2+: Fix -Warray-bounds warning in _pwrdm_state_switch() ipmi_si: fix a memleak in try_smi_init() ALSA: pcm: Fix missing fixup call in compat hw_refine ioctl PM / devfreq: Fix leak in devfreq_dev_release() igb: set max size RX buffer when store bad packet is enabled skbuff: skb_segment, Call zero copy functions before using skbuff frags netfilter: xt_sctp: validate the flag_info count netfilter: xt_u32: validate user space input netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU dmaengine: ste_dma40: Add missing IRQ check in d40_probe um: Fix hostaudio build errors arch: um: drivers: Kconfig: pedantic formatting rpmsg: glink: Add check for kstrdup HID: multitouch: Correct devm device reference for hidinput input_dev name Revert "IB/isert: Fix incorrect release of isert connection" amba: bus: fix refcount leak serial: tegra: handle clk prepare error in tegra_uart_hw_init() scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock scsi: core: Use 32-bit hostnum in scsi_host_lookup() cgroup:namespace: Remove unused cgroup_namespaces_init() media: ov2680: Fix regulators being left enabled on ov2680_power_on() errors media: ov2680: Fix vflip / hflip set functions media: ov2680: Fix ov2680_bayer_order() media: ov2680: Remove auto-gain and auto-exposure controls media: i2c: ov2680: Set V4L2_CTRL_FLAG_MODIFY_LAYOUT on flips USB: gadget: f_mass_storage: Fix unused variable warning media: go7007: Remove redundant if statement IB/uverbs: Fix an potential error pointer dereference dma-buf/sync_file: Fix docs syntax scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read() directly scsi: qedf: Do not touch __user pointer in qedf_dbg_stop_io_on_error_cmd_read() directly x86/APM: drop the duplicate APM_MINOR_DEV macro scsi: qla4xxx: Add length check when parsing nlattrs scsi: be2iscsi: Add length check when parsing nlattrs scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param() usb: phy: mxs: fix getting wrong state with mxs_phy_is_otg_host() media: mediatek: vcodec: Return NULL if no vdec_fb is found media: cx24120: Add retval check for cx24120_message_send() media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer() media: dib7000p: Fix potential division by zero drivers: usb: smsusb: fix error handling code in smsusb_init_device media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link() media: v4l2-fwnode: simplify v4l2_fwnode_parse_link media: v4l2-fwnode: fix v4l2_fwnode_parse_link handling media: Use of_node_name_eq for node name comparisons NFSD: da_addr_body field missing in some GETDEVICEINFO replies fs: lockd: avoid possible wrong NULL parameter jfs: validate max amount of blocks before allocation. powerpc/iommu: Fix notifiers being shared by PCI and VIO buses nfs/blocklayout: Use the passed in gfp flags wifi: ath10k: Use RMW accessors for changing LNKCTL drm/radeon: Use RMW accessors for changing LNKCTL drm/radeon: Prefer pcie_capability_read_word() drm/radeon: Replace numbers with PCI_EXP_LNKCTL2 definitions drm/radeon: Correct Transmit Margin masks drm/amdgpu: Use RMW accessors for changing LNKCTL drm/amdgpu: Prefer pcie_capability_read_word() drm/amdgpu: Replace numbers with PCI_EXP_LNKCTL2 definitions drm/amdgpu: Correct Transmit Margin masks PCI: Add #defines for Enter Compliance, Transmit Margin PCI: Decode PCIe 32 GT/s link speed PCI: Cleanup register definition width and whitespace PCI/ATS: Add pci_prg_resp_pasid_required() interface. PCI/ASPM: Use RMW accessors for changing LNKCTL PCI: pciehp: Use RMW accessors for changing LNKCTL PCI: Mark NVIDIA T4 GPUs to avoid bus reset clk: sunxi-ng: Modify mismatched function name drivers: clk: keystone: Fix parameter judgment in _of_pll_clk_init() ALSA: ac97: Fix possible error value of *rac97 of: unittest: Fix overlay type in apply/revert check audit: fix possible soft lockup in __audit_inode_child() smackfs: Prevent underflow in smk_set_cipso() drm/msm/mdp5: Don't leak some plane state drm/msm: Replace drm_framebuffer_{un/reference} with put, get functions of: unittest: fix null pointer dereferencing in of_unittest_find_node_by_name() drm/tegra: dpaux: Fix incorrect return value of platform_get_irq drm/tegra: Remove superfluous error messages around platform_get_irq() ARM: dts: BCM53573: Fix Ethernet info for Luxul devices drm: adv7511: Fix low refresh rate register for ADV7533/5 ARM: dts: samsung: s5pv210-smdkv210: correct ethernet reg addresses (split) ARM: dts: s5pv210: add dummy 5V regulator for backlight on SMDKv210 ARM: dts: s5pv210: correct ethernet unit address in SMDKV210 ARM: dts: s5pv210: use defines for IRQ flags in SMDKV210 ARM: dts: s5pv210: add RTC 32 KHz clock in SMDKV210 ARM: dts: samsung: s3c6410-mini6410: correct ethernet reg addresses (split) ARM: dts: s3c64xx: align pinctrl with dtschema ARM: dts: s3c6410: align node SROM bus node name with dtschema in Mini6410 ARM: dts: s3c6410: move fixed clocks under root node in Mini6410 ARM: dts: BCM53573: Use updated "spi-gpio" binding properties ARM: dts: BCM53573: Add cells sizes to PCIe node ARM: dts: BCM53573: Drop nonexistent #usb-cells ARM: dts: BCM53573: Describe on-SoC BCM53125 rev 4 switch ARM: dts: BCM5301X: Harmonize EHCI/OHCI DT nodes name drm/amdgpu: avoid integer overflow warning in amdgpu_device_resize_fb_bar() arm64: dts: qcom: msm8996: Add missing interrupt to the USB2 controller arm64: dts: msm8996: thermal: Add interrupt support quota: fix dqput() to follow the guarantees dquot_srcu should provide quota: add new helper dquot_active() quota: rename dquot_active() to inode_quota_active() quota: factor out dquot_write_dquot() quota: avoid increasing DQST_LOOKUPS when iterating over dirty/inuse list quota: add dqi_dirty_list description to comment of Dquot List Management netrom: Deny concurrent connect(). net/sched: sch_hfsc: Ensure inner classes have fsc curve net: arcnet: Do not call kfree_skb() under local_irq_disable() wifi: ath9k: use IS_ERR() with debugfs_create_dir() wifi: mwifiex: avoid possible NULL skb pointer dereference wifi: ath9k: protect WMI command response buffer replacement with a lock wifi: ath9k: fix races between ath9k_wmi_cmd and ath9k_wmi_ctrl_rx wifi: mwifiex: Fix missed return in oob checks failed path wifi: mwifiex: fix memory leak in mwifiex_histogram_read() fs: ocfs2: namei: check return value of ocfs2_add_entry() lwt: Check LWTUNNEL_XMIT_CONTINUE strictly crypto: caam - fix unchecked return value error Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe() wifi: mwifiex: fix error recovery in PCIE buffer descriptor management mwifiex: switch from 'pci_' to 'dma_' API mwifiex: drop 'set_consistent_dma_mask' log message wifi: mwifiex: Fix OOB and integer underflow when rx packets can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also in case of OOM spi: tegra20-sflash: fix to check return value of platform_get_irq() in tegra_sflash_probe() regmap: rbtree: Use alloc_flags for memory allocations tcp: tcp_enter_quickack_mode() should be static bpf: Clear the probe_addr for uprobe cpufreq: powernow-k8: Use related_cpus instead of cpus in driver.exit() fs: Fix error checking for d_hash_and_lookup() netfilter: nf_tables: missing NFT_TRANS_PREPARE_ERROR in flowtable deactivatation netfilter: nft_flow_offload: fix underflow in flowtable reference counter new helper: lookup_positive_unlocked() eventfd: prevent underflow for eventfd semaphores eventfd: Export eventfd_ctx_do_read() reiserfs: Check the return value from __getblk() Revert "net: macsec: preserve ingress frame ordering" udf: Handle error when adding extent to a file udf: Check consistency of Space Bitmap Descriptor powerpc/32s: Fix assembler warning about r0 powerpc/32: Include .branch_lt in data section net: Avoid address overwrite in kernel_connect ALSA: seq: oss: Fix racy open/close of MIDI devices cifs: add a warning when the in-flight count goes negative sctp: handle invalid error codes without calling BUG() bnx2x: fix page fault following EEH recovery netlabel: fix shift wrapping bug in netlbl_catmap_setlong() scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock idmaengine: make FSL_EDMA and INTEL_IDMA64 depends on HAS_IOMEM net: usb: qmi_wwan: add Quectel EM05GV2 security: keys: perform capable check only on privileged operations platform/x86: intel: hid: Always call BTNL ACPI method ASoC: atmel: Fix the 8K sample parameter in I2SC master ASoc: codecs: ES8316: Fix DMIC config fs/nls: make load_nls() take a const parameter s390/dasd: fix hanging device after request requeue s390/dasd: use correct number of retries for ERP requests m68k: Fix invalid .section syntax vxlan: generalize vxlan_parse_gpe_hdr and remove unused args ethernet: atheros: fix return value check in atl1c_tso_csum() ASoC: da7219: Check for failure reading AAD IRQ events ASoC: da7219: Flush pending AAD IRQ when suspending 9p: virtio: make sure 'offs' is initialized in zc_request pinctrl: amd: Don't show `Invalid config param` errors nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers() fsi: master-ast-cf: Add MODULE_FIRMWARE macro serial: sc16is7xx: fix bug when first setting GPIO direction Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition HID: wacom: remove the battery when the EKR is off USB: serial: option: add FOXCONN T99W368/T99W373 product USB: serial: option: add Quectel EM05G variant (0x030e) modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff mmc: au1xmmc: force non-modular build and remove symbol_get usage ARM: pxa: remove use of symbol_get() erofs: ensure that the post-EOF tails are all zeroed Conflicts: include/net/tcp.h Change-Id: Ia73d7be3d6cae8d4fd38da7c6d85a977840872d3 |
||
|
Greg Kroah-Hartman
|
501b721387 |
Merge 4.19.295 into android-4.19-stable
Changes in 4.19.295
erofs: ensure that the post-EOF tails are all zeroed
ARM: pxa: remove use of symbol_get()
mmc: au1xmmc: force non-modular build and remove symbol_get usage
rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
USB: serial: option: add Quectel EM05G variant (0x030e)
USB: serial: option: add FOXCONN T99W368/T99W373 product
HID: wacom: remove the battery when the EKR is off
Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition
serial: sc16is7xx: fix bug when first setting GPIO direction
fsi: master-ast-cf: Add MODULE_FIRMWARE macro
nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
pinctrl: amd: Don't show `Invalid config param` errors
9p: virtio: make sure 'offs' is initialized in zc_request
ASoC: da7219: Flush pending AAD IRQ when suspending
ASoC: da7219: Check for failure reading AAD IRQ events
ethernet: atheros: fix return value check in atl1c_tso_csum()
vxlan: generalize vxlan_parse_gpe_hdr and remove unused args
m68k: Fix invalid .section syntax
s390/dasd: use correct number of retries for ERP requests
s390/dasd: fix hanging device after request requeue
fs/nls: make load_nls() take a const parameter
ASoc: codecs: ES8316: Fix DMIC config
ASoC: atmel: Fix the 8K sample parameter in I2SC master
platform/x86: intel: hid: Always call BTNL ACPI method
security: keys: perform capable check only on privileged operations
net: usb: qmi_wwan: add Quectel EM05GV2
idmaengine: make FSL_EDMA and INTEL_IDMA64 depends on HAS_IOMEM
scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock
netlabel: fix shift wrapping bug in netlbl_catmap_setlong()
bnx2x: fix page fault following EEH recovery
sctp: handle invalid error codes without calling BUG()
cifs: add a warning when the in-flight count goes negative
ALSA: seq: oss: Fix racy open/close of MIDI devices
net: Avoid address overwrite in kernel_connect
powerpc/32: Include .branch_lt in data section
powerpc/32s: Fix assembler warning about r0
udf: Check consistency of Space Bitmap Descriptor
udf: Handle error when adding extent to a file
Revert "net: macsec: preserve ingress frame ordering"
reiserfs: Check the return value from __getblk()
eventfd: Export eventfd_ctx_do_read()
eventfd: prevent underflow for eventfd semaphores
new helper: lookup_positive_unlocked()
netfilter: nft_flow_offload: fix underflow in flowtable reference counter
netfilter: nf_tables: missing NFT_TRANS_PREPARE_ERROR in flowtable deactivatation
fs: Fix error checking for d_hash_and_lookup()
cpufreq: powernow-k8: Use related_cpus instead of cpus in driver.exit()
bpf: Clear the probe_addr for uprobe
tcp: tcp_enter_quickack_mode() should be static
regmap: rbtree: Use alloc_flags for memory allocations
spi: tegra20-sflash: fix to check return value of platform_get_irq() in tegra_sflash_probe()
can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also in case of OOM
wifi: mwifiex: Fix OOB and integer underflow when rx packets
mwifiex: drop 'set_consistent_dma_mask' log message
mwifiex: switch from 'pci_' to 'dma_' API
wifi: mwifiex: fix error recovery in PCIE buffer descriptor management
Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe()
crypto: caam - fix unchecked return value error
lwt: Check LWTUNNEL_XMIT_CONTINUE strictly
fs: ocfs2: namei: check return value of ocfs2_add_entry()
wifi: mwifiex: fix memory leak in mwifiex_histogram_read()
wifi: mwifiex: Fix missed return in oob checks failed path
wifi: ath9k: fix races between ath9k_wmi_cmd and ath9k_wmi_ctrl_rx
wifi: ath9k: protect WMI command response buffer replacement with a lock
wifi: mwifiex: avoid possible NULL skb pointer dereference
wifi: ath9k: use IS_ERR() with debugfs_create_dir()
net: arcnet: Do not call kfree_skb() under local_irq_disable()
net/sched: sch_hfsc: Ensure inner classes have fsc curve
netrom: Deny concurrent connect().
quota: add dqi_dirty_list description to comment of Dquot List Management
quota: avoid increasing DQST_LOOKUPS when iterating over dirty/inuse list
quota: factor out dquot_write_dquot()
quota: rename dquot_active() to inode_quota_active()
quota: add new helper dquot_active()
quota: fix dqput() to follow the guarantees dquot_srcu should provide
arm64: dts: msm8996: thermal: Add interrupt support
arm64: dts: qcom: msm8996: Add missing interrupt to the USB2 controller
drm/amdgpu: avoid integer overflow warning in amdgpu_device_resize_fb_bar()
ARM: dts: BCM5301X: Harmonize EHCI/OHCI DT nodes name
ARM: dts: BCM53573: Describe on-SoC BCM53125 rev 4 switch
ARM: dts: BCM53573: Drop nonexistent #usb-cells
ARM: dts: BCM53573: Add cells sizes to PCIe node
ARM: dts: BCM53573: Use updated "spi-gpio" binding properties
ARM: dts: s3c6410: move fixed clocks under root node in Mini6410
ARM: dts: s3c6410: align node SROM bus node name with dtschema in Mini6410
ARM: dts: s3c64xx: align pinctrl with dtschema
ARM: dts: samsung: s3c6410-mini6410: correct ethernet reg addresses (split)
ARM: dts: s5pv210: add RTC 32 KHz clock in SMDKV210
ARM: dts: s5pv210: use defines for IRQ flags in SMDKV210
ARM: dts: s5pv210: correct ethernet unit address in SMDKV210
ARM: dts: s5pv210: add dummy 5V regulator for backlight on SMDKv210
ARM: dts: samsung: s5pv210-smdkv210: correct ethernet reg addresses (split)
drm: adv7511: Fix low refresh rate register for ADV7533/5
ARM: dts: BCM53573: Fix Ethernet info for Luxul devices
drm/tegra: Remove superfluous error messages around platform_get_irq()
drm/tegra: dpaux: Fix incorrect return value of platform_get_irq
of: unittest: fix null pointer dereferencing in of_unittest_find_node_by_name()
drm/msm: Replace drm_framebuffer_{un/reference} with put, get functions
drm/msm/mdp5: Don't leak some plane state
smackfs: Prevent underflow in smk_set_cipso()
audit: fix possible soft lockup in __audit_inode_child()
of: unittest: Fix overlay type in apply/revert check
ALSA: ac97: Fix possible error value of *rac97
drivers: clk: keystone: Fix parameter judgment in _of_pll_clk_init()
clk: sunxi-ng: Modify mismatched function name
PCI: Mark NVIDIA T4 GPUs to avoid bus reset
PCI: pciehp: Use RMW accessors for changing LNKCTL
PCI/ASPM: Use RMW accessors for changing LNKCTL
PCI/ATS: Add pci_prg_resp_pasid_required() interface.
