16.0
545 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Samuel Pascua
|
622705f7c9 |
Merge tag 'v4.14.356-openela-rc1' of https://github.com/openela/kernel-lts
This is the 4.14.356 OpenELA-Extended LTS stable release candidate 1 Conflicts: arch/arm/include/asm/uaccess.h drivers/android/binder.c drivers/android/binder_alloc.c drivers/block/loop.c drivers/infiniband/ulp/srpt/ib_srpt.c drivers/mmc/core/mmc_test.c drivers/net/usb/usbnet.c fs/aio.c fs/f2fs/inode.c fs/f2fs/namei.c fs/f2fs/segment.c fs/f2fs/super.c fs/select.c include/linux/fs.h include/net/netns/ipv4.h kernel/power/swap.c mm/page_alloc.c net/core/filter.c net/ipv4/af_inet.c net/ipv4/sysctl_net_ipv4.c net/ipv4/tcp_ipv4.c net/ipv6/af_inet6.c net/qrtr/qrtr.c sound/usb/stream.c Change-Id: I016dabcf8f4fd90dae7083272b3465d184c07de8 |
||
|
Thomas Gleixner
|
62fda26788 |
signal: Replace BUG_ON()s
[ Upstream commit 7f8af7bac5380f2d95a63a6f19964e22437166e1 ] These really can be handled gracefully without killing the machine. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Frederic Weisbecker <frederic@kernel.org> Reviewed-by: Oleg Nesterov <oleg@redhat.com> Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org> Signed-off-by: Sasha Levin <sashal@kernel.org> (cherry picked from commit 0f9c27fbb8a52c50ff7d2659386f1f43e7fbddee) Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com> Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com> |
||
|
Haky86
|
f01fa25d84 |
Merge branch 'deprecated/android-4.14-stable' of https://android.googlesource.com/kernel/common into lineage-21.0
Change-Id: I8750f4152cf3c402ef61f9266766128541dfa05c |
||
|
Haky86
|
1a16e98230 |
Import from SM-A715F_EUR_13_Opensource
* Taken from A715FXXUADWE1 source. Change-Id: Ife88f79141085bddd4537434c451245b52ac71ad |
||
|
Greg Kroah-Hartman
|
73f6c0fdd9 |
Merge 4.14.289 into android-4.14-stable
Changes in 4.14.289 ALSA: hda - Add fixup for Dell Latitidue E5430 ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer ARM: 9213/1: Print message about disabled Spectre workarounds only once ARM: 9214/1: alignment: advance IT state after emulating Thumb instruction cgroup: Use separate src/dst nodes when preloading css_sets for migration nilfs2: fix incorrect masking of permission flags for symlinks net: dsa: bcm_sf2: force pause link settings xhci: bail out early if driver can't accress host in resume xhci: make xhci_handshake timeout for xhci_reset() adjustable ARM: 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out of idle inetpeer: Fix data-races around sysctl. net: Fix data-races around sysctl_mem. cipso: Fix data-races around sysctl. icmp: Fix data-races around sysctl. ARM: dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero icmp: Fix a data-race around sysctl_icmp_ratelimit. icmp: Fix a data-race around sysctl_icmp_ratemask. ipv4: Fix data-races around sysctl_ip_dynaddr. sfc: fix use after free when disabling sriov seg6: fix skb checksum evaluation in SRH encapsulation/insertion seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors sfc: fix kernel panic when creating VF virtio_mmio: Add missing PM calls to freeze/restore virtio_mmio: Restore guest page size on resume netfilter: br_netfilter: do not skip all hooks with 0 priority cpufreq: pmac32-cpufreq: Fix refcount leak bug platform/x86: hp-wmi: Ignore Sanitization Mode event net: tipc: fix possible refcount leak in tipc_sk_create() NFC: nxp-nci: don't print header length mismatch on i2c error net: sfp: fix memory leak in sfp_probe() ASoC: ops: Fix off by one in range control validation ASoC: wm5110: Fix DRE control irqchip: or1k-pic: Undefine mask_ack for level triggered hardware x86: Clear .brk area at early boot signal handling: don't use BUG_ON() for debugging USB: serial: ftdi_sio: add Belimo device ids usb: dwc3: gadget: Fix event pending check tty: serial: samsung_tty: set dma burst_size to 1 serial: 8250: fix return error code in serial8250_request_std_resource() mm: invalidate hwpoison page cache page in fault path can: m_can: m_can_tx_handler(): fix use after free of skb Linux 4.14.289 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I1e9b12a81151982c15f4a71b01aff2f1ad2eb7e5 |
||
|
Linus Torvalds
|
31d3649b68 |
signal handling: don't use BUG_ON() for debugging
[ Upstream commit a382f8fee42ca10c9bfce0d2352d4153f931f5dc ] These are indeed "should not happen" situations, but it turns out recent changes made the 'task_is_stopped_or_trace()' case trigger (fix for that exists, is pending more testing), and the BUG_ON() makes it unnecessarily hard to actually debug for no good reason. It's been that way for a long time, but let's make it clear: BUG_ON() is not good for debugging, and should never be used in situations where you could just say "this shouldn't happen, but we can continue". Use WARN_ON_ONCE() instead to make sure it gets logged, and then just continue running. Instead of making the system basically unusuable because you crashed the machine while potentially holding some very core locks (eg this function is commonly called while holding 'tasklist_lock' for writing). Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
cc48e333d0 |
Merge 4.14.256 into android-4.14-stable
Changes in 4.14.256
xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good delay
binder: use euid from cred instead of using task
binder: use cred instead of task for selinux checks
Input: elantench - fix misreporting trackpoint coordinates
Input: i8042 - Add quirk for Fujitsu Lifebook T725
libata: fix read log timeout value
ocfs2: fix data corruption on truncate
mmc: dw_mmc: Dont wait for DRTO on Write RSP error
parisc: Fix ptrace check on syscall return
tpm: Check for integer overflow in tpm2_map_response_body()
media: ite-cir: IR receiver stop working after receive overflow
ALSA: ua101: fix division by zero at probe
ALSA: 6fire: fix control and bulk message timeouts
ALSA: line6: fix control and interrupt message timeouts
ALSA: synth: missing check for possible NULL after the call to kstrdup
ALSA: timer: Fix use-after-free problem
ALSA: timer: Unconditionally unlink slave instances, too
x86/irq: Ensure PI wakeup handler is unregistered before module unload
cavium: Return negative value when pci_alloc_irq_vectors() fails
scsi: qla2xxx: Fix unmap of already freed sgl
cavium: Fix return values of the probe function
sfc: Don't use netif_info before net_device setup
hyperv/vmbus: include linux/bitops.h
mmc: winbond: don't build on M68K
bpf: Prevent increasing bpf_jit_limit above max
xen/netfront: stop tx queues during live migration
spi: spl022: fix Microwire full duplex mode
watchdog: Fix OMAP watchdog early handling
vmxnet3: do not stop tx queues after netif_device_detach()
btrfs: fix lost error handling when replaying directory deletes
hwmon: (pmbus/lm25066) Add offset coefficients
regulator: s5m8767: do not use reset value as DVS voltage if GPIO DVS is disabled
regulator: dt-bindings: samsung,s5m8767: correct s5m8767,pmic-buck-default-dvs-idx property
EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell
mwifiex: fix division by zero in fw download path
ath6kl: fix division by zero in send path
ath6kl: fix control-message timeout
ath10k: fix control-message timeout
ath10k: fix division by zero in send path
PCI: Mark Atheros QCA6174 to avoid bus reset
rtl8187: fix control-message timeouts
evm: mark evm_fixmode as __ro_after_init
wcn36xx: Fix HT40 capability for 2Ghz band
mwifiex: Read a PCI register after writing the TX ring write pointer
libata: fix checking of DMA state
wcn36xx: handle connection loss indication
RDMA/qedr: Fix NULL deref for query_qp on the GSI QP
signal: Remove the bogus sigkill_pending in ptrace_stop
signal/mips: Update (_save|_restore)_fp_context to fail with -EFAULT
power: supply: max17042_battery: Prevent int underflow in set_soc_threshold
power: supply: max17042_battery: use VFSOC for capacity when no rsns
powerpc/85xx: Fix oops when mpc85xx_smp_guts_ids node cannot be found
serial: core: Fix initializing and restoring termios speed
ALSA: mixer: oss: Fix racy access to slots
ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume
xen/balloon: add late_initcall_sync() for initial ballooning done
PCI: aardvark: Do not clear status bits of masked interrupts
PCI: aardvark: Do not unmask unused interrupts
PCI: aardvark: Fix return value of MSI domain .alloc() method
PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG
quota: check block number when reading the block in quota file
quota: correct error number in free_dqentry()
pinctrl: core: fix possible memory leak in pinctrl_enable()
iio: dac: ad5446: Fix ad5622_write() return value
USB: serial: keyspan: fix memleak on probe errors
USB: iowarrior: fix control-message timeouts
Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()
Bluetooth: fix use-after-free error in lock_sock_nested()
platform/x86: wmi: do not fail if disabling fails
MIPS: lantiq: dma: add small delay after reset
MIPS: lantiq: dma: reset correct number of channel
locking/lockdep: Avoid RCU-induced noinstr fail
smackfs: Fix use-after-free in netlbl_catmap_walk()
x86: Increase exception stack sizes
mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type
mwifiex: Properly initialize private structure on interface type changes
media: mt9p031: Fix corrupted frame after restarting stream
media: netup_unidvb: handle interrupt properly according to the firmware
media: uvcvideo: Set capability in s_param
media: s5p-mfc: fix possible null-pointer dereference in s5p_mfc_probe()
media: s5p-mfc: Add checking to s5p_mfc_probe().
media: mceusb: return without resubmitting URB in case of -EPROTO error.
ia64: don't do IA64_CMPXCHG_DEBUG without CONFIG_PRINTK
ACPICA: Avoid evaluating methods too early during system resume
media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte()
tracefs: Have tracefs directories not set OTH permission bits by default
ath: dfs_pattern_detector: Fix possible null-pointer dereference in channel_detector_create()
ACPI: battery: Accept charges over the design capacity as full
leaking_addresses: Always print a trailing newline
memstick: r592: Fix a UAF bug when removing the driver
lib/xz: Avoid overlapping memcpy() with invalid input with in-place decompression
lib/xz: Validate the value before assigning it to an enum variable
tracing/cfi: Fix cmp_entries_* functions signature mismatch
mwl8k: Fix use-after-free in mwl8k_fw_state_machine()
PM: hibernate: Get block device exclusively in swsusp_check()
iwlwifi: mvm: disable RX-diversity in powersave
smackfs: use __GFP_NOFAIL for smk_cipso_doi()
ARM: clang: Do not rely on lr register for stacktrace
gre/sit: Don't generate link-local addr if addr_gen_mode is IN6_ADDR_GEN_MODE_NONE
ARM: 9136/1: ARMv7-M uses BE-8, not BE-32
spi: bcm-qspi: Fix missing clk_disable_unprepare() on error in bcm_qspi_probe()
parisc: fix warning in flush_tlb_all
task_stack: Fix end_of_stack() for architectures with upwards-growing stack
parisc/kgdb: add kgdb_roundup() to make kgdb work with idle polling
cgroup: Make rebind_subsystems() disable v2 controllers all at once
media: dvb-usb: fix ununit-value in az6027_rc_query
media: mtk-vpu: Fix a resource leak in the error handling path of 'mtk_vpu_probe()'
media: si470x: Avoid card name truncation
media: cx23885: Fix snd_card_free call on null card pointer
cpuidle: Fix kobject memory leaks in error paths
ath9k: Fix potential interrupt storm on queue reset
crypto: qat - detect PFVF collision after ACK
crypto: qat - disregard spurious PFVF interrupts
hwrng: mtk - Force runtime pm ops for sleep ops
b43legacy: fix a lower bounds test
b43: fix a lower bounds test
memstick: avoid out-of-range warning
memstick: jmb38x_ms: use appropriate free function in jmb38x_ms_alloc_host()
hwmon: Fix possible memleak in __hwmon_device_register()
ath10k: fix max antenna gain unit
drm/msm: uninitialized variable in msm_gem_import()
net: stream: don't purge sk_error_queue in sk_stream_kill_queues()
mmc: mxs-mmc: disable regulator on error and in the remove function
platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning
mwifiex: Send DELBA requests according to spec
phy: micrel: ksz8041nl: do not use power down mode
PM: hibernate: fix sparse warnings
smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi
s390/gmap: don't unconditionally call pte_unmap_unlock() in __gmap_zap()
irq: mips: avoid nested irq_enter()
samples/kretprobes: Fix return value if register_kretprobe() failed
libertas_tf: Fix possible memory leak in probe and disconnect
libertas: Fix possible memory leak in probe and disconnect
net: amd-xgbe: Toggle PLL settings during rate change
net: phylink: avoid mvneta warning when setting pause parameters
crypto: pcrypt - Delay write to padata->info
ibmvnic: Process crqs after enabling interrupts
RDMA/rxe: Fix wrong port_cap_flags
ARM: s3c: irq-s3c24xx: Fix return value check for s3c24xx_init_intc()
ARM: dts: at91: tse850: the emac<->phy interface is rmii
scsi: dc395: Fix error case unwinding
MIPS: loongson64: make CPU_LOONGSON64 depends on MIPS_FP_SUPPORT
JFS: fix memleak in jfs_mount
ALSA: hda: Reduce udelay() at SKL+ position reporting
arm: dts: omap3-gta04a4: accelerometer irq fix
soc/tegra: Fix an error handling path in tegra_powergate_power_up()
memory: fsl_ifc: fix leak of irq and nand_irq in fsl_ifc_ctrl_probe
video: fbdev: chipsfb: use memset_io() instead of memset()
serial: 8250_dw: Drop wrong use of ACPI_PTR()
usb: gadget: hid: fix error code in do_config()
power: supply: rt5033_battery: Change voltage values to µV
scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn()
RDMA/mlx4: Return missed an error if device doesn't support steering
ASoC: cs42l42: Correct some register default values
ASoC: cs42l42: Defer probe if request_threaded_irq() returns EPROBE_DEFER
serial: xilinx_uartps: Fix race condition causing stuck TX
mips: cm: Convert to bitfield API to fix out-of-bounds access
power: supply: bq27xxx: Fix kernel crash on IRQ handler register error
apparmor: fix error check
rpmsg: Fix rpmsg_create_ept return when RPMSG config is not defined
pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds
drm/plane-helper: fix uninitialized variable reference
PCI: aardvark: Don't spam about PIO Response Status
NFS: Fix deadlocks in nfs_scan_commit_list()
fs: orangefs: fix error return code of orangefs_revalidate_lookup()
mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare()
dmaengine: at_xdmac: fix AT_XDMAC_CC_PERID() macro
auxdisplay: img-ascii-lcd: Fix lock-up when displaying empty string
auxdisplay: ht16k33: Connect backlight to fbdev
auxdisplay: ht16k33: Fix frame buffer device blanking
netfilter: nfnetlink_queue: fix OOB when mac header was cleared
dmaengine: dmaengine_desc_callback_valid(): Check for `callback_result`
m68k: set a default value for MEMORY_RESERVE
watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT
ar7: fix kernel builds for compiler test
scsi: qla2xxx: Turn off target reset during issue_lip
i2c: xlr: Fix a resource leak in the error handling path of 'xlr_i2c_probe()'
xen-pciback: Fix return in pm_ctrl_init()
net: davinci_emac: Fix interrupt pacing disable
ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses
bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed
mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and zs_unregister_migration()
llc: fix out-of-bound array index in llc_sk_dev_hash()
nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails
vsock: prevent unnecessary refcnt inc for nonblocking connect
USB: chipidea: fix interrupt deadlock
ARM: 9155/1: fix early early_iounmap()
ARM: 9156/1: drop cc-option fallbacks for architecture selection
powerpc/lib: Add helper to check if offset is within conditional branch range
powerpc/bpf: Validate branch ranges
powerpc/bpf: Fix BPF_SUB when imm == 0x80000000
mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks
mm, oom: do not trigger out_of_memory from the #PF
s390/cio: check the subchannel validity for dev_busid
PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros
ext4: fix lazy initialization next schedule time computation in more granular unit
tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT
parisc/entry: fix trace test in syscall exit path
PCI/MSI: Destroy sysfs before freeing entries
arm64: zynqmp: Fix serial compatible string
scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()
usb: musb: tusb6010: check return value after calling platform_get_resource()
scsi: advansys: Fix kernel pointer leak
ARM: dts: omap: fix gpmc,mux-add-data type
usb: host: ohci-tmio: check return value after calling platform_get_resource()
tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
MIPS: sni: Fix the build
scsi: target: Fix ordered tag handling
scsi: target: Fix alua_tg_pt_gps_count tracking
powerpc/5200: dts: fix memory node unit name
ALSA: gus: fix null pointer dereference on pointer block
powerpc/dcr: Use cmplwi instead of 3-argument cmpli
sh: check return code of request_irq
maple: fix wrong return value of maple_bus_init().