PCI: Cleanup register definition width and whitespace
PCI: Decode PCIe 32 GT/s link speed
PCI: Add #defines for Enter Compliance, Transmit Margin
drm/amdgpu: Correct Transmit Margin masks
drm/amdgpu: Replace numbers with PCI_EXP_LNKCTL2 definitions
drm/amdgpu: Prefer pcie_capability_read_word()
drm/amdgpu: Use RMW accessors for changing LNKCTL
drm/radeon: Correct Transmit Margin masks
drm/radeon: Replace numbers with PCI_EXP_LNKCTL2 definitions
drm/radeon: Prefer pcie_capability_read_word()
drm/radeon: Use RMW accessors for changing LNKCTL
wifi: ath10k: Use RMW accessors for changing LNKCTL
nfs/blocklayout: Use the passed in gfp flags
powerpc/iommu: Fix notifiers being shared by PCI and VIO buses
jfs: validate max amount of blocks before allocation.
fs: lockd: avoid possible wrong NULL parameter
NFSD: da_addr_body field missing in some GETDEVICEINFO replies
media: Use of_node_name_eq for node name comparisons
media: v4l2-fwnode: fix v4l2_fwnode_parse_link handling
media: v4l2-fwnode: simplify v4l2_fwnode_parse_link
media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link()
drivers: usb: smsusb: fix error handling code in smsusb_init_device
media: dib7000p: Fix potential division by zero
media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()
media: cx24120: Add retval check for cx24120_message_send()
media: mediatek: vcodec: Return NULL if no vdec_fb is found
usb: phy: mxs: fix getting wrong state with mxs_phy_is_otg_host()
scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param()
scsi: be2iscsi: Add length check when parsing nlattrs
scsi: qla4xxx: Add length check when parsing nlattrs
x86/APM: drop the duplicate APM_MINOR_DEV macro
scsi: qedf: Do not touch __user pointer in qedf_dbg_stop_io_on_error_cmd_read() directly
scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read() directly
dma-buf/sync_file: Fix docs syntax
IB/uverbs: Fix an potential error pointer dereference
media: go7007: Remove redundant if statement
USB: gadget: f_mass_storage: Fix unused variable warning
media: i2c: ov2680: Set V4L2_CTRL_FLAG_MODIFY_LAYOUT on flips
media: ov2680: Remove auto-gain and auto-exposure controls
media: ov2680: Fix ov2680_bayer_order()
media: ov2680: Fix vflip / hflip set functions
media: ov2680: Fix regulators being left enabled on ov2680_power_on() errors
cgroup:namespace: Remove unused cgroup_namespaces_init()
scsi: core: Use 32-bit hostnum in scsi_host_lookup()
scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock
serial: tegra: handle clk prepare error in tegra_uart_hw_init()
amba: bus: fix refcount leak
Revert "IB/isert: Fix incorrect release of isert connection"
HID: multitouch: Correct devm device reference for hidinput input_dev name
rpmsg: glink: Add check for kstrdup
arch: um: drivers: Kconfig: pedantic formatting
um: Fix hostaudio build errors
dmaengine: ste_dma40: Add missing IRQ check in d40_probe
igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
netfilter: xt_u32: validate user space input
netfilter: xt_sctp: validate the flag_info count
skbuff: skb_segment, Call zero copy functions before using skbuff frags
igb: set max size RX buffer when store bad packet is enabled
PM / devfreq: Fix leak in devfreq_dev_release()
ALSA: pcm: Fix missing fixup call in compat hw_refine ioctl
ipmi_si: fix a memleak in try_smi_init()
ARM: OMAP2+: Fix -Warray-bounds warning in _pwrdm_state_switch()
backlight/gpio_backlight: Compare against struct fb_info.device
backlight/bd6107: Compare against struct fb_info.device
backlight/lv5207lp: Compare against struct fb_info.device
media: dvb: symbol fixup for dvb_attach()
ntb: Drop packets when qp link is down
ntb: Clean up tx tail index on link down
ntb: Fix calculation ntb_transport_tx_free_entry()
Revert "PCI: Mark NVIDIA T4 GPUs to avoid bus reset"
procfs: block chmod on /proc/thread-self/comm
parisc: Fix /proc/cpuinfo output for lscpu
dlm: fix plock lookup when using multiple lockspaces
dccp: Fix out of bounds access in DCCP error handler
crypto: stm32 - fix loop iterating through scatterlist for DMA
cpufreq: brcmstb-avs-cpufreq: Fix -Warray-bounds bug
X.509: if signature is unsupported skip validation
net: handle ARPHRD_PPP in dev_is_mac_header_xmit()
pstore/ram: Check start of empty przs during init
PCI/ATS: Add inline to pci_prg_resp_pasid_required()
sc16is7xx: Set iobase to device index
serial: sc16is7xx: fix broken port 0 uart init
usb: typec: tcpci: clear the fault status bit
udf: initialize newblock to 0
scsi: qla2xxx: fix inconsistent TMF timeout
scsi: qla2xxx: Turn off noisy message log
fbdev/ep93xx-fb: Do not assign to struct fb_info.dev
drm/ast: Fix DRAM init on AST2200
parisc: led: Fix LAN receive and transmit LEDs
parisc: led: Reduce CPU overhead for disk & lan LED computation
clk: qcom: gcc-mdm9615: use proper parent for pll0_vote clock
soc: qcom: qmi_encdec: Restrict string length in decode
NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info
kconfig: fix possible buffer overflow
x86/virt: Drop unnecessary check on extended CPUID level in cpu_has_svm()
watchdog: intel-mid_wdt: add MODULE_ALIAS() to allow auto-load
pwm: lpc32xx: Remove handling of PWM channels
net: read sk->sk_family once in sk_mc_loop()
igb: disable virtualization features on 82580
veth: Fixing transmit return status for dropped packets
net: ipv6/addrconf: avoid integer underflow in ipv6_create_tempaddr
af_unix: Fix data-races around user->unix_inflight.
af_unix: Fix data-race around unix_tot_inflight.
af_unix: Fix data-races around sk->sk_shutdown.
af_unix: Fix data race around sk->sk_err.
net: sched: sch_qfq: Fix UAF in qfq_dequeue()
kcm: Destroy mutex in kcm_exit_net()
igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80
igb: Change IGB_MIN to allow set rx/tx value between 64 and 80
idr: fix param name in idr_alloc_cyclic() doc
netfilter: nfnetlink_osf: avoid OOB read
ata: sata_gemini: Add missing MODULE_DESCRIPTION
ata: pata_ftide010: Add missing MODULE_DESCRIPTION
btrfs: don't start transaction when joining with TRANS_JOIN_NOSTART
mtd: rawnand: brcmnand: Fix crash during the panic_write
mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write
mtd: rawnand: brcmnand: Fix potential false time out warning
perf hists browser: Fix hierarchy mode header
net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in mtk_hwlro_get_fdir_all()
kcm: Fix memory leak in error path of kcm_sendmsg()
ixgbe: fix timestamp configuration code
kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg().
drm/amd/display: Fix a bug when searching for insert_above_mpcc
parisc: Drop loops_per_jiffy from per_cpu struct
autofs: fix memory leak of waitqueues in autofs_catatonic_mode
btrfs: output extra debug info if we failed to find an inline backref
ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer
ACPI: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470
hw_breakpoint: fix single-stepping when using bpf_overflow_handler
wifi: ath9k: fix printk specifier
wifi: mwifiex: fix fortify warning
crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui()
tpm_tis: Resend command to recover from data transfer errors
alx: fix OOB-read compiler warning
drm/exynos: fix a possible null-pointer dereference due to data race in exynos_drm_crtc_atomic_disable()
md: raid1: fix potential OOB in raid1_remove_disk()
ext2: fix datatype of block number in ext2_xattr_set2()
fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount()
jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount
powerpc/pseries: fix possible memory leak in ibmebus_bus_init()
media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer
media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()
media: af9005: Fix null-ptr-deref in af9005_i2c_xfer
media: anysee: fix null-ptr-deref in anysee_master_xfer
media: az6007: Fix null-ptr-deref in az6007_i2c_xfer()
iio: core: Use min() instead of min_t() to make code more robust
media: tuners: qt1010: replace BUG_ON with a regular error
media: pci: cx23885: replace BUG with error return
usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc
scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()
serial: cpm_uart: Avoid suspicious locking
media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler warning
kobject: Add sanity check for kset->kobj.ktype in kset_register()
md/raid1: fix error: ISO C90 forbids mixed declarations
attr: block mode changes of symlinks
btrfs: fix lockdep splat and potential deadlock after failure running delayed items
nfsd: fix change_info in NFSv4 RENAME replies
mtd: rawnand: brcmnand: Fix ECC level field setting for v7.2 controller
net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
net/sched: Retire rsvp classifier
Linux 4.19.295
Change-Id: I5de88dc1e8cebe5736df3023205233cb40c4aa35
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Thore Sommer
|
fbb3ad9fb4 |
X.509: if signature is unsupported skip validation
commit ef5b52a631f8c18353e80ccab8408b963305510c upstream.
When the hash algorithm for the signature is not available the digest size
is 0 and the signature in the certificate is marked as unsupported.
When validating a self-signed certificate, this needs to be checked,
because otherwise trying to validate the signature will fail with an
warning:
Loading compiled-in X.509 certificates
WARNING: CPU: 0 PID: 1 at crypto/rsa-pkcs1pad.c:537 \
pkcs1pad_verify+0x46/0x12c
...
Problem loading in-kernel X.509 certificate (-22)
Signed-off-by: Thore Sommer <public@thson.de>
Cc: stable@vger.kernel.org # v4.7+
Fixes:
|
||
|
Michael Bestas
|
44903ec5e9 |
Merge remote-tracking branch 'sm8250/lineage-20' into lineage-20
* sm8250/lineage-20:
arm64: configs: enable CONFIG_CPU_FREQ_STAT
Linux 4.19.288
i2c: imx-lpi2c: fix type char overflow issue when calculating the clock cycle
x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys
drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl
drm/exynos: fix race condition UAF in exynos_g2d_exec_ioctl
drm/exynos: vidi: fix a wrong error return
ASoC: nau8824: Add quirk to active-high jack-detect
s390/cio: unregister device when the only path is gone
usb: gadget: udc: fix NULL dereference in remove()
nfcsim.c: Fix error checking for debugfs_create_dir
media: cec: core: don't set last_initiator if tx in progress
arm64: Add missing Set/Way CMO encodings
HID: wacom: Add error check to wacom_parse_and_register()
scsi: target: iscsi: Prevent login threads from racing between each other
sch_netem: acquire qdisc lock in netem_change()
netfilter: nfnetlink_osf: fix module autoload
netfilter: nf_tables: disallow element updates of bound anonymous sets
be2net: Extend xmit workaround to BE3 chip
mmc: usdhi60rol0: fix deferred probing
mmc: sdhci-acpi: fix deferred probing
mmc: omap_hsmmc: fix deferred probing
mmc: omap: fix deferred probing
mmc: mvsdio: fix deferred probing
mmc: mvsdio: convert to devm_platform_ioremap_resource
mmc: mtk-sd: fix deferred probing
net: qca_spi: Avoid high load if QCA7000 is not available
xfrm: Linearize the skb after offloading if needed.
ieee802154: hwsim: Fix possible memory leaks
rcu: Upgrade rcu_swap_protected() to rcu_replace_pointer()
nilfs2: prevent general protection fault in nilfs_clear_dirty_page()
cgroup: Do not corrupt task iteration when rebinding subsystem
PCI: hv: Fix a race condition bug in hv_pci_query_relations()
Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs
nilfs2: fix buffer corruption due to concurrent device reads
ipmi: move message error checking to avoid deadlock
ipmi: Make the smi watcher be disabled immediately when not needed
x86/purgatory: remove PGO flags
nilfs2: reject devices with insufficient block count
serial: lantiq: add missing interrupt ack
serial: lantiq: Do not swap register read/writes
serial: lantiq: Use readl/writel instead of ltq_r32/ltq_w32
serial: lantiq: Change ltq_w32_mask to asc_update_bits
Linux 4.19.287
mmc: block: ensure error propagation for non-blk
powerpc: Fix defconfig choice logic when cross compiling
drm/nouveau/kms: Fix NULL pointer dereference in nouveau_connector_detect_depth
neighbour: delete neigh_lookup_nodev as not used
net: Remove unused inline function dst_hold_and_use()
neighbour: Remove unused inline function neigh_key_eq16()
selftests/ptp: Fix timestamp printf format for PTP_SYS_OFFSET
net: tipc: resize nlattr array to correct size
net: lapbether: only support ethernet devices
drm/nouveau: add nv_encoder pointer check for NULL
drm/nouveau/kms: Don't change EDID when it hasn't actually changed
drm/nouveau/dp: check for NULL nv_connector->native_mode
igb: fix nvm.ops.read() error handling
sctp: fix an error code in sctp_sf_eat_auth()
IB/isert: Fix incorrect release of isert connection
IB/isert: Fix possible list corruption in CMA handler
IB/isert: Fix dead lock in ib_isert
IB/uverbs: Fix to consider event queue closing also upon non-blocking mode
RDMA/rxe: Fix the use-before-initialization error of resp_pkts
RDMA/rxe: Removed unused name from rxe_task struct
RDMA/rxe: Remove the unused variable obj
ping6: Fix send to link-local addresses with VRF.
netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
usb: gadget: f_ncm: Fix NTP-32 support
usb: gadget: f_ncm: Add OS descriptor support
usb: dwc3: gadget: Reset num TRBs before giving back the request
USB: serial: option: add Quectel EM061KGL series
Remove DECnet support from kernel
net: usb: qmi_wwan: add support for Compal RXM-G1
RDMA/uverbs: Restrict usage of privileged QKEYs
nouveau: fix client work fence deletion race
powerpc/purgatory: remove PGO flags
kexec: support purgatories with .text.hot sections
nilfs2: fix possible out-of-bounds segment allocation in resize ioctl
nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key()
nios2: dts: Fix tse_mac "max-frame-size" property
ocfs2: check new file size on fallocate call
ocfs2: fix use-after-free when unmounting read-only filesystem
xen/blkfront: Only check REQ_FUA for writes
mips: Move initrd_start check after initrd address sanitisation.