sh: fix kconfig unmet dependency warning for FRAME_POINTER
sh: define __BIG_ENDIAN for math-emu
mips: BCM63XX: ensure that CPU_SUPPORTS_32BIT_KERNEL is set
sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain()
net: bnx2x: fix variable dereferenced before check
iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset
MIPS: generic/yamon-dt: fix uninitialized variable error
mips: bcm63xx: add support for clk_get_parent()
mips: lantiq: add support for clk_get_parent()
platform/x86: hp_accel: Fix an error handling path in 'lis3lv02d_probe()'
net: virtio_net_hdr_to_skb: count transport header in UFO
i40e: Fix NULL ptr dereference on VSI filter sync
NFC: reorganize the functions in nci_request
NFC: reorder the logic in nfc_{un,}register_device
perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake Server
perf/x86/intel/uncore: Fix IIO event constraints for Skylake Server
tun: fix bonding active backup with arp monitoring
hexagon: export raw I/O routines for modules
mm: kmemleak: slob: respect SLAB_NOLEAKTRACE flag
btrfs: fix memory ordering between normal and ordered work functions
parisc/sticon: fix reverse colors
cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
drm/udl: fix control-message timeout
drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga and dvi connectors
perf/core: Avoid put_page() when GUP fails
batman-adv: mcast: fix duplicate mcast packets in BLA backbone from LAN
batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh
batman-adv: Consider fragmentation for needed_headroom
batman-adv: Reserve needed_*room for fragments
batman-adv: Don't always reallocate the fragmentation skb head
RDMA/netlink: Add __maybe_unused to static inline in C file
ASoC: DAPM: Cover regression by kctl change notification fix
usb: max-3421: Use driver data instead of maintaining a list of bound devices
soc/tegra: pmc: Fix imbalanced clock disabling in error code path
Linux 4.14.256
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I32f0b43f5aa192eda1aa3a220a2f348ade0536d2
|
||
|
Eric W. Biederman
|
7229d22497 |
signal: Remove the bogus sigkill_pending in ptrace_stop
commit 7d613f9f72ec8f90ddefcae038fdae5adb8404b3 upstream. The existence of sigkill_pending is a little silly as it is functionally a duplicate of fatal_signal_pending that is used in exactly one place. Checking for pending fatal signals and returning early in ptrace_stop is actively harmful. It casues the ptrace_stop called by ptrace_signal to return early before setting current->exit_code. Later when ptrace_signal reads the signal number from current->exit_code is undefined, making it unpredictable what will happen. Instead rely on the fact that schedule will not sleep if there is a pending signal that can awaken a task. Removing the explict sigkill_pending test fixes fixes ptrace_signal when ptrace_stop does not stop because current->exit_code is always set to to signr. Cc: stable@vger.kernel.org Fixes: |
||
|
Srinivasarao P
|
90bb7a2b24 |
Merge android-4.14-stable.180 (816f245) into msm-4.14
* refs/heads/tmp-816f245:
Revert "clk: qcom: rcg2: Don't crash if our parent can't be found; return an error"
Reverting crypto patches
Reverting incremental fs changes
Linux 4.14.180
cgroup, netclassid: remove double cond_resched
mac80211: add ieee80211_is_any_nullfunc()
ALSA: hda: Match both PCI ID and SSID for driver blacklist
tracing: Reverse the order of trace_types_lock and event_mutex
sctp: Fix SHUTDOWN CTSN Ack in the peer restart case
net: systemport: suppress warnings on failed Rx SKB allocations
net: bcmgenet: suppress warnings on failed Rx SKB allocations
lib/mpi: Fix building for powerpc with clang
net: dsa: b53: Rework ARL bin logic
scripts/config: allow colons in option strings for sed
s390/ftrace: fix potential crashes when switching tracers
cifs: protect updating server->dstaddr with a spinlock
net: stmmac: Fix sub-second increment
net: stmmac: fix enabling socfpga's ptp_ref_clock
wimax/i2400m: Fix potential urb refcnt leak
ASoC: codecs: hdac_hdmi: Fix incorrect use of list_for_each_entry
ASoC: rsnd: Fix HDMI channel mapping for multi-SSI mode
ASoC: sgtl5000: Fix VAG power-on handling
selftests/ipc: Fix test failure seen after initial test run
ASoC: topology: Check return value of pcm_new_ver
powerpc/pci/of: Parse unassigned resources
vhost: vsock: kick send_pkt worker once device is started
ANDROID: arm64: fix a mismerge in proc.S
Linux 4.14.179
selinux: properly handle multiple messages in selinux_netlink_send()
dmaengine: dmatest: Fix iteration non-stop logic
nfs: Fix potential posix_acl refcnt leak in nfs3_set_acl
ALSA: opti9xx: shut up gcc-10 range warning
iommu/amd: Fix legacy interrupt remapping for x2APIC-enabled system
scsi: target/iblock: fix WRITE SAME zeroing
iommu/qcom: Fix local_base status check
vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn()
vfio: avoid possible overflow in vfio_iommu_type1_pin_pages
RDMA/mlx4: Initialize ib_spec on the stack
RDMA/mlx5: Set GRH fields in query QP on RoCE
dm verity fec: fix hash block number in verity_fec_decode
PM: hibernate: Freeze kernel threads in software_resume()
PM: ACPI: Output correct message on target power state
ALSA: pcm: oss: Place the plugin buffer overflow checks correctly
ALSA: hda/hdmi: fix without unlocked before return
ALSA: hda/realtek - Two front mics on a Lenovo ThinkCenter
mmc: sdhci-pci: Fix eMMC driver strength for BYT-based controllers
mmc: sdhci-xenon: fix annoying 1.8V regulator warning
btrfs: fix partial loss of prealloc extent past i_size after fsync
btrfs: fix block group leak when removing fails
drm/qxl: qxl_release use after free
drm/qxl: qxl_release leak in qxl_hw_surface_alloc()
drm/qxl: qxl_release leak in qxl_draw_dirty_fb()
drm/edid: Fix off-by-one in DispID DTD pixel clock
ext4: fix special inode number checks in __ext4_iget()
ANDROID: Incremental fs: Fix issues with very large files
Linux 4.14.178
propagate_one(): mnt_set_mountpoint() needs mount_lock
ext4: check for non-zero journal inum in ext4_calculate_overhead
qed: Fix use after free in qed_chain_free
ext4: unsigned int compared against zero
ext4: fix block validity checks for journal inodes using indirect blocks
ext4: don't perform block validity checks on the journal inode
ext4: protect journal inode's blocks using block_validity
ext4: avoid declaring fs inconsistent due to invalid file handles
hwmon: (jc42) Fix name to have no illegal characters
ext4: convert BUG_ON's to WARN_ON's in mballoc.c
ext4: increase wait time needed before reuse of deleted inode numbers
ext4: use matching invalidatepage in ext4_writepage
arm64: Delete the space separator in __emit_inst
xen/xenbus: ensure xenbus_map_ring_valloc() returns proper grant status
objtool: Support Clang non-section symbols in ORC dump
objtool: Fix CONFIG_UBSAN_TRAP unreachable warnings
scsi: target: fix PR IN / READ FULL STATUS for FC
xfs: fix partially uninitialized structure in xfs_reflink_remap_extent
x86: hyperv: report value of misc_features
bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B
mm: shmem: disable interrupt when acquiring info->lock in userfaultfd_copy path
perf/core: fix parent pid/tid in task exit events
ARM: dts: bcm283x: Disable dsi0 node
net/cxgb4: Check the return from t4_query_params properly
i2c: altera: use proper variable to hold errno
nfsd: memory corruption in nfsd4_lock()
iio:ad7797: Use correct attribute_group
usb: gadget: udc: bdc: Remove unnecessary NULL checks in bdc_req_complete
usb: dwc3: gadget: Do link recovery for SS and SSP
binder: take read mode of mmap_sem in binder_alloc_free_page()
include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for swap
mtd: cfi: fix deadloop in cfi_cmdset_0002.c do_write_buffer
remoteproc: Fix wrong rvring index computation
xfs: Fix deadlock between AGI and AGF with RENAME_WHITEOUT
xfs: validate sb_logsunit is a multiple of the fs blocksize
serial: sh-sci: Make sure status register SCxSR is read in correct sequence
usb: f_fs: Clear OS Extended descriptor counts to zero in ffs_data_reset()
UAS: fix deadlock in error handling and PM flushing work
UAS: no use logging any details in case of ENODEV
cdc-acm: introduce a cool down
cdc-acm: close race betrween suspend() and acm_softint
staging: vt6656: Power save stop wake_up_count wrap around.
staging: vt6656: Fix pairwise key entry save.
staging: vt6656: Fix drivers TBTT timing counter.
staging: vt6656: Fix calling conditions of vnt_set_bss_mode
staging: vt6656: Don't set RCR_MULTICAST or RCR_BROADCAST by default.
vt: don't hardcode the mem allocation upper bound
staging: comedi: Fix comedi_device refcnt leak in comedi_open
staging: comedi: dt2815: fix writing hi byte of analog output
powerpc/setup_64: Set cache-line-size based on cache-block-size
ARM: imx: provide v7_cpu_resume() only on ARM_CPU_SUSPEND=y
iwlwifi: pcie: actually release queue memory in TVQM
ASoC: dapm: fixup dapm kcontrol widget
audit: check the length of userspace generated audit records
usb-storage: Add unusual_devs entry for JMicron JMS566
tty: rocket, avoid OOB access
tty: hvc: fix buffer overflow during hvc_alloc().
KVM: VMX: Enable machine check support for 32bit targets
KVM: Check validity of resolved slot when searching memslots
tpm: ibmvtpm: retry on H_CLOSED in tpm_ibmvtpm_send()
tpm/tpm_tis: Free IRQ if probing fails
ALSA: usb-audio: Filter out unsupported sample rates on Focusrite devices
ALSA: usb-audio: Fix usb audio refcnt leak when getting spdif
ALSA: hda/realtek - Add new codec supported for ALC245
ALSA: usx2y: Fix potential NULL dereference
tools/vm: fix cross-compile build
mm/ksm: fix NULL pointer dereference when KSM zero page is enabled
mm/hugetlb: fix a addressing exception caused by huge_pte_offset
vmalloc: fix remap_vmalloc_range() bounds checks
overflow.h: Add arithmetic shift helper
USB: hub: Fix handling of connect changes during sleep
USB: core: Fix free-while-in-use bug in the USB S-Glibrary
USB: early: Handle AMD's spec-compliant identifiers, too
USB: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair K70 RGB RAPIDFIRE
USB: sisusbvga: Change port variable from signed to unsigned
fs/namespace.c: fix mountpoint reference counter race
iio: xilinx-xadc: Fix sequencer configuration for aux channels in simultaneous mode
iio: xilinx-xadc: Fix clearing interrupt when enabling trigger
iio: xilinx-xadc: Fix ADC-B powerdown
iio: adc: stm32-adc: fix sleep in atomic context
ALSA: hda: Remove ASUS ROG Zenith from the blacklist
KEYS: Avoid false positive ENOMEM error on key read
vrf: Check skb for XFRM_TRANSFORMED flag
xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish
net: dsa: b53: Fix ARL register definitions
team: fix hang in team_mode_get()
tcp: cache line align MAX_TCP_HEADER
net/x25: Fix x25_neigh refcnt leak when receiving frame
net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node
net: bcmgenet: correct per TX/RX ring statistics
macvlan: fix null dereference in macvlan_device_event()
macsec: avoid to set wrong mtu
ipv6: fix restrict IPV6_ADDRFORM operation
cxgb4: fix large delays in PTP synchronization
mm, slub: restore the original intention of prefetch_freepointer()
PCI/ASPM: Allow re-enabling Clock PM
perf/core: Disable page faults when getting phys address
pwm: bcm2835: Dynamically allocate base
pwm: renesas-tpu: Fix late Runtime PM enablement
s390/cio: avoid duplicated 'ADD' uevents
ipc/util.c: sysvipc_find_ipc() should increase position index
selftests: kmod: fix handling test numbers above 9
kernel/gcov/fs.c: gcov_seq_next() should increase position index
ASoC: Intel: atom: Take the drv->lock mutex before calling sst_send_slot_map()
scsi: iscsi: Report unbind session event when the target has been removed
pwm: rcar: Fix late Runtime PM enablement
ceph: don't skip updating wanted caps when cap is stale
ceph: return ceph_mdsc_do_request() errors from __get_parent()
scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login
watchdog: reset last_hw_keepalive time at start
vti4: removed duplicate log message.
crypto: mxs-dcp - make symbols 'sha1_null_hash' and 'sha256_null_hash' static
drm/msm: Use the correct dma_sync calls harder
keys: Fix the use of the C++ keyword "private" in uapi/linux/keyctl.h
net: ipv4: avoid unused variable warning for sysctl
net: ipv4: emulate READ_ONCE() on ->hdrincl bit-field in raw_sendmsg()
ext4: fix extent_status fragmentation for plain files
FROMGIT: f2fs: fix missing check for f2fs_unlock_op
ANDROID: Fix kernel build regressions from virtio-gpu-next patches
ANDROID: Incremental fs: Add setattr call
ANDROID: cuttlefish_defconfig: enable LTO and CFI
ANDROID: x86: map CFI jump tables in pti_clone_entry_text
ANDROID: crypto: aesni: fix function types for aesni_(enc|dec)
ANDROID: x86: disable CFI for do_syscall_*
ANDROID: BACKPORT: x86, module: Ignore __typeid__ relocations
ANDROID: BACKPORT: x86, relocs: Ignore __typeid__ relocations
ANDROID: BACKPORT: x86/extable: Do not mark exception callback as CFI
FROMLIST: crypto, x86/sha: Eliminate casts on asm implementations
UPSTREAM: crypto: x86 - Rename functions to avoid conflict with crypto/sha256.h
BACKPORT: x86/vmlinux: Actually use _etext for the end of the text segment
ANDROID: x86: disable STACK_VALIDATION with LTO_CLANG
ANDROID: x86: add support for CONFIG_LTO_CLANG
ANDROID: x86/vdso: disable LTO only for VDSO
ANDROID: x86/cpu/vmware: use the full form of inl in VMWARE_PORT
UPSTREAM: x86/build/lto: Fix truncated .bss with -fdata-sections
ANDROID: kbuild: don't select LD_DEAD_CODE_DATA_ELIMINATION with LTO
ANDROID: kbuild: export LTO and CFI flags
ANDROID: cfi: remove unnecessary <asm/memory.h> include
ANDROID: drm/virtio: rebase to latest virgl/drm-misc-next (take 2)
UPSTREAM: sysrq: Use panic() to force a crash
ANDROID: Incremental fs: Use simple compression in log buffer
ANDROID: dm-bow: Fix not to skip trim at framented range
ANDROID: Remove VLA from uid_sys_stats.c
ANDROID: cuttlefish_defconfig: enable CONFIG_DEBUG_LIST
Linux 4.14.177
KEYS: Don't write out to userspace while holding key semaphore
KEYS: Use individual pages in big_key for crypto buffers
mtd: phram: fix a double free issue in error path
mtd: lpddr: Fix a double free in probe()
locktorture: Print ratio of acquisitions, not failures
tty: evh_bytechan: Fix out of bounds accesses
fbdev: potential information leak in do_fb_ioctl()
net: dsa: bcm_sf2: Fix overflow checks
iommu/amd: Fix the configuration of GCR3 table root pointer
libnvdimm: Out of bounds read in __nd_ioctl()
ext2: fix debug reference to ext2_xattr_cache
ext2: fix empty body warnings when -Wextra is used
iommu/vt-d: Fix mm reference leak
NFS: Fix memory leaks in nfs_pageio_stop_mirroring()
drm/amdkfd: kfree the wrong pointer
x86: ACPI: fix CPU hotplug deadlock
KVM: s390: vsie: Fix possible race when shadowing region 3 tables
compiler.h: fix error in BUILD_BUG_ON() reporting
percpu_counter: fix a data race at vm_committed_as
include/linux/swapops.h: correct guards for non_swap_entry()
ext4: do not commit super on read-only bdev
powerpc/maple: Fix declaration made after definition
s390/cpuinfo: fix wrong output when CPU0 is offline
NFS: direct.c: Fix memory leak of dreq when nfs_get_lock_context fails
NFSv4/pnfs: Return valid stateids in nfs_layout_find_inode_by_stateid()
rtc: 88pm860x: fix possible race condition
soc: imx: gpc: fix power up sequencing
clk: tegra: Fix Tegra PMC clock out parents
power: supply: bq27xxx_battery: Silence deferred-probe error
clk: at91: usb: continue if clk_hw_round_rate() return zero
of: unittest: kmemleak in of_unittest_platform_populate()
rbd: call rbd_dev_unprobe() after unwatching and flushing notifies
rbd: avoid a deadlock on header_rwsem when flushing notifies
of: fix missing kobject init for !SYSFS && OF_DYNAMIC config
soc: qcom: smem: Use le32_to_cpu for comparison
wil6210: abort properly in cfg suspend
wil6210: fix length check in __wmi_send
wil6210: add block size checks during FW load
wil6210: fix PCIe bus mastering in case of interface down
rpmsg: glink: smem: Ensure ordering during tx
rpmsg: glink: Fix missing mutex_init() in qcom_glink_alloc_channel()
rtc: pm8xxx: Fix issue in RTC write path
rpmsg: glink: use put_device() if device_register fail
wil6210: rate limit wil_rx_refill error
scsi: ufs: ufs-qcom: remove broken hci version quirk
scsi: ufs: make sure all interrupts are processed
wil6210: fix temperature debugfs
wil6210: increase firmware ready timeout
arch_topology: Fix section miss match warning due to free_raw_capacity()
arm64: traps: Don't print stack or raw PC/LR values in backtraces
arm64: perf: remove unsupported events for Cortex-A73
Revert "gpio: set up initial state from .get_direction()"
clk: Fix debugfs_create_*() usage
drm: NULL pointer dereference [null-pointer-deref] (CWE 476) problem
video: fbdev: sis: Remove unnecessary parentheses and commented code
lib/raid6: use vdupq_n_u8 to avoid endianness warnings
ALSA: hda: Don't release card at firmware loading error
irqchip/mbigen: Free msi_desc on device teardown
netfilter: nf_tables: report EOPNOTSUPP on unsupported flags/object type
arm, bpf: Fix bugs with ALU64 {RSH, ARSH} BPF_K shift by 0
ext4: use non-movable memory for superblock readahead
scsi: sg: add sg_remove_request in sg_common_write
objtool: Fix switch table detection in .text.unlikely
mm/vmalloc.c: move 'area->pages' after if statement
x86/resctrl: Fix invalid attempt at removing the default resource group
x86/resctrl: Preserve CDP enable over CPU hotplug
x86/intel_rdt: Enable L2 CDP in MSR IA32_L2_QOS_CFG
x86/intel_rdt: Add two new resources for L2 Code and Data Prioritization (CDP)
x86/intel_rdt: Enumerate L2 Code and Data Prioritization (CDP) feature
x86/microcode/AMD: Increase microcode PATCH_MAX_SIZE
scsi: target: fix hang when multiple threads try to destroy the same iscsi session
scsi: target: remove boilerplate code
kvm: x86: Host feature SSBD doesn't imply guest feature SPEC_CTRL_SSBD
dm flakey: check for null arg_name in parse_features()
ext4: do not zeroout extents beyond i_disksize
mac80211_hwsim: Use kstrndup() in place of kasprintf()
btrfs: check commit root generation in should_ignore_root
tracing: Fix the race between registering 'snapshot' event trigger and triggering 'snapshot' operation
ALSA: usb-audio: Don't override ignore_ctl_error value from the map
ASoC: Intel: mrfld: return error codes when an error occurs
ASoC: Intel: mrfld: fix incorrect check on p->sink
ext4: fix incorrect inodes per group in error message
ext4: fix incorrect group count in ext4_fill_super error message
pwm: pca9685: Fix PWM/GPIO inter-operation
jbd2: improve comments about freeing data buffers whose page mapping is NULL
scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic
net: stmmac: dwmac-sunxi: Provide TX and RX fifo sizes
net: revert default NAPI poll timeout to 2 jiffies
net: qrtr: send msgs from local of same id as broadcast
net: ipv6: do not consider routes via gateways for anycast address check
net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin
hsr: check protocol version in hsr_newlink()
amd-xgbe: Use __napi_schedule() in BH context
mfd: dln2: Fix sanity checking for endpoints
misc: echo: Remove unnecessary parentheses and simplify check for zero
powerpc/fsl_booke: Avoid creating duplicate tlb1 entry
ipmi: fix hung processes in __get_guid()
ftrace/kprobe: Show the maxactive number on kprobe_events
drm: Remove PageReserved manipulation from drm_pci_alloc
drm/dp_mst: Fix clearing payload state on topology disable
crypto: caam - update xts sector size for large input length
dm zoned: remove duplicate nr_rnd_zones increase in dmz_init_zone()
btrfs: use nofs allocations for running delayed items
Btrfs: fix crash during unmount due to race with delayed inode workers
powerpc: Make setjmp/longjmp signature standard
powerpc: Add attributes for setjmp/longjmp
scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug
powerpc/kprobes: Ignore traps that happened in real mode
powerpc/xive: Use XIVE_BAD_IRQ instead of zero to catch non configured IPIs
powerpc/hash64/devmap: Use H_PAGE_THP_HUGE when setting up huge devmap PTE entries
powerpc/64/tm: Don't let userspace set regs->trap via sigreturn
powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle
libata: Return correct status in sata_pmp_eh_recover_pm() when ATA_DFLAG_DETACH is set
hfsplus: fix crash and filesystem corruption when deleting files
cpufreq: powernv: Fix use-after-free
kmod: make request_module() return an error when autoloading is disabled
Input: i8042 - add Acer Aspire 5738z to nomux list
s390/diag: fix display of diagnose call statistics
perf tools: Support Python 3.8+ in Makefile
ocfs2: no need try to truncate file beyond i_size
fs/filesystems.c: downgrade user-reachable WARN_ONCE() to pr_warn_once()
ext4: fix a data race at inode->i_blocks
NFS: Fix a page leak in nfs_destroy_unlinked_subrequests()
rtc: omap: Use define directive for PIN_CONFIG_ACTIVE_HIGH
arm64: armv8_deprecated: Fix undef_hook mask for thumb setend
scsi: zfcp: fix missing erp_lock in port recovery trigger for point-to-point
dm verity fec: fix memory leak in verity_fec_dtr
mm: Use fixed constant in page_frag_alloc instead of size + 1
tools: gpio: Fix out-of-tree build regression
x86/speculation: Remove redundant arch_smt_update() invocation
powerpc/pseries: Drop pointless static qualifier in vpa_debugfs_init()
net: rtnl_configure_link: fix dev flags changes arg to __dev_notify_flags
ALSA: hda: Initialize power_state field properly
crypto: mxs-dcp - fix scatterlist linearization for hash
btrfs: drop block from cache on error in relocation
CIFS: Fix bug which the return value by asynchronous read is error
KVM: VMX: fix crash cleanup when KVM wasn't used
KVM: VMX: Always VMCLEAR in-use VMCSes during crash with kexec support
KVM: x86: Allocate new rmap and large page tracking when moving memslot
KVM: s390: vsie: Fix delivery of addressing exceptions
KVM: s390: vsie: Fix region 1 ASCE sanity shadow address checks
KVM: nVMX: Properly handle userspace interrupt window request
x86/entry/32: Add missing ASM_CLAC to general_protection entry
signal: Extend exec_id to 64bits
ath9k: Handle txpower changes even when TPC is disabled
MIPS: OCTEON: irq: Fix potential NULL pointer dereference
irqchip/versatile-fpga: Apply clear-mask earlier
KEYS: reaching the keys quotas correctly
PCI: endpoint: Fix for concurrent memory allocation in OB address region
PCI/ASPM: Clear the correct bits when enabling L1 substates
nvme-fc: Revert "add module to ops template to allow module references"
thermal: devfreq_cooling: inline all stubs for CONFIG_DEVFREQ_THERMAL=n
acpi/x86: ignore unspecified bit positions in the ACPI global lock field
media: ti-vpe: cal: fix disable_irqs to only the intended target
ALSA: hda/realtek - Set principled PC Beep configuration for ALC256
ALSA: doc: Document PC Beep Hidden Register on Realtek ALC256
ALSA: pcm: oss: Fix regression by buffer overflow fix
ALSA: ice1724: Fix invalid access for enumerated ctl items
ALSA: hda: Fix potential access overflow in beep helper
ALSA: hda: Add driver blacklist
ALSA: usb-audio: Add mixer workaround for TRX40 and co
usb: gadget: composite: Inform controller driver of self-powered
usb: gadget: f_fs: Fix use after free issue as part of queue failure
ASoC: topology: use name_prefix for new kcontrol
ASoC: dpcm: allow start or stop during pause for backend
ASoC: dapm: connect virtual mux with default value
ASoC: fix regwmask
slub: improve bit diffusion for freelist ptr obfuscation
misc: rtsx: set correct pcr_ops for rts522A
uapi: rename ext2_swab() to swab() and share globally in swab.h
btrfs: track reloc roots based on their commit root bytenr
btrfs: remove a BUG_ON() from merge_reloc_roots()
block, bfq: fix use-after-free in bfq_idle_slice_timer_body
locking/lockdep: Avoid recursion in lockdep_count_{for,back}ward_deps()
irqchip/gic-v4: Provide irq_retrigger to avoid circular locking dependency
usb: dwc3: core: add support for disabling SS instances in park mode
block: Fix use-after-free issue accessing struct io_cq
genirq/irqdomain: Check pointer in irq_domain_alloc_irqs_hierarchy()
efi/x86: Ignore the memory attributes table on i386
x86/boot: Use unsigned comparison for addresses
gfs2: Don't demote a glock until its revokes are written
libata: Remove extra scsi_host_put() in ata_scsi_add_hosts()
PCI/switchtec: Fix init_completion race condition with poll_wait()
selftests/x86/ptrace_syscall_32: Fix no-vDSO segfault
sched: Avoid scale real weight down to zero
irqchip/versatile-fpga: Handle chained IRQs properly
block: keep bdi->io_pages in sync with max_sectors_kb for stacked devices
x86: Don't let pgprot_modify() change the page encryption bit
null_blk: fix spurious IO errors after failed past-wp access
null_blk: Handle null_add_dev() failures properly
null_blk: Fix the null_add_dev() error path
i2c: st: fix missing struct parameter description
qlcnic: Fix bad kzalloc null test
cxgb4/ptp: pass the sign of offset delta in FW CMD
hinic: fix wrong para of wait_for_completion_timeout
hinic: fix a bug of waitting for IO stopped
net: vxge: fix wrong __VA_ARGS__ usage
bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads
ANDROID: fix wakeup reason findings
UPSTREAM: gpu/trace: add a gpu total memory usage tracepoint
CHROMIUM: drm/virtio: rebase zero-copy patches to virgl/drm-misc-next
CHROMIUM: virtio-gpu: add VIRTIO_GPU_F_RESOURCE_UUID feature
CHROMIUM: drm/virtgpu: add legacy VIRTIO_GPU_* values for non-upstream variants
CHROMIUM: drm/virtgpu: fix various warnings
CHROMIUM: drm/virtgpu: implement metadata allocation ioctl
CHROMIUM: drm/virtgpu: introduce request IDRs
CHROMIUM: drm/virtgpu: implement DRM_VIRTGPU_RESOURCE_CREATE_V2
CHROMIUM: drm/virtgpu: add stub ioctl implementation
CHROMIUM: drm/virtgpu: check for revelant capabilites
CHROMIUM: drm/virtgpu: add memory type to virtio_gpu_object_params
CHROMIUM: drm/virtgpu: make memory and resource creation opaque
CHROMIUM: virtio-gpu api: VIRTIO_GPU_F_MEMORY
CHROMIUM: virtwl: store plane info per virtio_gpu_object
CHROMIUM: drm/virtgpu: expose new ioctls to userspace
BACKPORT: drm/virtio: move virtio_gpu_object_{attach, detach} calls.