MIPS: Alchemy: fix dbdma2
parisc: Improve cache flushing for PCXL in arch_sync_dma_for_cpu()
power: supply: Fix logic checking if system is running from battery
irqchip/meson-gpio: Mark OF related data as maybe unused
regulator: Fix error checking for debugfs_create_dir
power: supply: Ratelimit no data debug output
ARM: dts: vexpress: add missing cache properties
power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() + schedule()
power: supply: ab8500: Fix external_power_changed race
Revert "tcp: deny tcp_disconnect() when threads are waiting"
Revert "tcp: deny tcp_disconnect() when threads are waiting"
ANDROID: GKI: update ABI xml for incrementalfs.ko
Linux 4.19.286
Revert "staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE"
btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
btrfs: check return value of btrfs_commit_transaction in relocation
ext4: only check dquot_initialize_needed() when debugging
i2c: sprd: Delete i2c adapter in .remove's error path
pinctrl: meson-axg: add missing GPIOA_18 gpio group
Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk
ceph: fix use-after-free bug for inodes when flushing capsnaps
drm/amdgpu: fix xclk freq on CHIP_STONEY
Input: psmouse - fix OOB access in Elantech protocol
Input: xpad - delete a Razer DeathAdder mouse VID/PID entry
batman-adv: Broken sync while rescheduling delayed work
lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release()
net: sched: fix possible refcount leak in tc_chain_tmplt_add()
net: sched: move rtm_tca_policy declaration to include file
rfs: annotate lockless accesses to RFS sock flow table
rfs: annotate lockless accesses to sk->sk_rxhash
Bluetooth: L2CAP: Add missing checks for invalid DCID
Bluetooth: Fix l2cap_disconnect_req deadlock
net: dsa: lan9303: allow vid != 0 in port_fdb_{add|del} methods
spi: qup: Request DMA before enabling clocks
i40e: fix build warnings in i40e_alloc.h
i40iw: fix build warning in i40iw_manage_apbvt()
UPSTREAM: net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize
UPSTREAM: cdc_ncm: Fix the build warning
UPSTREAM: cdc_ncm: Implement the 32-bit version of NCM Transfer Block
Revert "tcp: reduce POLLOUT events caused by TCP_NOTSENT_LOWAT"
Revert "tcp: return EPOLLOUT from tcp_poll only when notsent_bytes is half the limit"
Revert "tcp: factor out __tcp_close() helper"
Revert "tcp: add annotations around sk->sk_shutdown accesses"
ANDROID: fix abi break in 4.19.284 for cpuhotplug.h
UPSTREAM: mailbox: mailbox-test: fix a locking issue in mbox_test_message_write()
UPSTREAM: mailbox: mailbox-test: Fix potential double-free in mbox_test_message_write()
ASoC: msm-pcm-voip: Avoid interger underflow
dsp: afe: check for param size before copying
dsp: q6core: validate payload size before access for AVCS
Linux 4.19.285
wifi: rtlwifi: 8192de: correct checking of IQK reload
scsi: dpt_i2o: Do not process completions with invalid addresses
scsi: dpt_i2o: Remove broken pass-through ioctl (I2OUSERCMD)
regmap: Account for register length when chunking
fbcon: Fix null-ptr-deref in soft_cursor
ext4: add lockdep annotations for i_data_sem for ea_inode's
selinux: don't use make's grouped targets feature yet
tty: serial: fsl_lpuart: use UARTCTRL_TXINV to send break instead of UARTCTRL_SBK
mmc: vub300: fix invalid response handling
rsi: Remove unnecessary boolean condition
regulator: da905{2,5}: Remove unnecessary array check
hwmon: (scmi) Remove redundant pointer check
wifi: rtlwifi: remove always-true condition pointed out by GCC 12
lib/dynamic_debug.c: use address-of operator on section symbols
kernel/extable.c: use address-of operator on section symbols
eth: sun: cassini: remove dead code
gcc-12: disable '-Wdangling-pointer' warning for now
ACPI: thermal: drop an always true check
x86/boot: Wrap literal addresses in absolute_pointer()
ata: libata-scsi: Use correct device no in ata_find_dev()
scsi: stex: Fix gcc 13 warnings
usb: gadget: f_fs: Add unbind event before functionfs_unbind
net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818
iio: dac: build ad5758 driver when AD5758 is selected
iio: dac: mcp4725: Fix i2c_master_send() return value handling
HID: wacom: avoid integer overflow in wacom_intuos_inout()
HID: google: add jewel USB id
iio: adc: mxs-lradc: fix the order of two cleanup operations
mailbox: mailbox-test: fix a locking issue in mbox_test_message_write()
atm: hide unused procfs functions
ALSA: oss: avoid missing-prototype warnings
netfilter: conntrack: define variables exp_nat_nla_policy and any_addr with CONFIG_NF_NAT
wifi: b43: fix incorrect __packed annotation
scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed
arm64/mm: mark private VM_FAULT_X defines as vm_fault_t
ARM: dts: stm32: add pin map for CAN controller on stm32f7
wifi: rtl8xxxu: fix authentication timeout due to incorrect RCR value
media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221
media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
media: dvb-core: Fix use-after-free due on race condition at dvb_net
media: mn88443x: fix !CONFIG_OF error by drop of_match_ptr from ID table
media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb()
media: dvb_ca_en50221: fix a size write bug
media: netup_unidvb: fix irq init by register it at the end of probe
media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address
media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer()
media: dvb-usb-v2: rtl28xxu: fix null-ptr-deref in rtl28xxu_i2c_xfer
media: dvb-usb-v2: ce6230: fix null-ptr-deref in ce6230_i2c_master_xfer()
media: dvb-usb-v2: ec168: fix null-ptr-deref in ec168_i2c_xfer()
media: dvb-usb: az6027: fix three null-ptr-deref in az6027_i2c_xfer()
media: dvb_demux: fix a bug for the continuity counter
ASoC: ssm2602: Add workaround for playback distortions
xfrm: Check if_id in inbound policy/secpath match
ASoC: dwc: limit the number of overrun messages
nbd: Fix debugfs_create_dir error checking
fbdev: stifb: Fix info entry in sti_struct on error path
fbdev: modedb: Add 1920x1080 at 60 Hz video mode
media: rcar-vin: Select correct interrupt mode for V4L2_FIELD_ALTERNATE
ARM: 9295/1: unwind:fix unwind abort for uleb128 case
mailbox: mailbox-test: Fix potential double-free in mbox_test_message_write()
watchdog: menz069_wdt: fix watchdog initialisation
net: dsa: mv88e6xxx: Increase wait after reset deactivation
net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
udp6: Fix race condition in udp6_sendmsg & connect
net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report
ocfs2/dlm: move BITS_TO_BYTES() to bitops.h for wider use
net: sched: fix NULL pointer dereference in mq_attach
net/sched: Prohibit regrafting ingress or clsact Qdiscs
net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs
net/sched: sch_clsact: Only create under TC_H_CLSACT
net/sched: sch_ingress: Only create under TC_H_INGRESS
tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set
tcp: deny tcp_disconnect() when threads are waiting
af_packet: do not use READ_ONCE() in packet_bind()
amd-xgbe: fix the false linkup in xgbe_phy_status
af_packet: Fix data-races of pkt_sk(sk)->num.
netrom: fix info-leak in nr_write_internal()
net/mlx5: fw_tracer, Fix event handling
dmaengine: pl330: rename _start to prevent build error
netfilter: ctnetlink: Support offloaded conntrack entry deletion
ipv{4,6}/raw: fix output xfrm lookup wrt protocol
bluetooth: Add cmd validity checks at the start of hci_sock_ioctl()
cdc_ncm: Fix the build warning
power: supply: bq24190: Call power_supply_changed() after updating input current
power: supply: core: Refactor power_supply_set_input_current_limit_from_supplier()
power: supply: bq27xxx: After charger plug in/out wait 0.5s for things to stabilize
net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize
cdc_ncm: Implement the 32-bit version of NCM Transfer Block
UPSTREAM: efi: rt-wrapper: Add missing include
BACKPORT: arm64: efi: Execute runtime services from a dedicated stack
Revert "uapi/linux/const.h: prefer ISO-friendly __typeof__"
Linux 4.19.284
drivers: depend on HAS_IOMEM for devm_platform_ioremap_resource()
3c589_cs: Fix an error handling path in tc589_probe()
forcedeth: Fix an error handling path in nv_probe()
ASoC: Intel: Skylake: Fix declaration of enum skl_ch_cfg
x86/show_trace_log_lvl: Ensure stack pointer is aligned, again
xen/pvcalls-back: fix double frees with pvcalls_new_active_socket()
coresight: Fix signedness bug in tmc_etr_buf_insert_barrier_packet()
power: supply: sbs-charger: Fix INHIBITED bit for Status reg
power: supply: bq27xxx: Fix poll_interval handling and races on remove
power: supply: bq27xxx: Fix I2C IRQ race on remove
power: supply: bq27xxx: Fix bq27xxx_battery_update() race condition
power: supply: leds: Fix blink to LED on transition
ipv6: Fix out-of-bounds access in ipv6_find_tlv()
bpf: Fix mask generation for 32-bit narrow loads of 64-bit fields
net: fix skb leak in __skb_tstamp_tx()
media: radio-shark: Add endpoint checks
USB: sisusbvga: Add endpoint checks
USB: core: Add routines for endpoint checks in old drivers
udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated().
ALSA: hda/realtek - Fix inverted bass GPIO pin on Acer 8951G
ALSA: hda/realtek - Fixed one of HP ALC671 platform Headset Mic supported
parisc: Fix flush_dcache_page() for usage from irq context
selftests/memfd: Fix unknown type name build failure
x86/mm: Avoid incomplete Global INVLPG flushes
btrfs: use nofs when cleaning up aborted transactions
parisc: Allow to reboot machine after system halt
m68k: Move signal frame following exception on 68020/030
ALSA: hda/ca0132: add quirk for EVGA X299 DARK
spi: fsl-cpm: Use 16 bit mode for large transfers with even size
spi: fsl-spi: Re-organise transfer bits_per_word adaptation
spi: spi-fsl-spi: automatically adapt bits-per-word in cpu mode
s390/qdio: fix do_sqbs() inline assembly constraint
s390/qdio: get rid of register asm
vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF
vc_screen: rewrite vcs_size to accept vc, not inode
usb: gadget: u_ether: Fix host MAC address case
usb: gadget: u_ether: Convert prints to device prints
lib/string_helpers: Introduce string_upper() and string_lower() helpers
ALSA: hda/realtek: Add a quirk for HP EliteDesk 805
ALSA: hda/realtek - ALC897 headset MIC no sound
ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform
ALSA: hda/realtek: Fix the mic type detection issue for ASUS G551JW
ALSA: hda/realtek - The front Mic on a HP machine doesn't work
ALSA: hda/realtek - Enable the headset of Acer N50-600 with ALC662
ALSA: hda/realtek - Enable headset mic of Acer X2660G with ALC662
ALSA: hda/realtek - Add Headset Mic supported for HP cPC
ALSA: hda/realtek - More constifications
Add Acer Aspire Ethos 8951G model quirk
HID: wacom: Force pen out of prox if no events have been received in a while
netfilter: nf_tables: do not allow RULE_ID to refer to another chain
netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on NFT_SET_OBJECT flag
netfilter: nf_tables: stricter validation of element data
netfilter: nf_tables: allow up to 64 bytes in the set element data area
netfilter: nf_tables: add nft_setelem_parse_key()
netfilter: nf_tables: validate registers coming from userspace.
netfilter: nftables: statify nft_parse_register()
netfilter: nftables: add nft_parse_register_store() and use it
netfilter: nftables: add nft_parse_register_load() and use it
nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode()
tpm/tpm_tis: Disable interrupts for more Lenovo devices
ceph: force updating the msg pointer in non-split case
serial: Add support for Advantech PCI-1611U card
statfs: enforce statfs[64] structure initialization
ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table
ALSA: hda: Fix Oops by 9.1 surround channel names
usb: typec: altmodes/displayport: fix pin_assignment_show
usb-storage: fix deadlock when a scsi command timeouts more than once
vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit()
igb: fix bit_shift to be in [1..8] range
cassini: Fix a memory leak in the error handling path of cas_init_one()
net: bcmgenet: Restore phy_stop() depending upon suspend/close
net: bcmgenet: Remove phy_stop() from bcmgenet_netif_stop()
net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
drm/exynos: fix g2d_open/close helper function definitions
media: netup_unidvb: fix use-after-free at del_timer()
erspan: get the proto with the md version for collect_md
ip_gre, ip6_gre: Fix race condition on o_seqno in collect_md mode
ip6_gre: Make o_seqno start from 0 in native mode
ip6_gre: Fix skb_under_panic in __gre6_xmit()
serial: arc_uart: fix of_iomap leak in `arc_serial_probe`
drivers: provide devm_platform_ioremap_resource()
vsock: avoid to close connected socket after the timeout
net: fec: Better handle pm_runtime_get() failing in .remove()
af_key: Reject optional tunnel/BEET mode templates in outbound policies
cpupower: Make TSC read per CPU for Mperf monitor
btrfs: fix space cache inconsistency after error loading it from disk
btrfs: replace calls to btrfs_find_free_ino with btrfs_find_free_objectid
mfd: dln2: Fix memory leak in dln2_probe()
phy: st: miphy28lp: use _poll_timeout functions for waits
Input: xpad - add constants for GIP interface numbers
clk: tegra20: fix gcc-7 constant overflow warning
recordmcount: Fix memory leaks in the uwrite function
sched: Fix KCSAN noinstr violation
mcb-pci: Reallocate memory region to avoid memory overlapping
serial: 8250: Reinit port->pm on port specific driver unbind
usb: typec: tcpm: fix multiple times discover svids error
HID: wacom: generic: Set battery quirk only when we see battery data
spi: spi-imx: fix MX51_ECSPI_* macros when cs > 3
HID: logitech-hidpp: Reconcile USB and Unifying serials
HID: logitech-hidpp: Don't use the USB serial for USB devices
staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE
Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace
f2fs: fix to drop all dirty pages during umount() if cp_error is set
ext4: Fix best extent lstart adjustment logic in ext4_mb_new_inode_pa()
ext4: set goal start correctly in ext4_mb_normalize_request
gfs2: Fix inode height consistency check
scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition
lib: cpu_rmap: Avoid use after free on rmap->obj array entries
net: Catch invalid index in XPS mapping
net: pasemi: Fix return type of pasemi_mac_start_tx()
ext2: Check block size validity during mount
wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in acpi_db_display_objects
ACPICA: Avoid undefined behavior: applying zero offset to null pointer
drm/tegra: Avoid potential 32-bit integer overflow
ACPI: EC: Fix oops when removing custom query handlers
firmware: arm_sdei: Fix sleep from invalid context BUG
memstick: r592: Fix UAF bug in r592_remove due to race condition
regmap: cache: Return error in cache sync operations for REGCACHE_NONE
drm/amd/display: Use DC_LOG_DC in the trasform pixel function
fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()
af_unix: Fix data races around sk->sk_shutdown.
af_unix: Fix a data race of sk->sk_receive_queue->qlen.
net: datagram: fix data-races in datagram_poll()
ipvlan:Fix out-of-bounds caused by unclear skb->cb
tcp: add annotations around sk->sk_shutdown accesses
tcp: factor out __tcp_close() helper
tcp: return EPOLLOUT from tcp_poll only when notsent_bytes is half the limit
tcp: reduce POLLOUT events caused by TCP_NOTSENT_LOWAT
net: annotate sk->sk_err write from do_recvmmsg()
netlink: annotate accesses to nlk->cb_running
net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
ANDROID: usb: f_accessory: Avoid bitfields for shared variables
qcedev: vote for crypto clocks during module close
msm-4.19: Compilation fix for SDLLVM toolchain 16.0
Makefile: Use Python2 for compilation
Linux 4.19.283
mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock
printk: declare printk_deferred_{enter,safe}() in include/linux/printk.h
PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
PCI: pciehp: Use down_read/write_nested(reset_lock) to fix lockdep errors
drbd: correctly submit flush bio on barrier
serial: 8250: Fix serial8250_tx_empty() race with DMA Tx
tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
ext4: fix invalid free tracking in ext4_xattr_move_to_block()
ext4: remove a BUG_ON in ext4_mb_release_group_pa()
ext4: bail out of ext4_xattr_ibody_get() fails for any reason
ext4: add bounds checking in get_max_inline_xattr_value_size()
ext4: improve error recovery code paths in __ext4_remount()
ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
ext4: fix WARNING in mb_find_extent
HID: wacom: Set a default resolution for older tablets
drm/panel: otm8009a: Set backlight parent to panel device
ARM: dts: s5pv210: correct MIPI CSIS clock name
ARM: dts: exynos: fix WM8960 clock name in Itop Elite
sh: nmi_debug: fix return value of __setup handler
sh: init: use OF_EARLY_FLATTREE for early init
sh: math-emu: fix macro redefined warning
platform/x86: touchscreen_dmi: Add info for the Dexp Ursus KX210i
cifs: fix pcchunk length type in smb2_copychunk_range
btrfs: print-tree: parent bytenr must be aligned to sector size
btrfs: fix btrfs_prev_leaf() to not return the same key twice
perf symbols: Fix return incorrect build_id size in elf_read_build_id()
perf map: Delete two variable initialisations before null pointer checks in sort__sym_from_cmp()
perf vendor events power9: Remove UTF-8 characters from JSON files
virtio_net: suppress cpu stall when free_unused_bufs
virtio_net: split free_unused_bufs()
ALSA: caiaq: input: Add error handling for unsupported input methods in `snd_usb_caiaq_input_init`
drm/amdgpu: add a missing lock for AMDGPU_SCHED
drm/amdgpu: Add command to override the context priority.
drm/amdgpu: Put enable gfx off feature to a delay thread
drm/amdgpu: Add amdgpu_gfx_off_ctrl function
af_packet: Don't send zero-byte data in packet_sendmsg_spkt().
rxrpc: Fix hard call timeout units
net/sched: act_mirred: Add carrier check
writeback: fix call of incorrect macro
net: dsa: mv88e6xxx: add mv88e6321 rsvd2cpu
net: dsa: mv88e6xxx: Add missing watchdog ops for 6320 family
sit: update dev->needed_headroom in ipip6_tunnel_bind_dev()
relayfs: fix out-of-bounds access in relay_file_read
kernel/relay.c: fix read_pos error when multiple readers
dm verity: fix error handling for check_at_most_once on FEC
dm verity: skip redundant verity_handle_err() on I/O errors
ipmi: fix SSIF not responding under certain cond.
ipmi_ssif: Rename idle state and check
ipmi: Fix how the lower layers are told to watch for messages
ipmi: Fix SSIF flag requests
tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
nohz: Add TICK_DEP_BIT_RCU
netfilter: nf_tables: deactivate anonymous set from preparation phase
debugobject: Ensure pool refill (again)
perf auxtrace: Fix address filter entire kernel size
dm ioctl: fix nested locking in table_clear() to remove deadlock concern
dm flakey: fix a crash with invalid table line
dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path
s390/dasd: fix hanging blockdevice after request requeue
btrfs: scrub: reject unsupported scrub flags
clk: rockchip: rk3399: allow clk_cifout to force clk_cifout_src to reparent
wifi: rtl8xxxu: RTL8192EU always needs full init
md/raid10: fix null-ptr-deref in raid10_sync_request
nilfs2: fix infinite loop in nilfs_mdt_get_block()
nilfs2: do not write dirty data after degenerating to read-only
parisc: Fix argument pointer in real64_call_asm()
dmaengine: at_xdmac: do not enable all cyclic channels
phy: tegra: xusb: Add missing tegra_xusb_port_unregister for usb2_port and ulpi_port
pwm: mtk-disp: Disable shadow registers before setting backlight values
pwm: mtk-disp: Adjust the clocks to avoid them mismatch
pwm: mtk-disp: Don't check the return code of pwmchip_remove()
openrisc: Properly store r31 to pt_regs on unhandled exceptions
RDMA/mlx5: Use correct device num_ports when modify DC
SUNRPC: remove the maximum number of retries in call_bind_status
NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease
IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order
clk: add missing of_node_put() in "assigned-clocks" property parsing
power: supply: generic-adc-battery: fix unit scaling
RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()
RDMA/rdmavt: Delete unnecessary NULL check
perf/core: Fix hardlockup failure caused by perf throttle
powerpc/rtas: use memmove for potentially overlapping buffer copy
macintosh: via-pmu-led: requires ATA to be set
powerpc/sysdev/tsi108: fix resource printk format warnings
powerpc/wii: fix resource printk format warnings
powerpc/mpc512x: fix resource printk format warning
macintosh/windfarm_smu_sat: Add missing of_node_put()
spmi: Add a check for remove callback when removing a SPMI driver
staging: rtl8192e: Fix W_DISABLE# does not work after stop/start
serial: 8250: Add missing wakeup event reporting
tty: serial: fsl_lpuart: adjust buffer length to the intended size
usb: chipidea: fix missing goto in `ci_hdrc_probe`
sh: sq: Fix incorrect element size for allocating bitmap buffer
uapi/linux/const.h: prefer ISO-friendly __typeof__
spi: cadence-quadspi: fix suspend-resume implementations
mtd: spi-nor: cadence-quadspi: Handle probe deferral while requesting DMA channel
mtd: spi-nor: cadence-quadspi: Don't initialize rx_dma_complete on failure
mtd: spi-nor: cadence-quadspi: Make driver independent of flash geometry
ia64: salinfo: placate defined-but-not-used warning
ia64: mm/contig: fix section mismatch warning/error
of: Fix modalias string generation
vmci_host: fix a race condition in vmci_host_poll() causing GPF
spi: fsl-spi: Fix CPM/QE mode Litte Endian
spi: qup: Don't skip cleanup in remove's error path
spi: qup: fix PM reference leak in spi_qup_remove()
linux/vt_buffer.h: allow either builtin or modular for macros
usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
fpga: bridge: fix kernel-doc parameter description
usb: host: xhci-rcar: remove leftover quirk handling
pstore: Revert pmsg_lock back to a normal mutex
tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
net: amd: Fix link leak when verifying config failed
netlink: Use copy_to_user() for optval in netlink_getsockopt().
Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work"
ipv4: Fix potential uninit variable access bug in __ip_make_skb()
netfilter: nf_tables: don't write table validation state without mutex
ixgbe: Enable setting RSS table to default values
ixgbe: Allow flow hash to be set via ethtool
wifi: iwlwifi: mvm: check firmware response size
wifi: iwlwifi: make the loop for card preparation effective
md/raid10: fix memleak of md thread
md: update the optimal I/O size on reshape
md/raid10: fix memleak for 'conf->bio_split'
md/raid10: fix leak of 'r10bio->remaining' for recovery
crypto: drbg - Only fail when jent is unavailable in FIPS mode
crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors
bpftool: Fix bug for long instructions in program CFG dumps
wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg()
wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg()
rtlwifi: Replace RT_TRACE with rtl_dbg
rtlwifi: Start changing RT_TRACE into rtl_dbg
rtlwifi: rtl_pci: Fix memory leak when hardware init fails
scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS
scsi: target: iscsit: Fix TAS handling during conn cleanup
net/packet: convert po->auxdata to an atomic flag
net/packet: convert po->origdev to an atomic flag
vlan: partially enable SIOCSHWTSTAMP in container
scm: fix MSG_CTRUNC setting condition for SO_PASSSEC
tools: bpftool: Remove invalid \' json escape
wifi: ath6kl: reduce WARN to dev_dbg() in callback
wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list()
wifi: ath9k: hif_usb: fix memory leak of remain_skbs
wifi: ath6kl: minor fix for allocation size
debugobject: Prevent init race with static objects
debugobjects: Move printk out of db->lock critical sections
debugobjects: Add percpu free pools
arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step
x86/ioapic: Don't return 0 from arch_dynirq_lower_bound()
media: rc: gpio-ir-recv: Fix support for wake-up
media: rcar_fdp1: Fix refcount leak in probe and remove function
media: rcar_fdp1: Fix the correct variable assignments
media: saa7134: fix use after free bug in saa7134_finidev due to race condition
media: dm1105: Fix use after free bug in dm1105_remove due to race condition
x86/apic: Fix atomic update of offset in reserve_eilvt_offset()
drm/msm/adreno: drop bogus pm_runtime_set_active()
drm/msm/adreno: Defer enabling runpm until hw_init()
firmware: qcom_scm: Clear download bit during reboot
media: av7110: prevent underflow in write_ts_to_decoder()
media: uapi: add MEDIA_BUS_FMT_METADATA_FIXED media bus format.
media: bdisp: Add missing check for create_workqueue
ARM: dts: qcom: ipq4019: Fix the PCI I/O port range
EDAC/skx: Fix overflows on the DRAM row address mapping arrays
EDAC, skx: Move debugfs node under EDAC's hierarchy
drm/probe-helper: Cancel previous job before starting new one
drm/vgem: add missing mutex_destroy
drm/rockchip: Drop unbalanced obj unref
selinux: ensure av_permissions.h is built when needed
selinux: fix Makefile dependencies of flask.h
ubifs: Free memory for tmpfile name
ubi: Fix return value overwrite issue in try_write_vid_and_data()
ubifs: Fix memleak when insert_old_idx() failed
Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path"
i2c: omap: Fix standard mode false ACK readings
KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted
reiserfs: Add security prefix to xattr name in reiserfs_security_write()
ring-buffer: Sync IRQ works before buffer destruction
pwm: meson: Fix axg ao mux parents
MIPS: fw: Allow firmware to pass a empty env
xhci: fix debugfs register accesses while suspended
debugfs: regset32: Add Runtime PM support
staging: iio: resolver: ads1210: fix config mode
perf sched: Cast PTHREAD_STACK_MIN to int as it may turn into sysconf(__SC_THREAD_STACK_MIN_VALUE)
USB: dwc3: fix runtime pm imbalance on unbind
stmmac: debugfs entry name is not be changed when udev rename device name.
ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7 B1-750
iio: adc: palmas_gpadc: fix NULL dereference on rmmod
USB: serial: option: add UNISOC vendor and TOZED LT70C product
bluetooth: Perform careful capability checks in hci_sock_ioctl()
wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
soc: qcom: provide apis for pcode and feature string
defconfig: Enable pwm support for SCUBA
PWM: Add support for PWM driver
clk: qcom: gcc-scuba: Add gcc_pwm0_xo512_div_clk_src clk support
bindings: clock: qcom: Add gcc_pwm0_xo512_div_clk_src clock id
soc: qcom: socinfo: Add sku sysfs support
soc: qcom: socinfo: Add revision 16 support in socinfo structure
msm: camera: isp: Handle deferred bufdone and bubble cases
msm: adsprpc: Handle UAF in fastrpc internal munmap
msm: kgsl: Do not capture DTCM on gmu boot failure
sched/walt: don't panic for accounting issues
tap: tap_open(): correctly initialize socket uid
tun: tun_chr_open(): correctly initialize socket uid
net: add sock_init_data_uid()
msm: camera: smmu: Use get_file to increase ref count
disp: msm: clear platform device drvdata on msm_drm bind fail
disp: msm: add support to parse HDMI VSDB block
Conflicts:
techpack/camera/drivers/cam_isp/cam_isp_context.c
techpack/camera/drivers/cam_isp/cam_isp_context.h
Change-Id: I632603f29a06dcf7c57dd9b2b4cc955d9e5bb396
|
||
|
Michael Bestas
|
2c5e7c6143 |
Merge tag 'ASB-2023-07-05_4.19-stable' of https://android.googlesource.com/kernel/common into android13-4.19-kona
https://source.android.com/docs/security/bulletin/2023-07-01 CVE-2022-42703 CVE-2023-21255 CVE-2023-25012 * tag 'ASB-2023-07-05_4.19-stable' of https://android.googlesource.com/kernel/common: Linux 4.19.288 i2c: imx-lpi2c: fix type char overflow issue when calculating the clock cycle x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl drm/exynos: fix race condition UAF in exynos_g2d_exec_ioctl drm/exynos: vidi: fix a wrong error return ASoC: nau8824: Add quirk to active-high jack-detect s390/cio: unregister device when the only path is gone usb: gadget: udc: fix NULL dereference in remove() nfcsim.c: Fix error checking for debugfs_create_dir media: cec: core: don't set last_initiator if tx in progress arm64: Add missing Set/Way CMO encodings HID: wacom: Add error check to wacom_parse_and_register() scsi: target: iscsi: Prevent login threads from racing between each other sch_netem: acquire qdisc lock in netem_change() netfilter: nfnetlink_osf: fix module autoload netfilter: nf_tables: disallow element updates of bound anonymous sets be2net: Extend xmit workaround to BE3 chip mmc: usdhi60rol0: fix deferred probing mmc: sdhci-acpi: fix deferred probing mmc: omap_hsmmc: fix deferred probing mmc: omap: fix deferred probing mmc: mvsdio: fix deferred probing mmc: mvsdio: convert to devm_platform_ioremap_resource mmc: mtk-sd: fix deferred probing net: qca_spi: Avoid high load if QCA7000 is not available xfrm: Linearize the skb after offloading if needed. ieee802154: hwsim: Fix possible memory leaks rcu: Upgrade rcu_swap_protected() to rcu_replace_pointer() nilfs2: prevent general protection fault in nilfs_clear_dirty_page() cgroup: Do not corrupt task iteration when rebinding subsystem PCI: hv: Fix a race condition bug in hv_pci_query_relations() Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs nilfs2: fix buffer corruption due to concurrent device reads ipmi: move message error checking to avoid deadlock ipmi: Make the smi watcher be disabled immediately when not needed x86/purgatory: remove PGO flags nilfs2: reject devices with insufficient block count serial: lantiq: add missing interrupt ack serial: lantiq: Do not swap register read/writes serial: lantiq: Use readl/writel instead of ltq_r32/ltq_w32 serial: lantiq: Change ltq_w32_mask to asc_update_bits Linux 4.19.287 mmc: block: ensure error propagation for non-blk powerpc: Fix defconfig choice logic when cross compiling drm/nouveau/kms: Fix NULL pointer dereference in nouveau_connector_detect_depth neighbour: delete neigh_lookup_nodev as not used net: Remove unused inline function dst_hold_and_use() neighbour: Remove unused inline function neigh_key_eq16() selftests/ptp: Fix timestamp printf format for PTP_SYS_OFFSET net: tipc: resize nlattr array to correct size net: lapbether: only support ethernet devices drm/nouveau: add nv_encoder pointer check for NULL drm/nouveau/kms: Don't change EDID when it hasn't actually changed drm/nouveau/dp: check for NULL nv_connector->native_mode igb: fix nvm.ops.read() error handling sctp: fix an error code in sctp_sf_eat_auth() IB/isert: Fix incorrect release of isert connection IB/isert: Fix possible list corruption in CMA handler IB/isert: Fix dead lock in ib_isert IB/uverbs: Fix to consider event queue closing also upon non-blocking mode RDMA/rxe: Fix the use-before-initialization error of resp_pkts RDMA/rxe: Removed unused name from rxe_task struct RDMA/rxe: Remove the unused variable obj ping6: Fix send to link-local addresses with VRF. netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM usb: gadget: f_ncm: Fix NTP-32 support usb: gadget: f_ncm: Add OS descriptor support usb: dwc3: gadget: Reset num TRBs before giving back the request USB: serial: option: add Quectel EM061KGL series Remove DECnet support from kernel net: usb: qmi_wwan: add support for Compal RXM-G1 RDMA/uverbs: Restrict usage of privileged QKEYs nouveau: fix client work fence deletion race powerpc/purgatory: remove PGO flags kexec: support purgatories with .text.hot sections nilfs2: fix possible out-of-bounds segment allocation in resize ioctl nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key() nios2: dts: Fix tse_mac "max-frame-size" property ocfs2: check new file size on fallocate call ocfs2: fix use-after-free when unmounting read-only filesystem xen/blkfront: Only check REQ_FUA for writes mips: Move initrd_start check after initrd address sanitisation. MIPS: Alchemy: fix dbdma2 parisc: Improve cache flushing for PCXL in arch_sync_dma_for_cpu() power: supply: Fix logic checking if system is running from battery irqchip/meson-gpio: Mark OF related data as maybe unused regulator: Fix error checking for debugfs_create_dir power: supply: Ratelimit no data debug output ARM: dts: vexpress: add missing cache properties power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() + schedule() power: supply: ab8500: Fix external_power_changed race Revert "tcp: deny tcp_disconnect() when threads are waiting" Revert "tcp: deny tcp_disconnect() when threads are waiting" ANDROID: GKI: update ABI xml for incrementalfs.ko Linux 4.19.286 Revert "staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE" btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() btrfs: check return value of btrfs_commit_transaction in relocation ext4: only check dquot_initialize_needed() when debugging i2c: sprd: Delete i2c adapter in .remove's error path pinctrl: meson-axg: add missing GPIOA_18 gpio group Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk ceph: fix use-after-free bug for inodes when flushing capsnaps drm/amdgpu: fix xclk freq on CHIP_STONEY Input: psmouse - fix OOB access in Elantech protocol Input: xpad - delete a Razer DeathAdder mouse VID/PID entry batman-adv: Broken sync while rescheduling delayed work lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release() net: sched: fix possible refcount leak in tc_chain_tmplt_add() net: sched: move rtm_tca_policy declaration to include file rfs: annotate lockless accesses to RFS sock flow table rfs: annotate lockless accesses to sk->sk_rxhash Bluetooth: L2CAP: Add missing checks for invalid DCID Bluetooth: Fix l2cap_disconnect_req deadlock net: dsa: lan9303: allow vid != 0 in port_fdb_{add|del} methods spi: qup: Request DMA before enabling