ANDROID: drm: ttm: Add ttm_tt_create2 driver hook
UPSTREAM: virtio-gpu api: comment feature flags
UPSTREAM: drm/virtio: module_param_named() requires linux/moduleparam.h
BACKPORT: drm/virtio: fix resource id creation race
BACKPORT: drm/virtio: make resource id workaround runtime switchable.
BACKPORT: drm/virtio: do NOT reuse resource ids
BACKPORT: drm/virtio: Drop deprecated load/unload initialization
f2fs: fix quota_sync failure due to f2fs_lock_op
f2fs: support read iostat
f2fs: Fix the accounting of dcc->undiscard_blks
f2fs: fix to handle error path of f2fs_ra_meta_pages()
f2fs: report the discard cmd errors properly
f2fs: fix long latency due to discard during umount
f2fs: add tracepoint for f2fs iostat
f2fs: introduce sysfs/data_io_flag to attach REQ_META/FUA
UPSTREAM: kheaders: include only headers into kheaders_data.tar.xz
UPSTREAM: kheaders: remove meaningless -R option of 'ls'
ANDROID: Incremental fs: Fix create_file performance
ANDROID: Incremental fs: Fix compound page usercopy crash
ANDROID: Incremental fs: Clean up incfs_test build process
ANDROID: Incremental fs: make remount log buffer change atomic
ANDROID: Incremental fs: Optimize get_filled_block
ANDROID: Incremental fs: Fix mislabeled __user ptrs
ANDROID: Incremental fs: Use 64-bit int for file_size when writing hash blocks
Revert "ANDROID: Incremental fs: Fix initialization, use of bitfields"
Linux 4.14.176
drm/msm: Use the correct dma_sync calls in msm_gem
rpmsg: glink: smem: Support rx peak for size less than 4 bytes
drm_dp_mst_topology: fix broken drm_dp_sideband_parse_remote_dpcd_read()
usb: dwc3: don't set gadget->is_otg flag
rpmsg: glink: Remove chunk size word align warning
arm64: Fix size of __early_cpu_boot_status
drm/msm: stop abusing dma_map/unmap for cache
clk: qcom: rcg: Return failure for RCG update
acpi/nfit: Fix bus command validation
fbcon: fix null-ptr-deref in fbcon_switch
RDMA/cm: Update num_paths in cma_resolve_iboe_route error flow
Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
ceph: canonicalize server path in place
ceph: remove the extra slashes in the server path
IB/hfi1: Fix memory leaks in sysfs registration and unregistration
IB/hfi1: Call kobject_put() when kobject_init_and_add() fails
ASoC: jz4740-i2s: Fix divider written at incorrect offset in register
hwrng: imx-rngc - fix an error path
tools/accounting/getdelays.c: fix netlink attribute length
random: always use batched entropy for get_random_u{32,64}
mlxsw: spectrum_flower: Do not stop at FLOW_ACTION_VLAN_MANGLE
slcan: Don't transmit uninitialized stack data in padding
net: stmmac: dwmac1000: fix out-of-bounds mac address reg setting
net: phy: micrel: kszphy_resume(): add delay after genphy_resume() before accessing PHY registers
net: dsa: bcm_sf2: Ensure correct sub-node is parsed
ipv6: don't auto-add link-local address to lag ports
mm: mempolicy: require at least one nodeid for MPOL_PREFERRED
padata: always acquire cpu_hotplug_lock before pinst->lock
coresight: do not use the BIT() macro in the UAPI header
misc: pci_endpoint_test: Fix to support > 10 pci-endpoint-test devices
blk-mq: Allow blocking queue tag iter callbacks
blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter
drm/etnaviv: replace MMU flush marker with flush sequence
tools/power turbostat: Fix gcc build warnings
initramfs: restore default compression behavior
drm/bochs: downgrade pci_request_region failure from error to warning
sctp: fix possibly using a bad saddr with a given dst
sctp: fix refcount bug in sctp_wfree
net, ip_tunnel: fix interface lookup with no key
ipv4: fix a RCU-list lock in fib_triestat_seq_show
ANDROID: power: wakeup_reason: wake reason enhancements
ubifs: wire up FS_IOC_GET_ENCRYPTION_NONCE
f2fs: wire up FS_IOC_GET_ENCRYPTION_NONCE
ext4: wire up FS_IOC_GET_ENCRYPTION_NONCE
fscrypt: add FS_IOC_GET_ENCRYPTION_NONCE ioctl
FROMLIST: power_supply: Add additional health properties to the header
UPSTREAM: power: supply: core: Update sysfs-class-power ABI document
BACKPORT: FROMGIT: kbuild: mkcompile_h: Include $LD version in /proc/version
ANDROID: fscrypt: fall back to filesystem-layer crypto when needed
ANDROID: block: require drivers to declare supported crypto key type(s)
ANDROID: block: make blk_crypto_start_using_mode() properly check for support
f2fs: keep inline_data when compression conversion
f2fs: fix to disable compression on directory
f2fs: add missing CONFIG_F2FS_FS_COMPRESSION
f2fs: switch discard_policy.timeout to bool type
f2fs: fix to verify tpage before releasing in f2fs_free_dic()
f2fs: show compression in statx
f2fs: clean up dic->tpages assignment
f2fs: compress: support zstd compress algorithm
f2fs: compress: add .{init,destroy}_decompress_ctx callback
f2fs: compress: fix to call missing destroy_compress_ctx()
f2fs: change default compression algorithm
f2fs: clean up {cic,dic}.ref handling
f2fs: fix to use f2fs_readpage_limit() in f2fs_read_multi_pages()
f2fs: xattr.h: Make stub helpers inline
f2fs: fix to avoid double unlock
f2fs: fix potential .flags overflow on 32bit architecture
f2fs: fix NULL pointer dereference in f2fs_verity_work()
f2fs: fix to clear PG_error if fsverity failed
f2fs: don't call fscrypt_get_encryption_info() explicitly in f2fs_tmpfile()
f2fs: don't trigger data flush in foreground operation
f2fs: fix NULL pointer dereference in f2fs_write_begin()
f2fs: clean up f2fs_may_encrypt()
f2fs: fix to avoid potential deadlock
f2fs: don't change inode status under page lock
f2fs: fix potential deadlock on compressed quota file
f2fs: delete DIO read lock
f2fs: don't mark compressed inode dirty during f2fs_iget()
f2fs: fix to account compressed blocks in f2fs_compressed_blocks()
f2fs: xattr.h: Replace zero-length array with flexible-array member
f2fs: fix to update f2fs_super_block fields under sb_lock
f2fs: Add a new CP flag to help fsck fix resize SPO issues
f2fs: Fix mount failure due to SPO after a successful online resize FS
f2fs: use kmem_cache pool during inline xattr lookups
f2fs: skip migration only when BG_GC is called
f2fs: fix to show tracepoint correctly
f2fs: avoid __GFP_NOFAIL in f2fs_bio_alloc
f2fs: introduce F2FS_IOC_GET_COMPRESS_BLOCKS
f2fs: fix to avoid triggering IO in write path
f2fs: add prefix for f2fs slab cache name
f2fs: introduce DEFAULT_IO_TIMEOUT
f2fs: skip GC when section is full
f2fs: add migration count iff migration happens
f2fs: clean up bggc mount option
f2fs: clean up lfs/adaptive mount option
f2fs: fix to show norecovery mount option
f2fs: clean up parameter of macro XATTR_SIZE()
f2fs: clean up codes with {f2fs_,}data_blkaddr()
f2fs: show mounted time
f2fs: Use scnprintf() for avoiding potential buffer overflow
f2fs: allow to clear F2FS_COMPR_FL flag
f2fs: fix to check dirty pages during compressed inode conversion
f2fs: fix to account compressed inode correctly
f2fs: fix wrong check on F2FS_IOC_FSSETXATTR
f2fs: fix to avoid use-after-free in f2fs_write_multi_pages()
f2fs: fix to avoid using uninitialized variable
f2fs: fix inconsistent comments
f2fs: remove i_sem lock coverage in f2fs_setxattr()
f2fs: cover last_disk_size update with spinlock
f2fs: fix to check i_compr_blocks correctly
FROMLIST: kmod: make request_module() return an error when autoloading is disabled
UPSTREAM: loop: Only freeze block queue when needed.
UPSTREAM: loop: Only change blocksize when needed.