clocks i40e: fix build warnings in i40e_alloc.h i40iw: fix build warning in i40iw_manage_apbvt() UPSTREAM: net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize UPSTREAM: cdc_ncm: Fix the build warning UPSTREAM: cdc_ncm: Implement the 32-bit version of NCM Transfer Block Revert "tcp: reduce POLLOUT events caused by TCP_NOTSENT_LOWAT" Revert "tcp: return EPOLLOUT from tcp_poll only when notsent_bytes is half the limit" Revert "tcp: factor out __tcp_close() helper" Revert "tcp: add annotations around sk->sk_shutdown accesses" ANDROID: fix abi break in 4.19.284 for cpuhotplug.h UPSTREAM: mailbox: mailbox-test: fix a locking issue in mbox_test_message_write() UPSTREAM: mailbox: mailbox-test: Fix potential double-free in mbox_test_message_write() Linux 4.19.285 wifi: rtlwifi: 8192de: correct checking of IQK reload scsi: dpt_i2o: Do not process completions with invalid addresses scsi: dpt_i2o: Remove broken pass-through ioctl (I2OUSERCMD) regmap: Account for register length when chunking fbcon: Fix null-ptr-deref in soft_cursor ext4: add lockdep annotations for i_data_sem for ea_inode's selinux: don't use make's grouped targets feature yet tty: serial: fsl_lpuart: use UARTCTRL_TXINV to send break instead of UARTCTRL_SBK mmc: vub300: fix invalid response handling rsi: Remove unnecessary boolean condition regulator: da905{2,5}: Remove unnecessary array check hwmon: (scmi) Remove redundant pointer check wifi: rtlwifi: remove always-true condition pointed out by GCC 12 lib/dynamic_debug.c: use address-of operator on section symbols kernel/extable.c: use address-of operator on section symbols eth: sun: cassini: remove dead code gcc-12: disable '-Wdangling-pointer' warning for now ACPI: thermal: drop an always true check x86/boot: Wrap literal addresses in absolute_pointer() ata: libata-scsi: Use correct device no in ata_find_dev() scsi: stex: Fix gcc 13 warnings usb: gadget: f_fs: Add unbind event before functionfs_unbind net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818 iio: dac: build ad5758 driver when AD5758 is selected iio: dac: mcp4725: Fix i2c_master_send() return value handling HID: wacom: avoid integer overflow in wacom_intuos_inout() HID: google: add jewel USB id iio: adc: mxs-lradc: fix the order of two cleanup operations mailbox: mailbox-test: fix a locking issue in mbox_test_message_write() atm: hide unused procfs functions ALSA: oss: avoid missing-prototype warnings netfilter: conntrack: define variables exp_nat_nla_policy and any_addr with CONFIG_NF_NAT wifi: b43: fix incorrect __packed annotation scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed arm64/mm: mark private VM_FAULT_X defines as vm_fault_t ARM: dts: stm32: add pin map for CAN controller on stm32f7 wifi: rtl8xxxu: fix authentication timeout due to incorrect RCR value media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*() media: dvb-core: Fix use-after-free due on race condition at dvb_net media: mn88443x: fix !CONFIG_OF error by drop of_match_ptr from ID table media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb() media: dvb_ca_en50221: fix a size write bug media: netup_unidvb: fix irq init by register it at the end of probe media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer() media: dvb-usb-v2: rtl28xxu: fix null-ptr-deref in rtl28xxu_i2c_xfer media: dvb-usb-v2: ce6230: fix null-ptr-deref in ce6230_i2c_master_xfer() media: dvb-usb-v2: ec168: fix null-ptr-deref in ec168_i2c_xfer() media: dvb-usb: az6027: fix three null-ptr-deref in az6027_i2c_xfer() media: dvb_demux: fix a bug for the continuity counter ASoC: ssm2602: Add workaround for playback distortions xfrm: Check if_id in inbound policy/secpath match ASoC: dwc: limit the number of overrun messages nbd: Fix debugfs_create_dir error checking fbdev: stifb: Fix info entry in sti_struct on error path fbdev: modedb: Add 1920x1080 at 60 Hz video mode media: rcar-vin: Select correct interrupt mode for V4L2_FIELD_ALTERNATE ARM: 9295/1: unwind:fix unwind abort for uleb128 case mailbox: mailbox-test: Fix potential double-free in mbox_test_message_write() watchdog: menz069_wdt: fix watchdog initialisation net: dsa: mv88e6xxx: Increase wait after reset deactivation net/sched: flower: fix possible OOB write in fl_set_geneve_opt() udp6: Fix race condition in udp6_sendmsg & connect net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report ocfs2/dlm: move BITS_TO_BYTES() to bitops.h for wider use net: sched: fix NULL pointer dereference in mq_attach net/sched: Prohibit regrafting ingress or clsact Qdiscs net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs net/sched: sch_clsact: Only create under TC_H_CLSACT net/sched: sch_ingress: Only create under TC_H_INGRESS tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set tcp: deny tcp_disconnect() when threads are waiting af_packet: do not use READ_ONCE() in packet_bind() amd-xgbe: fix the false linkup in xgbe_phy_status af_packet: Fix data-races of pkt_sk(sk)->num. netrom: fix info-leak in nr_write_internal() net/mlx5: fw_tracer, Fix event handling dmaengine: pl330: rename _start to prevent build error netfilter: ctnetlink: Support offloaded conntrack entry deletion ipv{4,6}/raw: fix output xfrm lookup wrt protocol bluetooth: Add cmd validity checks at the start of hci_sock_ioctl() cdc_ncm: Fix the build warning power: supply: bq24190: Call power_supply_changed() after updating input current power: supply: core: Refactor power_supply_set_input_current_limit_from_supplier() power: supply: bq27xxx: After charger plug in/out wait 0.5s for things to stabilize net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize cdc_ncm: Implement the 32-bit version of NCM Transfer Block UPSTREAM: efi: rt-wrapper: Add missing include BACKPORT: arm64: efi: Execute runtime services from a dedicated stack Revert "uapi/linux/const.h: prefer ISO-friendly __typeof__" Linux 4.19.284 drivers: depend on HAS_IOMEM for devm_platform_ioremap_resource() 3c589_cs: Fix an error handling path in tc589_probe() forcedeth: Fix an error handling path in nv_probe() ASoC: Intel: Skylake: Fix declaration of enum skl_ch_cfg x86/show_trace_log_lvl: Ensure stack pointer is aligned, again xen/pvcalls-back: fix double frees with pvcalls_new_active_socket() coresight: Fix signedness bug in tmc_etr_buf_insert_barrier_packet() power: supply: sbs-charger: Fix INHIBITED bit for Status reg power: supply: bq27xxx: Fix poll_interval handling and races on remove power: supply: bq27xxx: Fix I2C IRQ race on remove power: supply: bq27xxx: Fix bq27xxx_battery_update() race condition power: supply: leds: Fix blink to LED on transition ipv6: Fix out-of-bounds access in ipv6_find_tlv() bpf: Fix mask generation for 32-bit narrow loads of 64-bit fields net: fix skb leak in __skb_tstamp_tx() media: radio-shark: Add endpoint checks USB: sisusbvga: Add endpoint checks USB: core: Add routines for endpoint checks in old drivers udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated(). ALSA: hda/realtek - Fix inverted bass GPIO pin on Acer 8951G ALSA: hda/realtek - Fixed one of HP ALC671 platform Headset Mic supported parisc: Fix flush_dcache_page() for usage from irq context selftests/memfd: Fix unknown type name build failure x86/mm: Avoid incomplete Global INVLPG flushes btrfs: use nofs when cleaning up aborted transactions parisc: Allow to reboot machine after system halt m68k: Move signal frame following exception on 68020/030 ALSA: hda/ca0132: add quirk for EVGA X299 DARK spi: fsl-cpm: Use 16 bit mode for large transfers with even size spi: fsl-spi: Re-organise transfer bits_per_word adaptation spi: spi-fsl-spi: automatically adapt bits-per-word in cpu mode s390/qdio: fix do_sqbs() inline assembly constraint s390/qdio: get rid of register asm vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF vc_screen: rewrite vcs_size to accept vc, not inode usb: gadget: u_ether: Fix host MAC address case usb: gadget: u_ether: Convert prints to device prints lib/string_helpers: Introduce string_upper() and string_lower() helpers ALSA: hda/realtek: Add a quirk for HP EliteDesk 805 ALSA: hda/realtek - ALC897 headset MIC no sound ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform ALSA: hda/realtek: Fix the mic type detection issue for ASUS G551JW ALSA: hda/realtek - The front Mic on a HP machine doesn't work ALSA: hda/realtek - Enable the headset of Acer N50-600 with ALC662 ALSA: hda/realtek - Enable headset mic of Acer X2660G with ALC662 ALSA: hda/realtek - Add Headset Mic supported for HP cPC ALSA: hda/realtek - More constifications Add Acer Aspire Ethos 8951G model quirk HID: wacom: Force pen out of prox if no events have been received in a while netfilter: nf_tables: do not allow RULE_ID to refer to another chain netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on NFT_SET_OBJECT flag netfilter: nf_tables: stricter validation of element data netfilter: nf_tables: allow up to 64 bytes in the set element data area netfilter: nf_tables: add nft_setelem_parse_key() netfilter: nf_tables: validate registers coming from userspace. netfilter: nftables: statify nft_parse_register() netfilter: nftables: add nft_parse_register_store() and use it netfilter: nftables: add nft_parse_register_load() and use it nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode() tpm/tpm_tis: Disable interrupts for more Lenovo devices ceph: force updating the msg pointer in non-split case serial: Add support for Advantech PCI-1611U card statfs: enforce statfs[64] structure initialization ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table ALSA: hda: Fix Oops by 9.1 surround channel names usb: typec: altmodes/displayport: fix pin_assignment_show usb-storage: fix deadlock when a scsi command timeouts more than once vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit() igb: fix bit_shift to be in [1..8] range cassini: Fix a memory leak in the error handling path of cas_init_one() net: bcmgenet: Restore phy_stop() depending upon suspend/close net: bcmgenet: Remove phy_stop() from bcmgenet_netif_stop() net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() drm/exynos: fix g2d_open/close helper function definitions media: netup_unidvb: fix use-after-free at del_timer() erspan: get the proto with the md version for collect_md ip_gre, ip6_gre: Fix race condition on o_seqno in collect_md mode ip6_gre: Make o_seqno start from 0 in native mode ip6_gre: Fix skb_under_panic in __gre6_xmit() serial: arc_uart: fix of_iomap leak in `arc_serial_probe` drivers: provide devm_platform_ioremap_resource() vsock: avoid to close connected socket after the timeout net: fec: Better handle pm_runtime_get() failing in .remove() af_key: Reject optional tunnel/BEET mode templates in outbound policies cpupower: Make TSC read per CPU for Mperf monitor btrfs: fix space cache inconsistency after error loading it from disk btrfs: replace calls to btrfs_find_free_ino with btrfs_find_free_objectid mfd: dln2: Fix memory leak in dln2_probe() phy: st: miphy28lp: use _poll_timeout functions for waits Input: xpad - add constants for GIP interface numbers clk: tegra20: fix gcc-7 constant overflow warning recordmcount: Fix memory leaks in the uwrite function sched: Fix KCSAN noinstr violation mcb-pci: Reallocate memory region to avoid memory overlapping serial: 8250: Reinit port->pm on port specific driver unbind usb: typec: tcpm: fix multiple times discover svids error HID: wacom: generic: Set battery quirk only when we see battery data spi: spi-imx: fix MX51_ECSPI_* macros when cs > 3 HID: logitech-hidpp: Reconcile USB and Unifying serials HID: logitech-hidpp: Don't use the USB serial for USB devices staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace f2fs: fix to drop all dirty pages during umount() if cp_error is set ext4: Fix best extent lstart adjustment logic in ext4_mb_new_inode_pa() ext4: set goal start correctly in ext4_mb_normalize_request gfs2: Fix inode height consistency check scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition lib: cpu_rmap: Avoid use after free on rmap->obj array entries net: Catch invalid index in XPS mapping net: pasemi: Fix return type of pasemi_mac_start_tx() ext2: Check block size validity during mount wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in acpi_db_display_objects ACPICA: Avoid undefined behavior: applying zero offset to null pointer drm/tegra: Avoid potential 32-bit integer overflow ACPI: EC: Fix oops when removing custom query handlers firmware: arm_sdei: Fix sleep from invalid context BUG memstick: r592: Fix UAF bug in r592_remove due to race condition regmap: cache: Return error in cache sync operations for REGCACHE_NONE drm/amd/display: Use DC_LOG_DC in the trasform pixel function fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode() af_unix: Fix data races around sk->sk_shutdown. af_unix: Fix a data race of sk->sk_receive_queue->qlen. net: datagram: fix data-races in datagram_poll() ipvlan:Fix out-of-bounds caused by unclear skb->cb tcp: add annotations around sk->sk_shutdown accesses tcp: factor out __tcp_close() helper tcp: return EPOLLOUT from tcp_poll only when notsent_bytes is half the limit tcp: reduce POLLOUT events caused by TCP_NOTSENT_LOWAT net: annotate sk->sk_err write from do_recvmmsg() netlink: annotate accesses to nlk->cb_running net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs(). Linux 4.19.283 mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock printk: declare printk_deferred_{enter,safe}() in include/linux/printk.h PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock PCI: pciehp: Use down_read/write_nested(reset_lock) to fix lockdep errors drbd: correctly submit flush bio on barrier serial: 8250: Fix serial8250_tx_empty() race with DMA Tx tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH ext4: fix invalid free tracking in ext4_xattr_move_to_block() ext4: remove a BUG_ON in ext4_mb_release_group_pa() ext4: bail out of ext4_xattr_ibody_get() fails for any reason ext4: add bounds checking in get_max_inline_xattr_value_size() ext4: improve error recovery code paths in __ext4_remount() ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum ext4: fix WARNING in mb_find_extent HID: wacom: Set a default resolution for older tablets drm/panel: otm8009a: Set backlight parent to panel device ARM: dts: s5pv210: correct MIPI CSIS clock name ARM: dts: exynos: fix WM8960 clock name in Itop Elite sh: nmi_debug: fix return value of __setup handler sh: init: use OF_EARLY_FLATTREE for early init sh: math-emu: fix macro redefined warning platform/x86: touchscreen_dmi: Add info for the Dexp Ursus KX210i cifs: fix pcchunk length type in smb2_copychunk_range btrfs: print-tree: parent bytenr must be aligned to sector size btrfs: fix btrfs_prev_leaf() to not return the same key twice perf symbols: Fix return incorrect build_id size in elf_read_build_id() perf map: Delete two variable initialisations before null pointer checks in sort__sym_from_cmp() perf vendor events power9: Remove UTF-8 characters from JSON files virtio_net: suppress cpu stall when free_unused_bufs virtio_net: split free_unused_bufs() ALSA: caiaq: input: Add error handling for unsupported input methods in `snd_usb_caiaq_input_init` drm/amdgpu: add a missing lock for AMDGPU_SCHED drm/amdgpu: Add command to override the context priority. drm/amdgpu: Put enable gfx off feature to a delay thread drm/amdgpu: Add amdgpu_gfx_off_ctrl function af_packet: Don't send zero-byte data in packet_sendmsg_spkt(). rxrpc: Fix hard call timeout units net/sched: act_mirred: Add carrier check writeback: fix call of incorrect macro net: dsa: mv88e6xxx: add mv88e6321 rsvd2cpu net: dsa: mv88e6xxx: Add missing watchdog ops for 6320 family sit: update dev->needed_headroom in ipip6_tunnel_bind_dev() relayfs: fix out-of-bounds access in relay_file_read kernel/relay.c: fix read_pos error when multiple readers dm verity: fix error handling for check_at_most_once on FEC dm verity: skip redundant verity_handle_err() on I/O errors ipmi: fix SSIF not responding under certain cond. ipmi_ssif: Rename idle state and check ipmi: Fix how the lower layers are told to watch for messages ipmi: Fix SSIF flag requests tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem nohz: Add TICK_DEP_BIT_RCU netfilter: nf_tables: deactivate anonymous set from preparation phase debugobject: Ensure pool refill (again) perf auxtrace: Fix address filter entire kernel size dm ioctl: fix nested locking in table_clear() to remove deadlock concern dm flakey: fix a crash with invalid table line dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path s390/dasd: fix hanging blockdevice after request requeue btrfs: scrub: reject unsupported scrub flags clk: rockchip: rk3399: allow clk_cifout to force clk_cifout_src to reparent wifi: rtl8xxxu: RTL8192EU always needs full init md/raid10: fix null-ptr-deref in raid10_sync_request nilfs2: fix infinite loop in nilfs_mdt_get_block() nilfs2: do not write dirty data after degenerating to read-only parisc: Fix argument pointer in real64_call_asm() dmaengine: at_xdmac: do not enable all cyclic channels phy: tegra: xusb: Add missing tegra_xusb_port_unregister for usb2_port and ulpi_port pwm: mtk-disp: Disable shadow registers before setting backlight values pwm: mtk-disp: Adjust the clocks to avoid them mismatch pwm: mtk-disp: Don't check the return code of pwmchip_remove() openrisc: Properly store r31 to pt_regs on unhandled exceptions RDMA/mlx5: Use correct device num_ports when modify DC SUNRPC: remove the maximum number of retries in call_bind_status NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order clk: add missing of_node_put() in "assigned-clocks" property parsing power: supply: generic-adc-battery: fix unit scaling RDMA/mlx4: Prevent shift wrapping in set_user_sq_size() RDMA/rdmavt: Delete unnecessary NULL check perf/core: Fix hardlockup failure caused by perf throttle powerpc/rtas: use memmove for potentially overlapping buffer copy macintosh: via-pmu-led: requires ATA to be set powerpc/sysdev/tsi108: fix resource printk format warnings powerpc/wii: fix resource printk format warnings powerpc/mpc512x: fix resource printk format warning macintosh/windfarm_smu_sat: Add missing of_node_put() spmi: Add a check for remove callback when removing a SPMI driver staging: rtl8192e: Fix W_DISABLE# does not work after stop/start serial: 8250: Add missing wakeup event reporting tty: serial: fsl_lpuart: adjust buffer length to the intended size usb: chipidea: fix missing goto in `ci_hdrc_probe` sh: sq: Fix incorrect element size for allocating bitmap buffer uapi/linux/const.h: prefer ISO-friendly __typeof__ spi: cadence-quadspi: fix suspend-resume implementations mtd: spi-nor: cadence-quadspi: Handle probe deferral while requesting DMA channel mtd: spi-nor: cadence-quadspi: Don't initialize rx_dma_complete on failure mtd: spi-nor: cadence-quadspi: Make driver independent of flash geometry ia64: salinfo: placate defined-but-not-used warning ia64: mm/contig: fix section mismatch warning/error of: Fix modalias string generation vmci_host: fix a race condition in vmci_host_poll() causing GPF spi: fsl-spi: Fix CPM/QE mode Litte Endian spi: qup: Don't skip cleanup in remove's error path spi: qup: fix PM reference leak in spi_qup_remove() linux/vt_buffer.h: allow either builtin or modular for macros usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition fpga: bridge: fix kernel-doc parameter description usb: host: xhci-rcar: remove leftover quirk handling pstore: Revert pmsg_lock back to a normal mutex tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. net: amd: Fix link leak when verifying config failed netlink: Use copy_to_user() for optval in netlink_getsockopt(). Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work" ipv4: Fix potential uninit variable access bug in __ip_make_skb() netfilter: nf_tables: don't write table validation state without mutex ixgbe: Enable setting RSS table to default values ixgbe: Allow flow hash to be set via ethtool wifi: iwlwifi: mvm: check firmware response size wifi: iwlwifi: make the loop for card preparation effective md/raid10: fix memleak of md thread md: update the optimal I/O size on reshape md/raid10: fix memleak for 'conf->bio_split' md/raid10: fix leak of 'r10bio->remaining' for recovery crypto: drbg - Only fail when jent is unavailable in FIPS mode crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors bpftool: Fix bug for long instructions in program CFG dumps wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg() wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg() rtlwifi: Replace RT_TRACE with rtl_dbg rtlwifi: Start changing RT_TRACE into rtl_dbg rtlwifi: rtl_pci: Fix memory leak when hardware init fails scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS scsi: target: iscsit: Fix TAS handling during conn cleanup net/packet: convert po->auxdata to an atomic flag net/packet: convert po->origdev to an atomic flag vlan: partially enable SIOCSHWTSTAMP in container scm: fix MSG_CTRUNC setting condition for SO_PASSSEC tools: bpftool: Remove invalid \' json escape wifi: ath6kl: reduce WARN to dev_dbg() in callback wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list() wifi: ath9k: hif_usb: fix memory leak of remain_skbs wifi: ath6kl: minor fix for allocation size debugobject: Prevent init race with static objects debugobjects: Move printk out of db->lock critical sections debugobjects: Add percpu free pools arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step x86/ioapic: Don't return 0 from arch_dynirq_lower_bound() media: rc: gpio-ir-recv: Fix support for wake-up media: rcar_fdp1: Fix refcount leak in probe and remove function media: rcar_fdp1: Fix the correct variable assignments media: saa7134: fix use after free bug in saa7134_finidev due to race condition media: dm1105: Fix use after free bug in dm1105_remove due to race condition x86/apic: Fix atomic update of offset in reserve_eilvt_offset() drm/msm/adreno: drop bogus pm_runtime_set_active() drm/msm/adreno: Defer enabling runpm until hw_init() firmware: qcom_scm: Clear download bit during reboot media: av7110: prevent underflow in write_ts_to_decoder() media: uapi: add MEDIA_BUS_FMT_METADATA_FIXED media bus format. media: bdisp: Add missing check for create_workqueue ARM: dts: qcom: ipq4019: Fix the PCI I/O port range EDAC/skx: Fix overflows on the DRAM row address mapping arrays EDAC, skx: Move debugfs node under EDAC's hierarchy drm/probe-helper: Cancel previous job before starting new one drm/vgem: add missing mutex_destroy drm/rockchip: Drop unbalanced obj unref selinux: ensure av_permissions.h is built when needed selinux: fix Makefile dependencies of flask.h ubifs: Free memory for tmpfile name ubi: Fix return value overwrite issue in try_write_vid_and_data() ubifs: Fix memleak when insert_old_idx() failed Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path" i2c: omap: Fix standard mode false ACK readings KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted reiserfs: Add security prefix to xattr name in reiserfs_security_write() ring-buffer: Sync IRQ works before buffer destruction pwm: meson: Fix axg ao mux parents MIPS: fw: Allow firmware to pass a empty env xhci: fix debugfs register accesses while suspended debugfs: regset32: Add Runtime PM support staging: iio: resolver: ads1210: fix config mode perf sched: Cast PTHREAD_STACK_MIN to int as it may turn into sysconf(__SC_THREAD_STACK_MIN_VALUE) USB: dwc3: fix runtime pm imbalance on unbind stmmac: debugfs entry name is not be changed when udev rename device name. ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7 B1-750 iio: adc: palmas_gpadc: fix NULL dereference on rmmod USB: serial: option: add UNISOC vendor and TOZED LT70C product bluetooth: Perform careful capability checks in hci_sock_ioctl() wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() Conflicts: drivers/media/dvb-core/dvb_demux.c drivers/usb/dwc3/core.c drivers/usb/gadget/function/f_fs.c drivers/usb/gadget/function/f_ncm.c include/net/pkt_sched.h Change-Id: I5081b8f3529f4df573736bf7d69201f777754b74 |
||
|
Greg Kroah-Hartman
|
23eb39df01 |
Merge 4.19.283 into android-4.19-stable
Changes in 4.19.283
wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
bluetooth: Perform careful capability checks in hci_sock_ioctl()
USB: serial: option: add UNISOC vendor and TOZED LT70C product
iio: adc: palmas_gpadc: fix NULL dereference on rmmod
ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7 B1-750
stmmac: debugfs entry name is not be changed when udev rename device name.
USB: dwc3: fix runtime pm imbalance on unbind
perf sched: Cast PTHREAD_STACK_MIN to int as it may turn into sysconf(__SC_THREAD_STACK_MIN_VALUE)
staging: iio: resolver: ads1210: fix config mode
debugfs: regset32: Add Runtime PM support
xhci: fix debugfs register accesses while suspended
MIPS: fw: Allow firmware to pass a empty env
pwm: meson: Fix axg ao mux parents
ring-buffer: Sync IRQ works before buffer destruction
reiserfs: Add security prefix to xattr name in reiserfs_security_write()
KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted
i2c: omap: Fix standard mode false ACK readings
Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path"
ubifs: Fix memleak when insert_old_idx() failed
ubi: Fix return value overwrite issue in try_write_vid_and_data()
ubifs: Free memory for tmpfile name
selinux: fix Makefile dependencies of flask.h
selinux: ensure av_permissions.h is built when needed
drm/rockchip: Drop unbalanced obj unref
drm/vgem: add missing mutex_destroy
drm/probe-helper: Cancel previous job before starting new one
EDAC, skx: Move debugfs node under EDAC's hierarchy
EDAC/skx: Fix overflows on the DRAM row address mapping arrays
ARM: dts: qcom: ipq4019: Fix the PCI I/O port range
media: bdisp: Add missing check for create_workqueue
media: uapi: add MEDIA_BUS_FMT_METADATA_FIXED media bus format.
media: av7110: prevent underflow in write_ts_to_decoder()
firmware: qcom_scm: Clear download bit during reboot
drm/msm/adreno: Defer enabling runpm until hw_init()
drm/msm/adreno: drop bogus pm_runtime_set_active()
x86/apic: Fix atomic update of offset in reserve_eilvt_offset()
media: dm1105: Fix use after free bug in dm1105_remove due to race condition
media: saa7134: fix use after free bug in saa7134_finidev due to race condition
media: rcar_fdp1: Fix the correct variable assignments
media: rcar_fdp1: Fix refcount leak in probe and remove function
media: rc: gpio-ir-recv: Fix support for wake-up
x86/ioapic: Don't return 0 from arch_dynirq_lower_bound()
arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step
debugobjects: Add percpu free pools
debugobjects: Move printk out of db->lock critical sections
debugobject: Prevent init race with static objects
wifi: ath6kl: minor fix for allocation size
wifi: ath9k: hif_usb: fix memory leak of remain_skbs
wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list()
wifi: ath6kl: reduce WARN to dev_dbg() in callback
tools: bpftool: Remove invalid \' json escape
scm: fix MSG_CTRUNC setting condition for SO_PASSSEC
vlan: partially enable SIOCSHWTSTAMP in container
net/packet: convert po->origdev to an atomic flag
net/packet: convert po->auxdata to an atomic flag
scsi: target: iscsit: Fix TAS handling during conn cleanup
scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS
rtlwifi: rtl_pci: Fix memory leak when hardware init fails
rtlwifi: Start changing RT_TRACE into rtl_dbg
rtlwifi: Replace RT_TRACE with rtl_dbg
wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg()
wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg()
bpftool: Fix bug for long instructions in program CFG dumps
crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors
crypto: drbg - Only fail when jent is unavailable in FIPS mode
md/raid10: fix leak of 'r10bio->remaining' for recovery
md/raid10: fix memleak for 'conf->bio_split'
md: update the optimal I/O size on reshape
md/raid10: fix memleak of md thread
wifi: iwlwifi: make the loop for card preparation effective
wifi: iwlwifi: mvm: check firmware response size
ixgbe: Allow flow hash to be set via ethtool
ixgbe: Enable setting RSS table to default values
netfilter: nf_tables: don't write table validation state without mutex
ipv4: Fix potential uninit variable access bug in __ip_make_skb()
Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work"
netlink: Use copy_to_user() for optval in netlink_getsockopt().
net: amd: Fix link leak when verifying config failed
tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
pstore: Revert pmsg_lock back to a normal mutex
usb: host: xhci-rcar: remove leftover quirk handling
fpga: bridge: fix kernel-doc parameter description
usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
linux/vt_buffer.h: allow either builtin or modular for macros
spi: qup: fix PM reference leak in spi_qup_remove()
spi: qup: Don't skip cleanup in remove's error path
spi: fsl-spi: Fix CPM/QE mode Litte Endian
vmci_host: fix a race condition in vmci_host_poll() causing GPF
of: Fix modalias string generation
ia64: mm/contig: fix section mismatch warning/error
ia64: salinfo: placate defined-but-not-used warning
mtd: spi-nor: cadence-quadspi: Make driver independent of flash geometry
mtd: spi-nor: cadence-quadspi: Don't initialize rx_dma_complete on failure
mtd: spi-nor: cadence-quadspi: Handle probe deferral while requesting DMA channel
spi: cadence-quadspi: fix suspend-resume implementations
uapi/linux/const.h: prefer ISO-friendly __typeof__
sh: sq: Fix incorrect element size for allocating bitmap buffer
usb: chipidea: fix missing goto in `ci_hdrc_probe`
tty: serial: fsl_lpuart: adjust buffer length to the intended size
serial: 8250: Add missing wakeup event reporting
staging: rtl8192e: Fix W_DISABLE# does not work after stop/start
spmi: Add a check for remove callback when removing a SPMI driver
macintosh/windfarm_smu_sat: Add missing of_node_put()
powerpc/mpc512x: fix resource printk format warning
powerpc/wii: fix resource printk format warnings
powerpc/sysdev/tsi108: fix resource printk format warnings
macintosh: via-pmu-led: requires ATA to be set
powerpc/rtas: use memmove for potentially overlapping buffer copy
perf/core: Fix hardlockup failure caused by perf throttle
RDMA/rdmavt: Delete unnecessary NULL check
RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()
power: supply: generic-adc-battery: fix unit scaling
clk: add missing of_node_put() in "assigned-clocks" property parsing
IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order
NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease
SUNRPC: remove the maximum number of retries in call_bind_status
RDMA/mlx5: Use correct device num_ports when modify DC
openrisc: Properly store r31 to pt_regs on unhandled exceptions
pwm: mtk-disp: Don't check the return code of pwmchip_remove()
pwm: mtk-disp: Adjust the clocks to avoid them mismatch
pwm: mtk-disp: Disable shadow registers before setting backlight values
phy: tegra: xusb: Add missing tegra_xusb_port_unregister for usb2_port and ulpi_port
dmaengine: at_xdmac: do not enable all cyclic channels
parisc: Fix argument pointer in real64_call_asm()
nilfs2: do not write dirty data after degenerating to read-only
nilfs2: fix infinite loop in nilfs_mdt_get_block()
md/raid10: fix null-ptr-deref in raid10_sync_request
wifi: rtl8xxxu: RTL8192EU always needs full init
clk: rockchip: rk3399: allow clk_cifout to force clk_cifout_src to reparent
btrfs: scrub: reject unsupported scrub flags
s390/dasd: fix hanging blockdevice after request requeue
dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path
dm flakey: fix a crash with invalid table line
dm ioctl: fix nested locking in table_clear() to remove deadlock concern
perf auxtrace: Fix address filter entire kernel size
debugobject: Ensure pool refill (again)
netfilter: nf_tables: deactivate anonymous set from preparation phase
nohz: Add TICK_DEP_BIT_RCU
tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
ipmi: Fix SSIF flag requests
ipmi: Fix how the lower layers are told to watch for messages
ipmi_ssif: Rename idle state and check
ipmi: fix SSIF not responding under certain cond.