ANDROID: Incremental fs: Fix remount
ANDROID: Incremental fs: Protect get_fill_block, and add a field
ANDROID: Incremental fs: Fix crash polling 0 size read_log
ANDROID: Incremental fs: get_filled_blocks: better index_out
ANDROID: Fix wq fp check for CFI builds
ANDROID: Incremental fs: Fix four resource bugs
ANDROID: kbuild: ensure __cfi_check is correctly aligned
ANDROID: kbuild: fix module linker script flags for LTO
Linux 4.14.175
arm64: dts: ls1046ardb: set RGMII interfaces to RGMII_ID mode
arm64: dts: ls1043a-rdb: correct RGMII delay mode to rgmii-id
ARM: bcm2835-rpi-zero-w: Add missing pinctrl name
ARM: dts: oxnas: Fix clear-mask property
perf map: Fix off by one in strncpy() size argument
arm64: alternative: fix build with clang integrated assembler
net: ks8851-ml: Fix IO operations, again
gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 CHT + AXP288 model
bpf: Explicitly memset some bpf info structures declared on the stack
bpf: Explicitly memset the bpf_attr structure
platform/x86: pmc_atom: Add Lex 2I385SW to critclk_systems DMI table
vt: vt_ioctl: fix use-after-free in vt_in_use()
vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
vt: vt_ioctl: remove unnecessary console allocation checks
vt: switch vt_dont_switch to bool
vt: ioctl, switch VT_IS_IN_USE and VT_BUSY to inlines
vt: selection, introduce vc_is_sel
mac80211: fix authentication with iwlwifi/mvm
mac80211: Check port authorization in the ieee80211_tx_dequeue() case
media: xirlink_cit: add missing descriptor sanity checks
media: stv06xx: add missing descriptor sanity checks
media: dib0700: fix rc endpoint lookup
media: ov519: add missing endpoint sanity checks
libfs: fix infoleak in simple_attr_read()
staging: wlan-ng: fix use-after-free Read in hfa384x_usbin_callback
staging: wlan-ng: fix ODEBUG bug in prism2sta_disconnect_usb
staging: rtl8188eu: Add ASUS USB-N10 Nano B1 to device table
media: usbtv: fix control-message timeouts
media: flexcop-usb: fix endpoint sanity check
usb: musb: fix crash with highmen PIO and usbmon
USB: serial: io_edgeport: fix slab-out-of-bounds read in edge_interrupt_callback
USB: cdc-acm: restore capability check order
USB: serial: option: add Wistron Neweb D19Q1
USB: serial: option: add BroadMobi BM806U
USB: serial: option: add support for ASKEY WWHC050
afs: Fix some tracing details
Input: raydium_i2c_ts - fix error codes in raydium_i2c_boot_trigger()
Input: raydium_i2c_ts - use true and false for boolean values
vti6: Fix memory leak of skb if input policy check fails
netfilter: nft_fwd_netdev: validate family and chain type
xfrm: policy: Fix doulbe free in xfrm_policy_timer
xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire
xfrm: fix uctx len check in verify_sec_ctx_len
RDMA/mlx5: Block delay drop to unprivileged users
vti[6]: fix packet tx through bpf_redirect() in XinY cases
xfrm: handle NETDEV_UNREGISTER for xfrm device
genirq: Fix reference leaks on irq affinity notifiers
RDMA/core: Ensure security pkey modify is not lost
gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 BYT + AXP288 model
gpiolib: acpi: Rework honor_wakeup option into an ignore_wake option
gpiolib: acpi: Correct comment for HP x2 10 honor_wakeup quirk
mac80211: mark station unauthorized before key removal
scsi: sd: Fix optimal I/O size for devices that change reported values
scripts/dtc: Remove redundant YYLOC global declaration
tools: Let O= makes handle a relative path with -C option
perf probe: Do not depend on dwfl_module_addrsym()
ARM: dts: omap5: Add bus_dma_limit for L3 bus
ARM: dts: dra7: Add bus_dma_limit for L3 bus
Input: avoid BIT() macro usage in the serio.h UAPI header
Input: synaptics - enable RMI on HP Envy 13-ad105ng
i2c: hix5hd2: add missed clk_disable_unprepare in remove
ftrace/x86: Anotate text_mutex split between ftrace_arch_code_modify_post_process() and ftrace_arch_code_modify_prepare()
arm64: compat: map SPSR_ELx<->PSR for signals
arm64: ptrace: map SPSR_ELx<->PSR for compat tasks
sxgbe: Fix off by one in samsung driver strncpy size arg
dpaa_eth: Remove unnecessary boolean expression in dpaa_get_headroom
mac80211: Do not send mesh HWMP PREQ if HWMP is disabled
scsi: ipr: Fix softlockup when rescanning devices in petitboot
fsl/fman: detect FMan erratum A050385
arm64: dts: ls1043a: FMan erratum A050385
dt-bindings: net: FMan erratum A050385
cgroup1: don't call release_agent when it is ""
drivers/of/of_mdio.c:fix of_mdiobus_register()
cpupower: avoid multiple definition with gcc -fno-common
cgroup-v1: cgroup_pidlist_next should update position index
net: ipv4: don't let PMTU updates increase route MTU
hsr: set .netnsok flag
hsr: add restart routine into hsr_get_node_list()
hsr: use rcu_read_lock() in hsr_get_node_{list/status}()
vxlan: check return value of gro_cells_init()
net: dsa: mt7530: Change the LINK bit to reflect the link status
bnxt_en: fix memory leaks in bnxt_dcbnl_ieee_getets()
slcan: not call free_netdev before rtnl_unlock in slcan_open
NFC: fdp: Fix a signedness bug in fdp_nci_send_patch()
net: stmmac: dwmac-rk: fix error path in rk_gmac_probe
net_sched: keep alloc_hash updated after hash allocation
net_sched: cls_route: remove the right filter from hashtable
net: qmi_wwan: add support for ASKEY WWHC050
net/packet: tpacket_rcv: avoid a producer race condition
net: mvneta: Fix the case where the last poll did not process all rx
net: dsa: Fix duplicate frames flooded by learning
macsec: restrict to ethernet devices
hsr: fix general protection fault in hsr_addr_is_self()
Revert "drm/dp_mst: Skip validating ports during destruction, just ref"
staging: greybus: loopback_test: fix potential path truncations
staging: greybus: loopback_test: fix potential path truncation
drm/bridge: dw-hdmi: fix AVI frame colorimetry
arm64: smp: fix crash_smp_send_stop() behaviour
arm64: smp: fix smp_send_stop() behaviour
ALSA: hda/realtek: Fix pop noise on ALC225
Revert "ipv6: Fix handling of LLA with VRF and sockets bound to VRF"
Revert "vrf: mark skb for multicast or link-local as enslaved to VRF"
futex: Unbreak futex hashing
futex: Fix inode life-time issue
kbuild: Disable -Wpointer-to-enum-cast
iio: adc: at91-sama5d2_adc: fix differential channels in triggered mode
iio: adc: at91-sama5d2_adc: fix channel configuration for differential channels
USB: cdc-acm: fix rounding error in TIOCSSERIAL
USB: cdc-acm: fix close_delay and closing_wait units in TIOCSSERIAL
x86/mm: split vmalloc_sync_all()
page-flags: fix a crash at SetPageError(THP_SWAP)
mm, slub: prevent kmalloc_node crashes and memory leaks
mm: slub: be more careful about the double cmpxchg of freelist
memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event
xhci: Do not open code __print_symbolic() in xhci trace events
rtc: max8907: add missing select REGMAP_IRQ
intel_th: pci: Add Elkhart Lake CPU support
intel_th: Fix user-visible error codes
staging/speakup: fix get_word non-space look-ahead
staging: rtl8188eu: Add device id for MERCUSYS MW150US v2
mmc: sdhci-of-at91: fix cd-gpios for SAMA5D2
iio: magnetometer: ak8974: Fix negative raw values in sysfs
iio: trigger: stm32-timer: disable master mode when stopping
ALSA: pcm: oss: Remove WARNING from snd_pcm_plug_alloc() checks
ALSA: pcm: oss: Avoid plugin buffer overflow
ALSA: seq: oss: Fix running status after receiving sysex
ALSA: seq: virmidi: Fix running status after receiving sysex
ALSA: line6: Fix endless MIDI read loop
usb: xhci: apply XHCI_SUSPEND_DELAY to AMD XHCI controller 1022:145c
USB: serial: pl2303: add device-id for HP LD381
usb: host: xhci-plat: add a shutdown
USB: serial: option: add ME910G1 ECM composition 0x110b
usb: quirks: add NO_LPM quirk for RTL8153 based ethernet adapters
USB: Disable LPM on WD19's Realtek Hub
parse-maintainers: Mark as executable
block, bfq: fix overwrite of bfq_group pointer in bfq_find_set_group()
xenbus: req->err should be updated before req->state
xenbus: req->body should be updated before req->state
dm bio record: save/restore bi_end_io and bi_integrity
altera-stapl: altera_get_note: prevent write beyond end of 'key'
drivers/perf: arm_pmu_acpi: Fix incorrect checking of gicc pointer
drm/exynos: dsi: fix workaround for the legacy clock name
drm/exynos: dsi: propagate error value and silence meaningless warning
spi/zynqmp: remove entry that causes a cs glitch
spi: pxa2xx: Add CS control clock quirk
ARM: dts: dra7: Add "dma-ranges" property to PCIe RC DT nodes
powerpc: Include .BTF section
spi: qup: call spi_qup_pm_resume_runtime before suspending
UPSTREAM: ubifs: wire up FS_IOC_GET_ENCRYPTION_NONCE
UPSTREAM: f2fs: wire up FS_IOC_GET_ENCRYPTION_NONCE
UPSTREAM: ext4: wire up FS_IOC_GET_ENCRYPTION_NONCE
UPSTREAM: fscrypt: add FS_IOC_GET_ENCRYPTION_NONCE ioctl
UPSTREAM: usb: raw_gadget: fix compilation warnings in uapi headers
BACKPORT: usb: gadget: add raw-gadget interface
UPSTREAM: usb: gadget: move choice ... endchoice to legacy/Kconfig
ANDROID: clang: update to 10.0.5
FROMLIST: arm64: define __alloc_zeroed_user_highpage
ANDROID: Incremental fs: Add INCFS_IOC_GET_FILLED_BLOCKS
ANDROID: Incremental fs: Fix two typos
f2fs: fix to avoid potential deadlock
f2fs: add missing function name in kernel message
f2fs: recycle unused compress_data.chksum feild
f2fs: fix to avoid NULL pointer dereference
f2fs: fix leaking uninitialized memory in compressed clusters
f2fs: fix the panic in do_checkpoint()
f2fs: fix to wait all node page writeback
mm/swapfile.c: move inode_lock out of claim_swapfile
UPSTREAM: ipv6: ndisc: add support for 'PREF64' dns64 prefix identifier
UPSTREAM: ipv6: ndisc: add support for 'PREF64' dns64 prefix identifier
ANDROID: dm-bow: Fix free_show value is incorrect
UPSTREAM: coresight: Potential uninitialized variable in probe()
ANDROID: kbuild: do not merge .section..* into .section in modules
ANDROID: scsi: ufs: add ->map_sg_crypto() variant op
UPSTREAM: bpf: Explicitly memset some bpf info structures declared on the stack
UPSTREAM: bpf: Explicitly memset the bpf_attr structure
Linux 4.14.174
ipv4: ensure rcu_read_lock() in cipso_v4_error()
mm: slub: add missing TID bump in kmem_cache_alloc_bulk()
ARM: 8958/1: rename missed uaccess .fixup section
ARM: 8957/1: VDSO: Match ARMv8 timer in cntvct_functional()
jbd2: fix data races at struct journal_head
net: rmnet: fix NULL pointer dereference in rmnet_newlink()
hinic: fix a bug of setting hw_ioctxt
slip: not call free_netdev before rtnl_unlock in slip_open
signal: avoid double atomic counter increments for user accounting
mac80211: rx: avoid RCU list traversal under mutex
net: ks8851-ml: Fix IRQ handling and locking
net: usb: qmi_wwan: restore mtu min/max values after raw_ip switch
scsi: libfc: free response frame from GPN_ID
cfg80211: check reg_rule for NULL in handle_channel_custom()
HID: i2c-hid: add Trekstor Surfbook E11B to descriptor override
HID: apple: Add support for recent firmware on Magic Keyboards
ACPI: watchdog: Allow disabling WDAT at boot
perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT flag
batman-adv: Don't schedule OGM for disabled interface
batman-adv: Avoid free/alloc race when handling OGM buffer
batman-adv: Avoid free/alloc race when handling OGM2 buffer
batman-adv: Fix duplicated OGMs on NETDEV_UP
batman-adv: Fix debugfs path for renamed softif
batman-adv: Fix debugfs path for renamed hardif
batman-adv: prevent TT request storms by not sending inconsistent TT TLVLs
batman-adv: Fix TT sync flags for intermediate TT responses
batman-adv: Avoid race in TT TVLV allocator helper
batman-adv: update data pointers after skb_cow()
batman-adv: Fix internal interface indices types
batman-adv: Fix lock for ogm cnt access in batadv_iv_ogm_calc_tq
batman-adv: Fix check of retrieved orig_gw in batadv_v_gw_is_eligible
batman-adv: Always initialize fragment header priority
batman-adv: Avoid spurious warnings from bat_v neigh_cmp implementation
efi: Add a sanity check to efivar_store_raw()
net/smc: check for valid ib_client_data
ipv6: restrict IPV6_ADDRFORM operation
i2c: acpi: put device when verifying client fails
iommu/vt-d: Ignore devices with out-of-spec domain number
iommu/vt-d: Fix the wrong printing in RHSA parsing
netfilter: nft_payload: add missing attribute validation for payload csum flags
netfilter: cthelper: add missing attribute validation for cthelper
nl80211: add missing attribute validation for channel switch
nl80211: add missing attribute validation for beacon report scanning
nl80211: add missing attribute validation for critical protocol indication
pinctrl: core: Remove extra kref_get which blocks hogs being freed
pinctrl: meson-gxl: fix GPIOX sdio pins
iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page
iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint
iommu/dma: Fix MSI reservation allocation
x86/mce: Fix logic and comments around MSR_PPIN_CTL
efi: Fix a race and a buffer overflow while reading efivars via sysfs
ARC: define __ALIGN_STR and __ALIGN symbols for ARC
KVM: x86: clear stale x86_emulate_ctxt->intercept value
gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache
cifs_atomic_open(): fix double-put on late allocation failure
ktest: Add timeout for ssh sync testing
drm/amd/display: remove duplicated assignment to grph_obj_type
workqueue: don't use wq_select_unbound_cpu() for bound works
iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn + add_taint
virtio-blk: fix hw_queue stopped on arbitrary error
iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168 devices
cgroup: Iterate tasks that did not finish do_exit()
cgroup: cgroup_procs_next should increase position index
ipvlan: don't deref eth hdr before checking it's set
ipvlan: egress mcast packets are not exceptional
ipvlan: do not add hardware address of master to its unicast filter list
inet_diag: return classid for all socket types
macvlan: add cond_resched() during multicast processing
net: fec: validate the new settings in fec_enet_set_coalesce()
slip: make slhc_compress() more robust against malicious packets
bonding/alb: make sure arp header is pulled before accessing it
net: phy: fix MDIO bus PM PHY resuming
nfc: add missing attribute validation for vendor subcommand
nfc: add missing attribute validation for SE API
team: add missing attribute validation for array index
team: add missing attribute validation for port ifindex
net: fq: add missing attribute validation for orphan mask
macsec: add missing attribute validation for port
can: add missing attribute validation for termination
nl802154: add missing attribute validation for dev_type
nl802154: add missing attribute validation
fib: add missing attribute validation for tun_id
net: memcg: fix lockdep splat in inet_csk_accept()
net: memcg: late association of sock to memcg
cgroup: memcg: net: do not associate sock with unrelated cgroup
bnxt_en: reinitialize IRQs when MTU is modified
sfc: detach from cb_page in efx_copy_channel()
r8152: check disconnect status after long sleep
net/packet: tpacket_rcv: do not increment ring index on drop
net: nfc: fix bounds checking bugs on "pipe"
net: macsec: update SCI upon MAC address change.
netlink: Use netlink header as base to calculate bad attribute offset
ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast()
ipvlan: add cond_resched_rcu() while processing muticast backlog
ipv6/addrconf: call ipv6_mc_up() for non-Ethernet interface
gre: fix uninit-value in __iptunnel_pull_header
cgroup, netclassid: periodically release file_lock on classid updating
net: phy: Avoid multiple suspends
phy: Revert toggling reset changes.
ANDROID: Incremental fs: Add INCFS_IOC_PERMIT_FILL
ANDROID: Incremental fs: Remove signature checks from kernel
ANDROID: Incremental fs: Pad hash blocks
ANDROID: Incremental fs: Make fill block an ioctl
ANDROID: Incremental fs: Remove all access_ok checks
UPSTREAM: cgroup: Iterate tasks that did not finish do_exit()
UPSTREAM: arm64: memory: Add missing brackets to untagged_addr() macro
UPSTREAM: mm: Avoid creating virtual address aliases in brk()/mmap()/mremap()
ANDROID: Add TPM support and the vTPM proxy to Cuttlefish.