dm verity: skip redundant verity_handle_err() on I/O errors
dm verity: fix error handling for check_at_most_once on FEC
kernel/relay.c: fix read_pos error when multiple readers
relayfs: fix out-of-bounds access in relay_file_read
sit: update dev->needed_headroom in ipip6_tunnel_bind_dev()
net: dsa: mv88e6xxx: Add missing watchdog ops for 6320 family
net: dsa: mv88e6xxx: add mv88e6321 rsvd2cpu
writeback: fix call of incorrect macro
net/sched: act_mirred: Add carrier check
rxrpc: Fix hard call timeout units
af_packet: Don't send zero-byte data in packet_sendmsg_spkt().
drm/amdgpu: Add amdgpu_gfx_off_ctrl function
drm/amdgpu: Put enable gfx off feature to a delay thread
drm/amdgpu: Add command to override the context priority.
drm/amdgpu: add a missing lock for AMDGPU_SCHED
ALSA: caiaq: input: Add error handling for unsupported input methods in `snd_usb_caiaq_input_init`
virtio_net: split free_unused_bufs()
virtio_net: suppress cpu stall when free_unused_bufs
perf vendor events power9: Remove UTF-8 characters from JSON files
perf map: Delete two variable initialisations before null pointer checks in sort__sym_from_cmp()
perf symbols: Fix return incorrect build_id size in elf_read_build_id()
btrfs: fix btrfs_prev_leaf() to not return the same key twice
btrfs: print-tree: parent bytenr must be aligned to sector size
cifs: fix pcchunk length type in smb2_copychunk_range
platform/x86: touchscreen_dmi: Add info for the Dexp Ursus KX210i
sh: math-emu: fix macro redefined warning
sh: init: use OF_EARLY_FLATTREE for early init
sh: nmi_debug: fix return value of __setup handler
ARM: dts: exynos: fix WM8960 clock name in Itop Elite
ARM: dts: s5pv210: correct MIPI CSIS clock name
drm/panel: otm8009a: Set backlight parent to panel device
HID: wacom: Set a default resolution for older tablets
ext4: fix WARNING in mb_find_extent
ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
ext4: improve error recovery code paths in __ext4_remount()
ext4: add bounds checking in get_max_inline_xattr_value_size()
ext4: bail out of ext4_xattr_ibody_get() fails for any reason
ext4: remove a BUG_ON in ext4_mb_release_group_pa()
ext4: fix invalid free tracking in ext4_xattr_move_to_block()
tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
serial: 8250: Fix serial8250_tx_empty() race with DMA Tx
drbd: correctly submit flush bio on barrier
PCI: pciehp: Use down_read/write_nested(reset_lock) to fix lockdep errors
PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
printk: declare printk_deferred_{enter,safe}() in include/linux/printk.h
mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock
Linux 4.19.283
Change-Id: Id2f95d527f356c874a9e01e57f1d816b9fa34e8b
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Herbert Xu
|
1fd247c1de |
crypto: drbg - Only fail when jent is unavailable in FIPS mode
[ Upstream commit 686cd976b6ddedeeb1a1fb09ba53a891d3cc9a03 ]
When jent initialisation fails for any reason other than ENOENT,
the entire drbg fails to initialise, even when we're not in FIPS
mode. This is wrong because we can still use the kernel RNG when
we're not in FIPS mode.
Change it so that it only fails when we are in FIPS mode.
Fixes:
|
||
|
Nicolai Stange
|
f1943e5703 |
crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors
[ Upstream commit 559edd47cce4cc407d606b4d7f376822816fd4b8 ] Now that drbg_prepare_hrng() doesn't do anything but to instantiate a jitterentropy crypto_rng instance, it looks a little odd to have the related error handling at its only caller, drbg_instantiate(). Move the handling of jitterentropy allocation failures from drbg_instantiate() close to the allocation itself in drbg_prepare_hrng(). There is no change in behaviour. Signed-off-by: Nicolai Stange <nstange@suse.de> Reviewed-by: Stephan Müller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Stable-dep-of: 686cd976b6dd ("crypto: drbg - Only fail when jent is unavailable in FIPS mode") Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Michael Bestas
|
de5542b829 |
Merge remote-tracking branch 'sm8250/lineage-20' into lineage-20
* sm8250/lineage-20:
Linux 4.19.282
ASN.1: Fix check for strdup() success
iio: adc: at91-sama5d2_adc: fix an error code in at91_adc_allocate_trigger()
counter: 104-quad-8: Fix race condition between FLAG and CNTR reads
sctp: Call inet6_destroy_sock() via sk->sk_destruct().
dccp: Call inet6_destroy_sock() via sk->sk_destruct().
inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy().
tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct().
udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM).
ext4: fix use-after-free in ext4_xattr_set_entry
ext4: remove duplicate definition of ext4_xattr_ibody_inline_set()
Revert "ext4: fix use-after-free in ext4_xattr_set_entry"
x86/purgatory: Don't generate debug info for purgatory.ro
memstick: fix memory leak if card device is never registered
nilfs2: initialize unused bytes in segment summary blocks
xen/netback: use same error messages for same errors
s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling
net: dsa: b53: mmap: add phy ops
scsi: core: Improve scsi_vpd_inquiry() checks
scsi: megaraid_sas: Fix fw_crash_buffer_show()
selftests: sigaltstack: fix -Wuninitialized
Input: i8042 - add quirk for Fujitsu Lifebook A574/H
f2fs: Fix f2fs_truncate_partial_nodes ftrace event
e1000e: Disable TSO on i219-LM card to increase speed
mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next()
i40e: fix i40e_setup_misc_vector() error handling
i40e: fix accessing vsi->active_filters without holding lock
virtio_net: bugfix overflow inside xdp_linearize_page()
net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
ARM: dts: rockchip: fix a typo error for rk3288 spdif node
Linux 4.19.281
arm64: KVM: Fix system register enumeration
KVM: arm64: Filter out invalid core register IDs in KVM_GET_REG_LIST
KVM: arm64: Factor out core register ID enumeration
KVM: nVMX: add missing consistency checks for CR0 and CR4
coresight-etm4: Fix for() loop drvdata->nr_addr_cmp range bug
watchdog: sbsa_wdog: Make sure the timeout programming is within the limits
cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach()
ubi: Fix deadlock caused by recursively holding work_sem
mtd: ubi: wl: Fix a couple of kernel-doc issues
ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size
x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot
scsi: ses: Handle enclosure with just a primary component gracefully
verify_pefile: relax wrapper length check
efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L
i2c: imx-lpi2c: clean rx/tx buffers upon new message
power: supply: cros_usbpd: reclassify "default case!" as debug
udp6: fix potential access to stale information
net: macb: fix a memory corruption in extended buffer descriptor mode
sctp: fix a potential overflow in sctp_ifwdtsn_skip
qlcnic: check pci_reset_function result
niu: Fix missing unwind goto in niu_alloc_channels()
9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition
mtdblock: tolerate corrected bit-flips
Bluetooth: Fix race condition in hidp_session_thread
Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards
ALSA: i2c/cs8427: fix iec958 mixer control deactivation
ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard
ALSA: emu10k1: fix capture interrupt handler unlinking
Revert "pinctrl: amd: Disable and mask interrupts on resume"
mm/swap: fix swap_info_struct race between swapoff and get_swap_pages()
ring-buffer: Fix race while reader and writer are on the same page
ftrace: Mark get_lock_parent_ip() __always_inline
perf/core: Fix the same task check in perf_event_set_output
ALSA: hda/realtek: Add quirk for Clevo X370SNW
nilfs2: fix sysfs interface lifetime
nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread()
tty: serial: sh-sci: Fix Rx on RZ/G2L SCI
tty: serial: sh-sci: Fix transmit end interrupt handler
iio: dac: cio-dac: Fix max DAC write value check for 12-bit
USB: serial: option: add Quectel RM500U-CN modem
USB: serial: option: add Telit FE990 compositions
USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs
gpio: davinci: Add irq chip flag to skip set wake
ipv6: Fix an uninit variable access bug in __ip6_make_skb()
sctp: check send stream number after wait_for_sndbuf
net: don't let netpoll invoke NAPI if in xmit context
icmp: guard against too small mtu
wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta
pwm: cros-ec: Explicitly set .polarity in .get_state()
NFSv4: Fix hangs when recovering open state after a server reboot
NFSv4: Check the return value of update_open_stateid()
NFSv4: Convert struct nfs4_state to use refcount_t
pinctrl: amd: Disable and mask interrupts on resume
pinctrl: amd: disable and mask interrupts on probe
pinctrl: amd: Use irqchip template
pinctrl: Added IRQF_SHARED flag for amd-pinctrl driver
techpack: audio: Remove build timestamp injection
Revert "dm thin: fix deadlock when swapping to thin device"
Linux 4.19.280
cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()
cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock
cgroup/cpuset: Change cpuset_rwsem and hotplug lock order
net: sched: cbq: dont intepret cls results when asked to drop
gfs2: Always check inode size of inline inodes
firmware: arm_scmi: Fix device node validation for mailbox transport
ext4: fix kernel BUG in 'ext4_write_inline_data_end()'
usb: host: ohci-pxa27x: Fix and & vs | typo
s390/uaccess: add missing earlyclobber annotations to __clear_user()
drm/etnaviv: fix reference leak when mmaping imported buffer
ALSA: usb-audio: Fix regression on detection of Roland VS-100
ALSA: hda/conexant: Partial revert of a quirk for Lenovo
pinctrl: at91-pio4: fix domain name assignment
xen/netback: don't do grant copy across page boundary
cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL
cifs: prevent infinite recursion in CIFSGetDFSRefer()
Input: focaltech - use explicitly signed char type
Input: alps - fix compatibility with -funsigned-char
net: mvneta: make tx buffer array agnostic
net: dsa: mv88e6xxx: Enable IGMP snooping on user ports only
i40e: fix registers dump after run ethtool adapter self test
can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write
scsi: megaraid_sas: Fix crash after a double completion
ca8210: Fix unsigned mac_len comparison with zero in ca8210_skb_tx()
fbdev: au1200fb: Fix potential divide by zero
fbdev: lxfb: Fix potential divide by zero
fbdev: intelfb: Fix potential divide by zero
fbdev: nvidia: Fix potential divide by zero
sched_getaffinity: don't assume 'cpumask_size()' is fully initialized
fbdev: tgafb: Fix potential divide by zero
ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set()
ALSA: asihpi: check pao in control_message()
md: avoid signed overflow in slot_store()
bus: imx-weim: fix branch condition evaluates to a garbage value
ocfs2: fix data corruption after failed write
tun: avoid double free in tun_free_netdev
sched/fair: Sanitize vruntime of entity being migrated
sched/fair: sanitize vruntime of entity being placed
dm crypt: add cond_resched() to dmcrypt_write()
dm stats: check for and propagate alloc_percpu failure
i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy()
usb: chipidea: core: fix possible concurrent when switch role
usb: chipdea: core: fix return -EINVAL if request role is the same with current role
dm thin: fix deadlock when swapping to thin device
igb: revert rtnl_lock() that causes deadlock
usb: gadget: u_audio: don't let userspace block driver unbind
scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR
cifs: empty interface list when server doesn't support query interfaces
sh: sanitize the flags on sigreturn
net: usb: qmi_wwan: add Telit 0x1080 composition
net: usb: cdc_mbim: avoid altsetting toggling for Telit FE990
scsi: ufs: core: Add soft dependency on governor_simpleondemand
scsi: target: iscsi: Fix an error message in iscsi_check_key()
m68k: Only force 030 bus error if PC not in exception table
ca8210: fix mac_len negative array access
riscv: Bump COMMAND_LINE_SIZE value to 1024
thunderbolt: Use const qualifier for `ring_interrupt_index`
uas: Add US_FL_NO_REPORT_OPCODES for JMicron JMS583Gen 2
hwmon (it87): Fix voltage scaling for chips with 10.9mV ADCs
Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work
Bluetooth: btqcomsmd: Fix command timeout after setting BD address
net: mdio: thunder: Add missing fwnode_handle_put()
hvc/xen: prevent concurrent accesses to the shared ring
net/sonic: use dma_mapping_error() for error check
erspan: do not use skb_mac_header() in ndo_start_xmit()
atm: idt77252: fix kmemleak when rmmod idt77252
net/mlx5: Read the TC mapping of all priorities on ETS query
bpf: Adjust insufficient default bpf_jit_limit
net/ps3_gelic_net: Use dma_mapping_error
net/ps3_gelic_net: Fix RX sk_buff length
net: qcom/emac: Fix use after free bug in emac_remove due to race condition
xirc2ps_cs: Fix use after free bug in xirc2ps_detach
qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info
net: usb: smsc95xx: Limit packet length to skb->len
scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate()
i2c: imx-lpi2c: check only for enabled interrupt flags
igbvf: Regard vf reset nack as success
intel/igbvf: free irq on the error path in igbvf_request_msix()
iavf: fix inverted Rx hash condition leading to disabled hash
iavf: diet and reformat
intel-ethernet: rename i40evf to iavf
i40evf: Change a VF mac without reloading the VF driver
power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition
msm: vidc: If QP_value is invalid,assign default_QP
msm: kgsl: Keep postamble packets in a privileged buffer
ANDROID: mm/filemap: Fix missing put_page() for speculative page fault
soc: qcom: qsee_ipc_irq_bridge: Remove redundant cleanup
fw-api: CL 22203883 - update fw common interface files
fw-api: CL 22203879 - update fw common interface files
fw-api: CL 22186584 - update fw common interface files
fw-api: CL 22164863 - update fw common interface files
fw-api: CL 22156324 - update fw common interface files
fw-api: Add HW header files for WCN6450
fw-api: remove banned words
fw-api: Make changes to support Big endian
fw-api: CL 22114305 - update fw common interface files
fw-api: CL 22096085 - update fw common interface files
fw-api: CL 22074527 - update fw common interface files
ANDROID: Re-enable fast mremap and fix UAF with SPF
ANDROID: mm: fix invalid backport in speculative page fault path
ANDROID: mm: assert that mmap_lock is taken exclusively in vm_write_begin
ANDROID: mm: remove sequence counting when mmap_lock is not exclusively owned
ANDROID: mm/khugepaged: add missing vm_write_{begin|end}
BACKPORT: FROMLIST: mm: implement speculative handling in filemap_fault()
fw-api: CL 22046875 - update fw common interface files
ANDROID: mm: prevent reads of unstable pmd during speculation
ANDROID: mm: prevent speculative page fault handling for in do_swap_page()
ANDROID: mm: skip pte_alloc during speculative page fault
fw-api: CL 22021621 - update fw common interface files
fw-api: CL 22011590 - update fw common interface files
fw-api: CL 22011543 - update fw common interface files
fw-api: CL 21987591 - update fw common interface files
fw-api: CL 21987565 - update fw common interface files
fw-api: CL 21882670 - update fw common interface files.