ANDROID: serdev: restrict claim of platform devices
UPSTREAM: fscrypt: don't evict dirty inodes after removing key
fscrypt: don't evict dirty inodes after removing key
Linux 4.14.173
ASoC: topology: Fix memleak in soc_tplg_manifest_load()
xhci: handle port status events for removed USB3 hcd
dm integrity: fix a deadlock due to offloading to an incorrect workqueue
powerpc: fix hardware PMU exception bug on PowerVM compatibility mode systems
dmaengine: coh901318: Fix a double lock bug in dma_tc_handle()
hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT()
ARM: imx: build v7_cpu_resume() unconditionally
IB/hfi1, qib: Ensure RCU is locked when accessing list
RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen()
RDMA/iwcm: Fix iwcm work deallocation
ASoC: dapm: Correct DAPM handling of active widgets during shutdown
ASoC: pcm512x: Fix unbalanced regulator enable call in probe error path
ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output
ASoC: intel: skl: Fix possible buffer overflow in debug outputs
ASoC: intel: skl: Fix pin debug prints
ASoC: topology: Fix memleak in soc_tplg_link_elems_load()
ARM: dts: ls1021a: Restore MDIO compatible to gianfar
dm cache: fix a crash due to incorrect work item cancelling
dmaengine: tegra-apb: Prevent race conditions of tasklet vs free list
dmaengine: tegra-apb: Fix use-after-free
x86/pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes
vt: selection, push sel_lock up
vt: selection, push console lock down
vt: selection, close sel_buffer race
serial: 8250_exar: add support for ACCES cards
tty:serial:mvebu-uart:fix a wrong return
arm: dts: dra76x: Fix mmc3 max-frequency
fat: fix uninit-memory access for partial initialized inode
mm, numa: fix bad pmd by atomically check for pmd_trans_huge when marking page tables prot_numa
vgacon: Fix a UAF in vgacon_invert_region
usb: core: port: do error out if usb_autopm_get_interface() fails
usb: core: hub: do error out if usb_autopm_get_interface() fails
usb: core: hub: fix unhandled return by employing a void function
usb: quirks: add NO_LPM quirk for Logitech Screen Share
usb: storage: Add quirk for Samsung Fit flash
cifs: don't leak -EAGAIN for stat() during reconnect
net: thunderx: workaround BGX TX Underflow issue
x86/xen: Distribute switch variables for initialization
nvme: Fix uninitialized-variable warning
x86/boot/compressed: Don't declare __force_order in kaslr_64.c
s390/cio: cio_ignore_proc_seq_next should increase position index
watchdog: da9062: do not ping the hw during stop()
net: ks8851-ml: Fix 16-bit IO operation
net: ks8851-ml: Fix 16-bit data access
net: ks8851-ml: Remove 8-bit bus accessors
drm/msm/dsi: save pll state before dsi host is powered off
drm: msm: Fix return type of dsi_mgr_connector_mode_valid for kCFI
drm/msm/mdp5: rate limit pp done timeout warnings
usb: gadget: serial: fix Tx stall after buffer overflow
usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags
usb: gadget: composite: Support more than 500mA MaxPower
selftests: fix too long argument
serial: ar933x_uart: set UART_CS_{RX,TX}_READY_ORIDE
kprobes: Fix optimize_kprobe()/unoptimize_kprobe() cancellation logic
RDMA/core: Fix use of logical OR in get_new_pps
RDMA/core: Fix pkey and port assignment in get_new_pps
net: dsa: bcm_sf2: Forcibly configure IMP port for 1Gb/sec
EDAC/amd64: Set grain per DIMM
x86/mce: Handle varying MCA bank counts
vhost: Check docket sk_family instead of call getname
audit: always check the netlink payload length in audit_receive_msg()
Revert "char/random: silence a lockdep splat with printk()"
mm, thp: fix defrag setting if newline is not used
mm/huge_memory.c: use head to check huge zero page
perf hists browser: Restore ESC as "Zoom out" of DSO/thread/etc
kprobes: Set unoptimized flag after unoptimizing code
drivers: net: xgene: Fix the order of the arguments of 'alloc_etherdev_mqs()'
tuntap: correctly set SOCKWQ_ASYNC_NOSPACE
KVM: Check for a bad hva before dropping into the ghc slow path
KVM: SVM: Override default MMIO mask if memory encryption is enabled
mwifiex: drop most magic numbers from mwifiex_process_tdls_action_frame()
namei: only return -ECHILD from follow_dotdot_rcu()
net: ena: make ena rxfh support ETH_RSS_HASH_NO_CHANGE
net: atlantic: fix potential error handling
net: netlink: cap max groups which will be considered in netlink_bind()
include/linux/bitops.h: introduce BITS_PER_TYPE
ecryptfs: Fix up bad backport of fe2e082f5da5b4a0a92ae32978f81507ef37ec66
usb: charger: assign specific number for enum value
drm/i915/gvt: Separate display reset from ALL_ENGINES reset
i2c: jz4780: silence log flood on txabrt
i2c: altera: Fix potential integer overflow
MIPS: VPE: Fix a double free and a memory leak in 'release_vpe()'
HID: hiddev: Fix race in in hiddev_disconnect()
Revert "PM / devfreq: Modify the device name as devfreq(X) for sysfs"
tracing: Disable trace_printk() on post poned tests
HID: core: increase HID report buffer size to 8KiB
HID: core: fix off-by-one memset in hid_report_raw_event()
HID: ite: Only bind to keyboard USB interface on Acer SW5-012 keyboard dock
KVM: VMX: check descriptor table exits on instruction emulation
ACPI: watchdog: Fix gas->access_width usage
ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro
audit: fix error handling in audit_data_to_entry()
ext4: potential crash on allocation error in ext4_alloc_flex_bg_array()
net: sched: correct flower port blocking
qede: Fix race between rdma destroy workqueue and link change event
ipv6: Fix route replacement with dev-only route
ipv6: Fix nlmsg_flags when splitting a multipath route
sctp: move the format error check out of __sctp_sf_do_9_1_abort
nfc: pn544: Fix occasional HW initialization failure
net: phy: restore mdio regs in the iproc mdio driver
net: fib_rules: Correctly set table field when table number exceeds 8 bits
sysrq: Remove duplicated sysrq message
sysrq: Restore original console_loglevel when sysrq disabled
cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE
cifs: Fix mode output in debugging statements
net: ena: ena-com.c: prevent NULL pointer dereference
net: ena: ethtool: use correct value for crc32 hash
net: ena: fix incorrectly saving queue numbers when setting RSS indirection table
net: ena: rss: store hash function as values and not bits
net: ena: rss: fix failure to get indirection table
net: ena: fix incorrect default RSS key
net: ena: add missing ethtool TX timestamping indication
net: ena: fix uses of round_jiffies()
net: ena: fix potential crash when rxfh key is NULL
qmi_wwan: unconditionally reject 2 ep interfaces
qmi_wwan: re-add DW5821e pre-production variant
cfg80211: check wiphy driver existence for drvinfo report
mac80211: consider more elements in parsing CRC
dax: pass NOWAIT flag to iomap_apply
drm/msm: Set dma maximum segment size for mdss
ipmi:ssif: Handle a possible NULL pointer reference
ext4: fix potential race between s_group_info online resizing and access
ext4: fix potential race between s_flex_groups online resizing and access
ext4: fix potential race between online resizing and write operations
netfilter: nf_conntrack: resolve clash for matching conntracks
iwlwifi: pcie: fix rb_allocator workqueue allocation
FROMLIST: f2fs: fix wrong check on F2FS_IOC_FSSETXATTR
UPSTREAM: binder: prevent UAF for binderfs devices II
UPSTREAM: binder: prevent UAF for binderfs devices
FROMLIST: lib: test_stackinit.c: XFAIL switch variable init tests
ANDROID: cuttlefish: disable KPROBES
ANDROID: scsi: ufs: allow ufs variants to override sg entry size
FROMLIST: ufs: fix a bug on printing PRDT
BACKPORT: loop: Add LOOP_SET_BLOCK_SIZE in compat ioctl
ANDROID: fix build issue in security/selinux/avc.c
ANDROID: cuttlefish_defconfig: Disable CONFIG_RT_GROUP_SCHED
ANDROID: Enable HID_NINTENDO as y
FROMLIST: HID: nintendo: add nintendo switch controller driver
Linux 4.14.172
s390/mm: Explicitly compare PAGE_DEFAULT_KEY against zero in storage_key_init_range
xen: Enable interrupts when calling _cond_resched()
ata: ahci: Add shutdown to freeze hardware resources of ahci
netfilter: xt_hashlimit: limit the max size of hashtable
ALSA: seq: Fix concurrent access to queue current tick/time
ALSA: seq: Avoid concurrent access to queue flags
ALSA: rawmidi: Avoid bit fields for state flags
genirq/proc: Reject invalid affinity masks (again)
iommu/vt-d: Fix compile warning from intel-svm.h
ecryptfs: replace BUG_ON with error handling code
staging: greybus: use after free in gb_audio_manager_remove_all()
staging: rtl8723bs: fix copy of overlapping memory
usb: gadget: composite: Fix bMaxPower for SuperSpeedPlus
scsi: Revert "target: iscsi: Wait for all commands to finish before freeing a session"
scsi: Revert "RDMA/isert: Fix a recently introduced regression related to logout"
Btrfs: fix btrfs_wait_ordered_range() so that it waits for all ordered extents
btrfs: do not check delayed items are empty for single transaction cleanup
btrfs: fix bytes_may_use underflow in prealloc error condtition
KVM: apic: avoid calculating pending eoi from an uninitialized val
KVM: nVMX: handle nested posted interrupts when apicv is disabled for L1
KVM: nVMX: Check IO instruction VM-exit conditions
KVM: nVMX: Refactor IO bitmap checks into helper function
ext4: fix race between writepages and enabling EXT4_EXTENTS_FL
ext4: rename s_journal_flag_rwsem to s_writepages_rwsem
ext4: fix mount failure with quota configured as module
ext4: add cond_resched() to __ext4_find_entry()
ext4: fix a data race in EXT4_I(inode)->i_disksize
KVM: nVMX: Don't emulate instructions in guest mode
lib/stackdepot.c: fix global out-of-bounds in stack_slabs
serial: 8250: Check UPF_IRQ_SHARED in advance
vt: vt_ioctl: fix race in VT_RESIZEX
VT_RESIZEX: get rid of field-by-field copyin
xhci: apply XHCI_PME_STUCK_QUIRK to Intel Comet Lake platforms
KVM: x86: don't notify userspace IOAPIC on edge-triggered interrupt EOI
drm/amdgpu/soc15: fix xclk for raven
mm/vmscan.c: don't round up scan size for online memory cgroup
Revert "ipc,sem: remove uneeded sem_undo_list lock usage in exit_sem()"
MAINTAINERS: Update drm/i915 bug filing URL
serdev: ttyport: restore client ops on deregistration
tty: serial: imx: setup the correct sg entry for tx dma
tty/serial: atmel: manage shutdown in case of RS485 or ISO7816 mode
x86/mce/amd: Fix kobject lifetime
x86/mce/amd: Publish the bank pointer only after setup has succeeded
staging: rtl8723bs: Fix potential overuse of kernel memory
staging: rtl8723bs: Fix potential security hole
staging: rtl8188eu: Fix potential overuse of kernel memory
staging: rtl8188eu: Fix potential security hole
USB: hub: Fix the broken detection of USB3 device in SMSC hub
USB: hub: Don't record a connect-change event during reset-resume
USB: Fix novation SourceControl XL after suspend
usb: uas: fix a plug & unplug racing
usb: host: xhci: update event ring dequeue pointer on purpose
xhci: fix runtime pm enabling for quirky Intel hosts
xhci: Force Maximum Packet size for Full-speed bulk devices to valid range.
staging: vt6656: fix sign of rx_dbm to bb_pre_ed_rssi.
staging: android: ashmem: Disallow ashmem memory from being remapped
vt: selection, handle pending signals in paste_selection
floppy: check FDC index for errors before assigning it
USB: misc: iowarrior: add support for the 100 device
USB: misc: iowarrior: add support for the 28 and 28L devices
USB: misc: iowarrior: add support for 2 OEMed devices
thunderbolt: Prevent crash if non-active NVMem file is read
net/smc: fix leak of kernel memory to user space
net/sched: flower: add missing validation of TCA_FLOWER_FLAGS
net/sched: matchall: add missing validation of TCA_MATCHALL_FLAGS
net: dsa: tag_qca: Make sure there is headroom for tag
enic: prevent waking up stopped tx queues over watchdog reset
selinux: ensure we cleanup the internal AVC counters on error in avc_update()
mlxsw: spectrum_dpipe: Add missing error path
virtio_balloon: prevent pfn array overflow
help_next should increase position index
brd: check and limit max_part par
microblaze: Prevent the overflow of the start
iwlwifi: mvm: Fix thermal zone registration
irqchip/gic-v3-its: Reference to its_invall_cmd descriptor when building INVALL
bcache: explicity type cast in bset_bkey_last()
reiserfs: prevent NULL pointer dereference in reiserfs_insert_item()
lib/scatterlist.c: adjust indentation in __sg_alloc_table
ocfs2: fix a NULL pointer dereference when call ocfs2_update_inode_fsync_trans()
radeon: insert 10ms sleep in dce5_crtc_load_lut
trigger_next should increase position index
ftrace: fpid_next() should increase position index
drm/nouveau/disp/nv50-: prevent oops when no channel method map provided
irqchip/gic-v3: Only provision redistributors that are enabled in ACPI
ceph: check availability of mds cluster on mount after wait timeout
cifs: fix NULL dereference in match_prepath
iwlegacy: ensure loop counter addr does not wrap and cause an infinite loop
hostap: Adjust indentation in prism2_hostapd_add_sta
ARM: 8951/1: Fix Kexec compilation issue.
jbd2: make sure ESHUTDOWN to be recorded in the journal superblock
jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record
powerpc/sriov: Remove VF eeh_dev state when disabling SR-IOV
ALSA: hda - Add docking station support for Lenovo Thinkpad T420s
driver core: platform: fix u32 greater or equal to zero comparison
s390/ftrace: generate traced function stack frame
x86/decoder: Add TEST opcode to Group3-2
ALSA: hda/hdmi - add retry logic to parse_intel_hdmi()
irqchip/mbigen: Set driver .suppress_bind_attrs to avoid remove problems
remoteproc: Initialize rproc_class before use
btrfs: device stats, log when stats are zeroed
btrfs: safely advance counter when looking up bio csums
btrfs: fix possible NULL-pointer dereference in integrity checks
pwm: Remove set but not set variable 'pwm'
ide: serverworks: potential overflow in svwks_set_pio_mode()
cmd64x: potential buffer overflow in cmd64x_program_timings()
pwm: omap-dmtimer: Remove PWM chip in .remove before making it unfunctional
x86/mm: Fix NX bit clearing issue in kernel_map_pages_in_pgd
f2fs: fix memleak of kobject
watchdog/softlockup: Enforce that timestamp is valid on boot
arm64: fix alternatives with LLVM's integrated assembler
scsi: iscsi: Don't destroy session if there are outstanding connections
f2fs: free sysfs kobject
iommu/arm-smmu-v3: Use WRITE_ONCE() when changing validity of an STE
usb: musb: omap2430: Get rid of musb .set_vbus for omap2430 glue
drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add
drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler
drm/nouveau/gr/gk20a,gm200-: add terminators to method lists read from fw
drm/nouveau/secboot/gm20b: initialize pointer in gm20b_secboot_new()
vme: bridges: reduce stack usage
driver core: Print device when resources present in really_probe()
driver core: platform: Prevent resouce overflow from causing infinite loops
tty: synclink_gt: Adjust indentation in several functions
tty: synclinkmp: Adjust indentation in several functions
ASoC: atmel: fix build error with CONFIG_SND_ATMEL_SOC_DMA=m
wan: ixp4xx_hss: fix compile-testing on 64-bit
Input: edt-ft5x06 - work around first register access error
rcu: Use WRITE_ONCE() for assignments to ->pprev for hlist_nulls
efi/x86: Don't panic or BUG() on non-critical error conditions
soc/tegra: fuse: Correct straps' address for older Tegra124 device trees
IB/hfi1: Add software counter for ctxt0 seq drop
udf: Fix free space reporting for metadata and virtual partitions
usbip: Fix unsafe unaligned pointer usage
drm: remove the newline for CRC source name.