fw-api: CL 21863023 - update fw common interface files
fw-api: add REO2SW1_RING_MISC_1 in wcss_seq_hwioumac_reg.h
fw-api: CL 21817763 - update fw common interface files
fw-api: CL 21803370 - update fw common interface files
fw-api: CL 21801844 - update fw common interface files
fw-api: CL 21775737 - update fw common interface files
fw-api: CL 21774881 - update fw common interface files
fw-api: CL 21752010 - update fw common interface files
fw-api: CL 21737959 - update fw common interface files
fw-api: CL 21716559 - update fw common interface files
fw-api: CL 21708534 - update fw common interface files
fw-api: CL 21708530 - update fw common interface files
fw-api: CL 21693223 - update fw common interface files
fw-api: CL 21678453 - update fw common interface files
fw-api: CL 21675975 - update fw common interface files
fw-api: CL 21673808 - update fw common interface files
fw-api: CL 21672613 - update fw common interface files
fw-api: CL 21666405 - update fw common interface files
fw-api: CL 21666402 - update fw common interface files
fw-api: CL 21636648 - update fw common interface files
fw-api: CL 21636521 - update fw common interface files
fw-api: CL 21636491 - update fw common interface files
fw-api: CL 21624235 - update fw common interface files
fw-api: CL 21624232 - update fw common interface files
fw-api: CL 21615080 - update fw common interface files
fw-api: CL 21615063 - update fw common interface files
fw-api: CL 21614996 - update fw common interface files
fw-api: CL 21602542 - update fw common interface files
fw-api: CL 21599461 - update fw common interface files
fw-api: CL 21557799 - update fw common interface files
fw-api: CL 21552073 - update fw common interface files
fw-api: CL 21545735 - update fw common interface files
fw-api: CL 21541123 - update fw common interface files
fw-api: CL 21506382 - update fw common interface files
fw-api: CL 21503143 - update fw common interface files
fw-api: CL 21482490 - update fw common interface files
fw-api: CL 21473564 - update fw common interface files
fw-api: CL 21462084 - update fw common interface files
fw-api: CL 21416528 - update fw common interface files
fw-api: CL 21416524 - update fw common interface files
fw-api: CL 21399770 - update fw common interface files
fw-api: CL 21399742 - update fw common interface files
fw-api: CL 21398997 - update fw common interface files
fw-api: CL 21373891 - update fw common interface files
fw-api: CL 21373889 - update fw common interface files
fw-api: CL 21355920 - update fw common interface files
serial: msm_geni_serial: Avoid UAF memory access in exit path
mfd: qcom-spmi-pmic: Add remove API
Change-Id: I09919a63d6929bd43a7aa24b9ce475d5301d8f9f
|
||
|
Michael Bestas
|
96ce54f451 |
Merge tag 'ASB-2023-05-05_4.19-stable' of https://android.googlesource.com/kernel/common into android13-4.19-kona
https://source.android.com/docs/security/bulletin/2023-05-01 CVE-2023-21102 CVE-2023-21106 CVE-2023-0266 * tag 'ASB-2023-05-05_4.19-stable' of https://android.googlesource.com/kernel/common: Linux 4.19.282 ASN.1: Fix check for strdup() success iio: adc: at91-sama5d2_adc: fix an error code in at91_adc_allocate_trigger() counter: 104-quad-8: Fix race condition between FLAG and CNTR reads sctp: Call inet6_destroy_sock() via sk->sk_destruct(). dccp: Call inet6_destroy_sock() via sk->sk_destruct(). inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy(). tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct(). udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM). ext4: fix use-after-free in ext4_xattr_set_entry ext4: remove duplicate definition of ext4_xattr_ibody_inline_set() Revert "ext4: fix use-after-free in ext4_xattr_set_entry" x86/purgatory: Don't generate debug info for purgatory.ro memstick: fix memory leak if card device is never registered nilfs2: initialize unused bytes in segment summary blocks xen/netback: use same error messages for same errors s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling net: dsa: b53: mmap: add phy ops scsi: core: Improve scsi_vpd_inquiry() checks scsi: megaraid_sas: Fix fw_crash_buffer_show() selftests: sigaltstack: fix -Wuninitialized Input: i8042 - add quirk for Fujitsu Lifebook A574/H f2fs: Fix f2fs_truncate_partial_nodes ftrace event e1000e: Disable TSO on i219-LM card to increase speed mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next() i40e: fix i40e_setup_misc_vector() error handling i40e: fix accessing vsi->active_filters without holding lock virtio_net: bugfix overflow inside xdp_linearize_page() net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg ARM: dts: rockchip: fix a typo error for rk3288 spdif node Linux 4.19.281 arm64: KVM: Fix system register enumeration KVM: arm64: Filter out invalid core register IDs in KVM_GET_REG_LIST KVM: arm64: Factor out core register ID enumeration KVM: nVMX: add missing consistency checks for CR0 and CR4 coresight-etm4: Fix for() loop drvdata->nr_addr_cmp range bug watchdog: sbsa_wdog: Make sure the timeout programming is within the limits cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() ubi: Fix deadlock caused by recursively holding work_sem mtd: ubi: wl: Fix a couple of kernel-doc issues ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot scsi: ses: Handle enclosure with just a primary component gracefully verify_pefile: relax wrapper length check efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L i2c: imx-lpi2c: clean rx/tx buffers upon new message power: supply: cros_usbpd: reclassify "default case!" as debug udp6: fix potential access to stale information net: macb: fix a memory corruption in extended buffer descriptor mode sctp: fix a potential overflow in sctp_ifwdtsn_skip qlcnic: check pci_reset_function result niu: Fix missing unwind goto in niu_alloc_channels() 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition mtdblock: tolerate corrected bit-flips Bluetooth: Fix race condition in hidp_session_thread Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards ALSA: i2c/cs8427: fix iec958 mixer control deactivation ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard ALSA: emu10k1: fix capture interrupt handler unlinking Revert "pinctrl: amd: Disable and mask interrupts on resume" mm/swap: fix swap_info_struct race between swapoff and get_swap_pages() ring-buffer: Fix race while reader and writer are on the same page ftrace: Mark get_lock_parent_ip() __always_inline perf/core: Fix the same task check in perf_event_set_output ALSA: hda/realtek: Add quirk for Clevo X370SNW nilfs2: fix sysfs interface lifetime nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() tty: serial: sh-sci: Fix Rx on RZ/G2L SCI tty: serial: sh-sci: Fix transmit end interrupt handler iio: dac: cio-dac: Fix max DAC write value check for 12-bit USB: serial: option: add Quectel RM500U-CN modem USB: serial: option: add Telit FE990 compositions USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs gpio: davinci: Add irq chip flag to skip set wake ipv6: Fix an uninit variable access bug in __ip6_make_skb() sctp: check send stream number after wait_for_sndbuf net: don't let netpoll invoke NAPI if in xmit context icmp: guard against too small mtu wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta pwm: cros-ec: Explicitly set .polarity in .get_state() NFSv4: Fix hangs when recovering open state after a server reboot NFSv4: Check the return value of update_open_stateid() NFSv4: Convert struct nfs4_state to use refcount_t pinctrl: amd: Disable and mask interrupts on resume pinctrl: amd: disable and mask interrupts on probe pinctrl: amd: Use irqchip template pinctrl: Added IRQF_SHARED flag for amd-pinctrl driver Revert "dm thin: fix deadlock when swapping to thin device" Linux 4.19.280 cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock cgroup/cpuset: Change cpuset_rwsem and hotplug lock order net: sched: cbq: dont intepret cls results when asked to drop gfs2: Always check inode size of inline inodes firmware: arm_scmi: Fix device node validation for mailbox transport ext4: fix kernel BUG in 'ext4_write_inline_data_end()' usb: host: ohci-pxa27x: Fix and & vs | typo s390/uaccess: add missing earlyclobber annotations to __clear_user() drm/etnaviv: fix reference leak when mmaping imported buffer ALSA: usb-audio: Fix regression on detection of Roland VS-100 ALSA: hda/conexant: Partial revert of a quirk for Lenovo pinctrl: at91-pio4: fix domain name assignment xen/netback: don't do grant copy across page boundary cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL cifs: prevent infinite recursion in CIFSGetDFSRefer() Input: focaltech - use explicitly signed char type Input: alps - fix compatibility with -funsigned-char net: mvneta: make tx buffer array agnostic net: dsa: mv88e6xxx: Enable IGMP snooping on user ports only i40e: fix registers dump after run ethtool adapter self test can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write scsi: megaraid_sas: Fix crash after a double completion ca8210: Fix unsigned mac_len comparison with zero in ca8210_skb_tx() fbdev: au1200fb: Fix potential divide by zero fbdev: lxfb: Fix potential divide by zero fbdev: intelfb: Fix potential divide by zero fbdev: nvidia: Fix potential divide by zero sched_getaffinity: don't assume 'cpumask_size()' is fully initialized fbdev: tgafb: Fix potential divide by zero ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() ALSA: asihpi: check pao in control_message() md: avoid signed overflow in slot_store() bus: imx-weim: fix branch condition evaluates to a garbage value ocfs2: fix data corruption after failed write tun: avoid double free in tun_free_netdev sched/fair: Sanitize vruntime of entity being migrated sched/fair: sanitize vruntime of entity being placed dm crypt: add cond_resched() to dmcrypt_write() dm stats: check for and propagate alloc_percpu failure i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy() usb: chipidea: core: fix possible concurrent when switch role usb: chipdea: core: fix return -EINVAL if request role is the same with current role dm thin: fix deadlock when swapping to thin device igb: revert rtnl_lock() that causes deadlock usb: gadget: u_audio: don't let userspace block driver unbind scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR cifs: empty interface list when server doesn't support query interfaces sh: sanitize the flags on sigreturn net: usb: qmi_wwan: add Telit 0x1080 composition net: usb: cdc_mbim: avoid altsetting toggling for Telit FE990 scsi: ufs: core: Add soft dependency on governor_simpleondemand scsi: target: iscsi: Fix an error message in iscsi_check_key() m68k: Only force 030 bus error if PC not in exception table ca8210: fix mac_len negative array access riscv: Bump COMMAND_LINE_SIZE value to 1024 thunderbolt: Use const qualifier for `ring_interrupt_index` uas: Add US_FL_NO_REPORT_OPCODES for JMicron JMS583Gen 2 hwmon (it87): Fix voltage scaling for chips with 10.9mV ADCs Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work Bluetooth: btqcomsmd: Fix command timeout after setting BD address net: mdio: thunder: Add missing fwnode_handle_put() hvc/xen: prevent concurrent accesses to the shared ring net/sonic: use dma_mapping_error() for error check erspan: do not use skb_mac_header() in ndo_start_xmit() atm: idt77252: fix kmemleak when rmmod idt77252 net/mlx5: Read the TC mapping of all priorities on ETS query bpf: Adjust insufficient default bpf_jit_limit net/ps3_gelic_net: Use dma_mapping_error net/ps3_gelic_net: Fix RX sk_buff length net: qcom/emac: Fix use after free bug in emac_remove due to race condition xirc2ps_cs: Fix use after free bug in xirc2ps_detach qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info net: usb: smsc95xx: Limit packet length to skb->len scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate() i2c: imx-lpi2c: check only for enabled interrupt flags igbvf: Regard vf reset nack as success intel/igbvf: free irq on the error path in igbvf_request_msix() iavf: fix inverted Rx hash condition leading to disabled hash iavf: diet and reformat intel-ethernet: rename i40evf to iavf i40evf: Change a VF mac without reloading the VF driver power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition Conflicts: kernel/cgroup/cpuset.c Change-Id: Ic09017614f20bff94eb0b913bb7fb5b9656dc272 |
||
|
Greg Kroah-Hartman
|
0b85669846 |
Merge 4.19.281 into android-4.19-stable
Changes in 4.19.281
pinctrl: Added IRQF_SHARED flag for amd-pinctrl driver
pinctrl: amd: Use irqchip template
pinctrl: amd: disable and mask interrupts on probe
pinctrl: amd: Disable and mask interrupts on resume
NFSv4: Convert struct nfs4_state to use refcount_t
NFSv4: Check the return value of update_open_stateid()
NFSv4: Fix hangs when recovering open state after a server reboot
pwm: cros-ec: Explicitly set .polarity in .get_state()
wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta
icmp: guard against too small mtu
net: don't let netpoll invoke NAPI if in xmit context
sctp: check send stream number after wait_for_sndbuf
ipv6: Fix an uninit variable access bug in __ip6_make_skb()
gpio: davinci: Add irq chip flag to skip set wake
USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs
USB: serial: option: add Telit FE990 compositions
USB: serial: option: add Quectel RM500U-CN modem
iio: dac: cio-dac: Fix max DAC write value check for 12-bit
tty: serial: sh-sci: Fix transmit end interrupt handler
tty: serial: sh-sci: Fix Rx on RZ/G2L SCI
nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread()
nilfs2: fix sysfs interface lifetime
ALSA: hda/realtek: Add quirk for Clevo X370SNW
perf/core: Fix the same task check in perf_event_set_output
ftrace: Mark get_lock_parent_ip() __always_inline
ring-buffer: Fix race while reader and writer are on the same page
mm/swap: fix swap_info_struct race between swapoff and get_swap_pages()
Revert "pinctrl: amd: Disable and mask interrupts on resume"
ALSA: emu10k1: fix capture interrupt handler unlinking
ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard
ALSA: i2c/cs8427: fix iec958 mixer control deactivation
ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards
Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
Bluetooth: Fix race condition in hidp_session_thread
mtdblock: tolerate corrected bit-flips
9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition
niu: Fix missing unwind goto in niu_alloc_channels()
qlcnic: check pci_reset_function result
sctp: fix a potential overflow in sctp_ifwdtsn_skip
net: macb: fix a memory corruption in extended buffer descriptor mode
udp6: fix potential access to stale information
power: supply: cros_usbpd: reclassify "default case!" as debug
i2c: imx-lpi2c: clean rx/tx buffers upon new message
efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L
verify_pefile: relax wrapper length check
scsi: ses: Handle enclosure with just a primary component gracefully
x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot
ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size
mtd: ubi: wl: Fix a couple of kernel-doc issues
ubi: Fix deadlock caused by recursively holding work_sem
cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach()
watchdog: sbsa_wdog: Make sure the timeout programming is within the limits
coresight-etm4: Fix for() loop drvdata->nr_addr_cmp range bug
KVM: nVMX: add missing consistency checks for CR0 and CR4
KVM: arm64: Factor out core register ID enumeration
KVM: arm64: Filter out invalid core register IDs in KVM_GET_REG_LIST
arm64: KVM: Fix system register enumeration
Linux 4.19.281
Change-Id: I1883ac62812715a59cfcef066451a70fa7803b2e
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Robbie Harwood
|
96acda7332 |
verify_pefile: relax wrapper length check
[ Upstream commit 4fc5c74dde69a7eda172514aaeb5a7df3600adb3 ] The PE Format Specification (section "The Attribute Certificate Table (Image Only)") states that `dwLength` is to be rounded up to 8-byte alignment when used for traversal. Therefore, the field is not required to be an 8-byte multiple in the first place. Accordingly, pesign has not performed this alignment since version 0.110. This causes kexec failure on pesign'd binaries with "PEFILE: Signature wrapper len wrong". Update the comment and relax the check. Signed-off-by: Robbie Harwood <rharwood@redhat.com> Signed-off-by: David Howells <dhowells@redhat.com> cc: Jarkko Sakkinen <jarkko@kernel.org> cc: Eric Biederman <ebiederm@xmission.com> cc: Herbert Xu <herbert@gondor.apana.org.au> cc: keyrings@vger.kernel.org cc: linux-crypto@vger.kernel.org cc: kexec@lists.infradead.org Link: https://learn.microsoft.com/en-us/windows/win32/debug/pe-format#the-attribute-certificate-table-image-only Link: https://github.com/rhboot/pesign Link: https://lore.kernel.org/r/20230220171254.592347-2-rharwood@redhat.com/ # v2 Signed-off-by: Sasha Levin <sashal@kernel.org> |