tools lib api fs: Fix gcc9 stringop-truncation compilation error
ALSA: sh: Fix compile warning wrt const
ALSA: sh: Fix unused variable warnings
clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock
RDMA/rxe: Fix error type of mmap_offset
pinctrl: sh-pfc: sh7269: Fix CAN function GPIOs
PM / devfreq: rk3399_dmc: Add COMPILE_TEST and HAVE_ARM_SMCCC dependency
x86/vdso: Provide missing include file
dmaengine: Store module owner in dma_device struct
ARM: dts: r8a7779: Add device node for ARM global timer
drm/mediatek: handle events when enabling/disabling crtc
scsi: aic7xxx: Adjust indentation in ahc_find_syncrate
scsi: ufs: Complete pending requests in host reset and restore path
ACPICA: Disassembler: create buffer fields in ACPI_PARSE_LOAD_PASS1
orinoco: avoid assertion in case of NULL pointer
rtlwifi: rtl_pci: Fix -Wcast-function-type
iwlegacy: Fix -Wcast-function-type
ipw2x00: Fix -Wcast-function-type
b43legacy: Fix -Wcast-function-type
ALSA: usx2y: Adjust indentation in snd_usX2Y_hwdep_dsp_status
fore200e: Fix incorrect checks of NULL pointer dereference
reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling
media: v4l2-device.h: Explicitly compare grp{id,mask} to zero in v4l2_device macros
ARM: dts: imx6: rdu2: Disable WP for USDHC2 and USDHC3
arm64: dts: qcom: msm8996: Disable USB2 PHY suspend by core
NFC: port100: Convert cpu_to_le16(le16_to_cpu(E1) + E2) to use le16_add_cpu().
PCI/IOV: Fix memory leak in pci_iov_add_virtfn()
net/wan/fsl_ucc_hdlc: reject muram offsets above 64K
regulator: rk808: Lower log level on optional GPIOs being not available
drm/amdgpu: remove 4 set but not used variable in amdgpu_atombios_get_connector_info_from_object_table
clk: qcom: rcg2: Don't crash if our parent can't be found; return an error
kconfig: fix broken dependency in randconfig-generated .config
KVM: s390: ENOTSUPP -> EOPNOTSUPP fixups
nbd: add a flush_workqueue in nbd_start_device
ext4, jbd2: ensure panic when aborting with zero errno
tracing: Fix very unlikely race of registering two stat tracers
tracing: Fix tracing_stat return values in error handling paths
x86/sysfb: Fix check for bad VRAM size
jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal
kselftest: Minimise dependency of get_size on C library interfaces
clocksource/drivers/bcm2835_timer: Fix memory leak of timer
usb: dwc2: Fix IN FIFO allocation
usb: gadget: udc: fix possible sleep-in-atomic-context bugs in gr_probe()
uio: fix a sleep-in-atomic-context bug in uio_dmem_genirq_irqcontrol()
sparc: Add .exit.data section.
MIPS: Loongson: Fix potential NULL dereference in loongson3_platform_init()
efi/x86: Map the entire EFI vendor string before copying it
pinctrl: baytrail: Do not clear IRQ flags on direct-irq enabled pins
media: sti: bdisp: fix a possible sleep-in-atomic-context bug in bdisp_device_run()
char/random: silence a lockdep splat with printk()
gpio: gpio-grgpio: fix possible sleep-in-atomic-context bugs in grgpio_irq_map/unmap()
powerpc/powernv/iov: Ensure the pdn for VFs always contains a valid PE number
media: i2c: mt9v032: fix enum mbus codes and frame sizes
pxa168fb: Fix the function used to release some memory in an error handling path
pinctrl: sh-pfc: sh7264: Fix CAN function GPIOs
gianfar: Fix TX timestamping with a stacked DSA driver
ALSA: ctl: allow TLV read operation for callback type of element in locked case
ext4: fix ext4_dax_read/write inode locking sequence for IOCB_NOWAIT
leds: pca963x: Fix open-drain initialization
brcmfmac: Fix use after free in brcmf_sdio_readframes()
cpu/hotplug, stop_machine: Fix stop_machine vs hotplug order
drm/gma500: Fixup fbdev stolen size usage evaluation
KVM: nVMX: Use correct root level for nested EPT shadow page tables
Revert "KVM: VMX: Add non-canonical check on writes to RTIT address MSRs"
Revert "KVM: nVMX: Use correct root level for nested EPT shadow page tables"
scsi: qla2xxx: fix a potential NULL pointer dereference
jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer
jbd2: move the clearing of b_modified flag to the journal_unmap_buffer()
hwmon: (pmbus/ltc2978) Fix PMBus polling of MFR_COMMON definitions.
perf/x86/intel: Fix inaccurate period in context switch for auto-reload
s390/time: Fix clk type in get_tod_clock
RDMA/core: Fix protection fault in get_pkey_idx_qp_list
IB/hfi1: Close window for pq and request coliding
serial: imx: Only handle irqs that are actually enabled
serial: imx: ensure that RX irqs are off if RX is off
padata: Remove broken queue flushing
perf/x86/amd: Add missing L2 misses event spec to AMD Family 17h's event map
KVM: nVMX: Use correct root level for nested EPT shadow page tables
arm64: ssbs: Fix context-switch when SSBS is present on all CPUs
btrfs: log message when rw remount is attempted with unclean tree-log
btrfs: print message when tree-log replay starts
Btrfs: fix race between using extent maps and merging them
ext4: improve explanation of a mount failure caused by a misconfigured kernel
ext4: fix checksum errors with indexed dirs
ext4: fix support for inode sizes > 1024 bytes
ext4: don't assume that mmp_nodename/bdevname have NUL
ARM: 8723/2: always assume the "unified" syntax for assembly code
arm64: nofpsimd: Handle TIF_FOREIGN_FPSTATE flag cleanly
arm64: ptrace: nofpsimd: Fail FP/SIMD regset operations
arm64: cpufeature: Set the FP/SIMD compat HWCAP bits properly
ALSA: usb-audio: Apply sample rate quirk for Audioengine D1
Input: synaptics - remove the LEN0049 dmi id from topbuttonpad list
Input: synaptics - enable SMBus on ThinkPad L470
Input: synaptics - switch T470s to RMI4 by default
ecryptfs: fix a memory leak bug in ecryptfs_init_messaging()
ecryptfs: fix a memory leak bug in parse_tag_1_packet()
ASoC: sun8i-codec: Fix setting DAI data format
ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs
iommu/qcom: Fix bogus detach logic
KVM: x86: emulate RDPID
UPSTREAM: sched/psi: Fix OOB write when writing 0 bytes to PSI files
UPSTREAM: psi: Fix a division error in psi poll()
UPSTREAM: sched/psi: Fix sampling error and rare div0 crashes with cgroups and high uptime
UPSTREAM: sched/psi: Correct overly pessimistic size calculation
FROMLIST: f2fs: Handle casefolding with Encryption
FROMLIST: fscrypt: Have filesystems handle their d_ops
FROMLIST: ext4: Use generic casefolding support
FROMLIST: f2fs: Use generic casefolding support
FROMLIST: Add standard casefolding support
FROMLIST: unicode: Add utf8_casefold_hash
ANDROID: cuttlefish_defconfig: Add CONFIG_UNICODE
ANDROID: sdcardfs: fix -ENOENT lookup race issue
ANDROID: gki_defconfig: Enable CONFIG_RD_LZ4
ANDROID: dm: Add wrapped key support in dm-default-key
ANDROID: dm: add support for passing through derive_raw_secret
ANDROID: block: Prevent crypto fallback for wrapped keys
ANDROID: Disable wq fp check in CFI builds
ANDROID: increase limit on sched-tune boost groups
ANDROID: ufs, block: fix crypto power management and move into block layer
ANDROID: Incremental fs: Support xattrs
ANDROID: test_stackinit: work around LLVM PR44916
ANDROID: clang: update to 10.0.4
fs-verity: use u64_to_user_ptr()
fs-verity: use mempool for hash requests
fs-verity: implement readahead of Merkle tree pages
ext4: readpages() should submit IO as read-ahead
fs-verity: implement readahead for FS_IOC_ENABLE_VERITY
fscrypt: improve format of no-key names
ubifs: allow both hash and disk name to be provided in no-key names
ubifs: don't trigger assertion on invalid no-key filename
fscrypt: clarify what is meant by a per-file key
fscrypt: derive dirhash key for casefolded directories
fscrypt: don't allow v1 policies with casefolding
fscrypt: add "fscrypt_" prefix to fname_encrypt()
fscrypt: don't print name of busy file when removing key
fscrypt: document gfp_flags for bounce page allocation
fscrypt: optimize fscrypt_zeroout_range()
fscrypt: remove redundant bi_status check
fscrypt: Allow modular crypto algorithms
fscrypt: include <linux/ioctl.h> in UAPI header
fscrypt: don't check for ENOKEY from fscrypt_get_encryption_info()
fscrypt: remove fscrypt_is_direct_key_policy()
fscrypt: move fscrypt_valid_enc_modes() to policy.c
fscrypt: check for appropriate use of DIRECT_KEY flag earlier
fscrypt: split up fscrypt_supported_policy() by policy version
fscrypt: introduce fscrypt_needs_contents_encryption()
fscrypt: move fscrypt_d_revalidate() to fname.c
fscrypt: constify inode parameter to filename encryption functions
fscrypt: constify struct fscrypt_hkdf parameter to fscrypt_hkdf_expand()
fscrypt: verify that the crypto_skcipher has the correct ivsize
fscrypt: use crypto_skcipher_driver_name()
fscrypt: support passing a keyring key to FS_IOC_ADD_ENCRYPTION_KEY
keys: Export lookup_user_key to external users
f2fs: fix build error on PAGE_KERNEL_RO
Conflicts:
arch/arm64/kernel/smp.c
arch/arm64/kernel/traps.c
block/blk-crypto-fallback.c
block/keyslot-manager.c
drivers/base/power/wakeup.c
drivers/clk/clk.c
drivers/clk/qcom/clk-rcg2.c
drivers/gpu/Makefile
drivers/gpu/drm/msm/msm_drv.c
drivers/gpu/drm/msm/msm_gem.c
drivers/hwtracing/coresight/coresight-funnel.c
drivers/irqchip/irq-gic-v3.c
drivers/md/dm.c
drivers/net/ethernet/qualcomm/rmnet/rmnet_config.c
drivers/net/ethernet/stmicro/stmmac/stmmac_hwtstamp.c
drivers/net/macsec.c
drivers/net/phy/micrel.c
drivers/net/wireless/ath/wil6210/cfg80211.c
drivers/net/wireless/ath/wil6210/fw_inc.c
drivers/net/wireless/ath/wil6210/pcie_bus.c
drivers/net/wireless/ath/wil6210/pm.c
drivers/net/wireless/ath/wil6210/wil6210.h
drivers/of/base.c
drivers/power/supply/power_supply_sysfs.c
drivers/rpmsg/qcom_glink_smem.c
drivers/scsi/sd.c
drivers/scsi/ufs/ufshcd-crypto.c
drivers/scsi/ufs/ufshcd.c
drivers/scsi/ufs/ufshcd.h
drivers/scsi/ufs/ufshci.h
drivers/usb/dwc3/core.c
drivers/usb/dwc3/gadget.c
drivers/usb/gadget/Kconfig
drivers/usb/gadget/composite.c
drivers/usb/gadget/function/f_fs.c
drivers/usb/gadget/legacy/Makefile
drivers/usb/host/xhci-mem.c
fs/ext4/readpage.c
fs/sdcardfs/lookup.c
include/linux/key.h
include/linux/keyslot-manager.h
include/linux/power_supply.h
include/uapi/linux/coresight-stm.h
net/qrtr/qrtr.c
Change-Id: Iaa9fcbe987e721f02596e167249a519781ed3888
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
|
||
|
Srinivasarao P
|
8e1e29842d |
Merge android-4.14.168 (509b380) into msm-4.14
* refs/heads/tmp-509b380:
Revert "Revert "ANDROID: security,perf: Allow further restriction of perf_event_open""
Linux 4.14.168
m68k: Call timer_interrupt() with interrupts disabled
serial: stm32: fix clearing interrupt error flags
IB/iser: Fix dma_nents type definition
arm64: dts: juno: Fix UART frequency
drm/radeon: fix bad DMA from INTERRUPT_CNTL2
dmaengine: ti: edma: fix missed failure handling
affs: fix a memory leak in affs_remount
mmc: core: fix wl1251 sdio quirks
mmc: sdio: fix wl1251 vendor id
packet: fix data-race in fanout_flow_is_huge()
net: neigh: use long type to store jiffies delta
hv_netvsc: flag software created hash value
MIPS: Loongson: Fix return value of loongson_hwmon_init
afs: Fix large file support
net: qca_spi: Move reset_count to struct qcaspi
net: netem: correct the parent's backlog when corrupted packet was dropped
net: netem: fix error path for corrupted GSO frames
dmaengine: imx-sdma: fix size check for sdma script_number
drm/msm/dsi: Implement reset correctly
tcp: annotate lockless access to tcp_memory_pressure
net: add {READ|WRITE}_ONCE() annotations on ->rskq_accept_head
net: avoid possible false sharing in sk_leave_memory_pressure()
act_mirred: Fix mirred_init_module error handling
net: stmmac: fix length of PTP clock's name string
llc: fix sk_buff refcounting in llc_conn_state_process()
llc: fix another potential sk_buff leak in llc_ui_sendmsg()
mac80211: accept deauth frames in IBSS mode
net: stmmac: gmac4+: Not all Unicast addresses may be available
nvme: retain split access workaround for capability reads
net: ethernet: stmmac: Fix signedness bug in ipq806x_gmac_of_parse()
of: mdio: Fix a signedness bug in of_phy_get_and_connect()
net: axienet: fix a signedness bug in probe
net: stmmac: dwmac-meson8b: Fix signedness bug in probe
net: broadcom/bcmsysport: Fix signedness in bcm_sysport_probe()
net: hisilicon: Fix signedness bug in hix5hd2_dev_probe()
net: aquantia: Fix aq_vec_isr_legacy() return value
iommu/amd: Wait for completion of IOTLB flush in attach_device
net/rds: Fix 'ib_evt_handler_call' element in 'rds_ib_stat_names'
RDMA/cma: Fix false error message
ath10k: adjust skb length in ath10k_sdio_mbox_rx_packet
pinctrl: iproc-gpio: Fix incorrect pinconf configurations
net: sonic: replace dev_kfree_skb in sonic_send_packet
hwmon: (shtc1) fix shtc1 and shtw1 id mask
ixgbe: sync the first fragment unconditionally
btrfs: use correct count in btrfs_file_write_iter()
Btrfs: fix inode cache waiters hanging on path allocation failure
Btrfs: fix inode cache waiters hanging on failure to start caching thread
Btrfs: fix hang when loading existing inode cache off disk
scsi: fnic: fix msix interrupt allocation
net: sonic: return NETDEV_TX_OK if failed to map buffer
tty: serial: fsl_lpuart: Use appropriate lpuart32_* I/O funcs
ath9k: dynack: fix possible deadlock in ath_dynack_node_{de}init
iio: dac: ad5380: fix incorrect assignment to val
bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA
irqdomain: Add the missing assignment of domain->fwnode for named fwnode
staging: greybus: light: fix a couple double frees
x86, perf: Fix the dependency of the x86 insn decoder selftest
power: supply: Init device wakeup after device_add()
hwmon: (lm75) Fix write operations for negative temperatures
Partially revert "kfifo: fix kfifo_alloc() and kfifo_init()"
ahci: Do not export local variable ahci_em_messages
iommu/mediatek: Fix iova_to_phys PA start for 4GB mode
mips: avoid explicit UB in assignment of mips_io_port_base
rtc: pcf2127: bugfix: read rtc disables watchdog
media: atmel: atmel-isi: fix timeout value for stop streaming
mac80211: minstrel_ht: fix per-group max throughput rate initialization
dmaengine: dw: platform: Switch to acpi_dma_controller_register()
ASoC: sun4i-i2s: RX and TX counter registers are swapped
signal: Allow cifs and drbd to receive their terminating signals
bnxt_en: Fix handling FRAG_ERR when NVM_INSTALL_UPDATE cmd fails
net/rds: Add a few missing rds_stat_names entries
ASoC: wm8737: Fix copy-paste error in wm8737_snd_controls
ASoC: cs4349: Use PM ops 'cs4349_runtime_pm'
ASoC: es8328: Fix copy-paste error in es8328_right_line_controls
ext4: set error return correctly when ext4_htree_store_dirent fails
crypto: caam - free resources in case caam_rng registration failed
cifs: fix rmmod regression in cifs.ko caused by force_sig changes
net/mlx5: Fix mlx5_ifc_query_lag_out_bits
ARM: dts: stm32: add missing vdda-supply to adc on stm32h743i-eval
tipc: reduce risk of wakeup queue starvation
ALSA: aoa: onyx: always initialize register read value
crypto: ccp - Reduce maximum stack usage
x86/kgbd: Use NMI_VECTOR not APIC_DM_NMI
mic: avoid statically declaring a 'struct device'.
usb: host: xhci-hub: fix extra endianness conversion
qed: reduce maximum stack frame size
libertas_tf: Use correct channel range in lbtf_geo_init
PM: sleep: Fix possible overflow in pm_system_cancel_wakeup()
clk: sunxi-ng: v3s: add the missing PLL_DDR1
scsi: libfc: fix null pointer dereference on a null lport
net: pasemi: fix an use-after-free in pasemi_mac_phy_init()
RDMA/hns: Fixs hw access invalid dma memory error
devres: allow const resource arguments
rxrpc: Fix uninitialized error code in rxrpc_send_data_packet()
mfd: intel-lpss: Release IDA resources
iommu/amd: Make iommu_disable safer
bnxt_en: Fix ethtool selftest crash under error conditions.
nvmem: imx-ocotp: Ensure WAIT bits are preserved when setting timing
clk: qcom: Fix -Wunused-const-variable
dmaengine: hsu: Revert "set HSU_CH_MTSR to memory width"
perf/ioctl: Add check for the sample_period value
drm/msm/a3xx: remove TPL1 regs from snapshot
rtc: pcf8563: Clear event flags and disable interrupts before requesting irq
rtc: pcf8563: Fix interrupt trigger method
ASoC: ti: davinci-mcasp: Fix slot mask settings when using multiple AXRs
net/af_iucv: always register net_device notifier
net: netem: fix backlog accounting for corrupted GSO frames
drm/msm/mdp5: Fix mdp5_cfg_init error return
powerpc/pseries/mobility: rebuild cacheinfo hierarchy post-migration
powerpc/cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild
qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state
iommu/vt-d: Duplicate iommu_resv_region objects per device list
mpls: fix warning with multi-label encap
media: vivid: fix incorrect assignment operation when setting video mode
cpufreq: brcmstb-avs-cpufreq: Fix types for voltage/frequency
cpufreq: brcmstb-avs-cpufreq: Fix initial command check
netvsc: unshare skb in VF rx handler
inet: frags: call inet_frags_fini() after unregister_pernet_subsys()
signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of force_sig
iommu: Use right function to get group for device
misc: sgi-xp: Properly initialize buf in xpc_get_rsvd_page_pa
serial: stm32: fix wakeup source initialization
serial: stm32: Add support of TC bit status check
serial: stm32: fix transmit_chars when tx is stopped
serial: stm32: fix rx error handling
crypto: ccp - Fix 3DES complaint from ccp-crypto module
crypto: ccp - fix AES CFB error exposed by new test vectors
spi: spi-fsl-spi: call spi_finalize_current_message() at the end
RDMA/qedr: Fix incorrect device rate.
arm64: dts: meson: libretech-cc: set eMMC as removable
dmaengine: tegra210-adma: Fix crash during probe
ARM: dts: sun8i-h3: Fix wifi in Beelink X2 DT
EDAC/mc: Fix edac_mc_find() in case no device is found
thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power
backlight: lm3630a: Return 0 on success in update_status functions
kdb: do a sanity check on the cpu in kdb_per_cpu()
ARM: riscpc: fix lack of keyboard interrupts after irq conversion
pwm: meson: Don't disable PWM when setting duty repeatedly
pwm: meson: Consider 128 a valid pre-divider
netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule
crypto: caam - fix caam_dump_sg that iterates through scatterlist
platform/x86: alienware-wmi: printing the wrong error code
media: davinci/vpbe: array underflow in vpbe_enum_outputs()
media: omap_vout: potential buffer overflow in vidioc_dqbuf()
l2tp: Fix possible NULL pointer dereference
vfio/mdev: Fix aborting mdev child device removal if one fails
vfio/mdev: Avoid release parent reference during error path
afs: Fix the afs.cell and afs.volume xattr handlers
lightnvm: pblk: fix lock order in pblk_rb_tear_down_check
mmc: core: fix possible use after free of host
dmaengine: tegra210-adma: restore channel status
net: ena: fix ena_com_fill_hash_function() implementation
net: ena: fix incorrect test of supported hash function
net: ena: fix: Free napi resources when ena_up() fails
net: ena: fix swapped parameters when calling ena_com_indirect_table_fill_entry
iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU
IB/mlx5: Add missing XRC options to QP optional params mask
dwc2: gadget: Fix completed transfer size calculation in DDMA
usb: gadget: fsl: fix link error against usb-gadget module
ASoC: fix valid stream condition
packet: in recvmsg msg_name return at least sizeof sockaddr_ll
scsi: qla2xxx: Avoid that qlt_send_resp_ctio() corrupts memory
scsi: qla2xxx: Fix a format specifier
irqchip/gic-v3-its: fix some definitions of inner cacheability attributes
NFS: Don't interrupt file writeout due to fatal errors
ALSA: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk()
dmaengine: axi-dmac: Don't check the number of frames for alignment
6lowpan: Off by one handling ->nexthdr
media: ov2659: fix unbalanced mutex_lock/unlock
ARM: dts: ls1021: Fix SGMII PCS link remaining down after PHY disconnect
powerpc: vdso: Make vdso32 installation conditional in vdso_install
selftests/ipc: Fix msgque compiler warnings
tipc: set sysctl_tipc_rmem and named_timeout right range
platform/x86: alienware-wmi: fix kfree on potentially uninitialized pointer
hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses
net: hns3: fix for vport->bw_limit overflow problem
ARM: pxa: ssp: Fix "WARNING: invalid free of devm_ allocated data"
scsi: target/core: Fix a race condition in the LUN lookup code
scsi: qla2xxx: Unregister chrdev if module initialization fails
ehea: Fix a copy-paste err in ehea_init_port_res
spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios
soc/fsl/qe: Fix an error code in qe_pin_request()
spi: tegra114: configure dma burst size to fifo trig level
spi: tegra114: flush fifos
spi: tegra114: terminate dma and reset on transfer timeout
spi: tegra114: fix for unpacked mode transfers
spi: tegra114: clear packed bit for unpacked mode
media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame
media: davinci-isif: avoid uninitialized variable use
ARM: OMAP2+: Fix potentially uninitialized return value for _setup_reset()
arm64: dts: allwinner: a64: Add missing PIO clocks
m68k: mac: Fix VIA timer counter accesses
tipc: tipc clang warning
jfs: fix bogus variable self-initialization
regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB
media: cx23885: check allocation return
media: wl128x: Fix an error code in fm_download_firmware()
media: cx18: update *pos correctly in cx18_read_pos()
media: ivtv: update *pos correctly in ivtv_read_pos()
regulator: lp87565: Fix missing register for LP87565_BUCK_0
net: sh_eth: fix a missing check of of_get_phy_mode
xen, cpu_hotplug: Prevent an out of bounds access
drivers/rapidio/rio_cm.c: fix potential oops in riocm_ch_listen()
scsi: megaraid_sas: reduce module load time
x86/mm: Remove unused variable 'cpu'
nios2: ksyms: Add missing symbol exports
powerpc/mm: Check secondary hash page table
net: aquantia: fixed instack structure overflow
NFSv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE()
netfilter: nft_set_hash: fix lookups with fixed size hash on big endian
regulator: wm831x-dcdc: Fix list of wm831x_dcdc_ilim from mA to uA
ARM: 8848/1: virt: Align GIC version check with arm64 counterpart
ARM: 8847/1: pm: fix HYP/SVC mode mismatch when MCPM is used
mmc: sdhci-brcmstb: handle mmc_of_parse() errors during probe
NFS/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount
platform/x86: wmi: fix potential null pointer dereference
clocksource/drivers/exynos_mct: Fix error path in timer resources initialization
clocksource/drivers/sun5i: Fail gracefully when clock rate is unavailable
NFS: Fix a soft lockup in the delegation recovery code
powerpc/64s: Fix logic when handling unknown CPU features
staging: rtlwifi: Use proper enum for return in halmac_parse_psd_data_88xx
fs/nfs: Fix nfs_parse_devname to not modify it's argument
ASoC: qcom: Fix of-node refcount unbalance in apq8016_sbc_parse_of()
drm/nouveau/pmu: don't print reply values if exec is false
drm/nouveau/bios/ramcfg: fix missing parentheses when calculating RON
net: dsa: qca8k: Enable delay for RGMII_ID mode
regulator: pv88090: Fix array out-of-bounds access
regulator: pv88080: Fix array out-of-bounds access
regulator: pv88060: Fix array out-of-bounds access
cdc-wdm: pass return value of recover_from_urb_loss
dmaengine: mv_xor: Use correct device for DMA API
staging: r8822be: check kzalloc return or bail
KVM: PPC: Release all hardware TCE tables attached to a group
hwmon: (pmbus/tps53679) Fix driver info initialization in probe routine
vfio_pci: Enable memory accesses before calling pci_map_rom
keys: Timestamp new keys
block: don't use bio->bi_vcnt to figure out segment number
usb: phy: twl6030-usb: fix possible use-after-free on remove
PCI: endpoint: functions: Use memcpy_fromio()/memcpy_toio()
pinctrl: sh-pfc: sh73a0: Fix fsic_spdif pin groups
pinctrl: sh-pfc: r8a7792: Fix vin1_data18_b pin group
pinctrl: sh-pfc: r8a7791: Fix scifb2_data_c pin group
pinctrl: sh-pfc: emev2: Add missing pinmux functions
drm/etnaviv: potential NULL dereference
iw_cxgb4: use tos when finding ipv6 routes
iw_cxgb4: use tos when importing the endpoint
fbdev: chipsfb: remove set but not used variable 'size'
rtc: pm8xxx: fix unintended sign extension
rtc: 88pm80x: fix unintended sign extension
rtc: 88pm860x: fix unintended sign extension
rtc: ds1307: rx8130: Fix alarm handling
net: phy: fixed_phy: Fix fixed_phy not checking GPIO
thermal: mediatek: fix register index error
rtc: ds1672: fix unintended sign extension
staging: most: cdev: add missing check for cdev_add failure
iwlwifi: mvm: fix RSS config command
ARM: dts: lpc32xx: phy3250: fix SD card regulator voltage
ARM: dts: lpc32xx: fix ARM PrimeCell LCD controller clocks property
ARM: dts: lpc32xx: fix ARM PrimeCell LCD controller variant
ARM: dts: lpc32xx: reparent keypad controller to SIC1
ARM: dts: lpc32xx: add required clocks property to keypad device node
driver core: Do not resume suppliers under device_links_write_lock()
crypto: crypto4xx - Fix wrong ppc4xx_trng_probe()/ppc4xx_trng_remove() arguments
driver: uio: fix possible use-after-free in __uio_register_device
driver: uio: fix possible memory leak in __uio_register_device
tty: ipwireless: Fix potential NULL pointer dereference
iwlwifi: mvm: fix A-MPDU reference assignment
net/mlx5: Take lock with IRQs disabled to avoid deadlock
iwlwifi: mvm: avoid possible access out of array.
clk: sunxi-ng: sun8i-a23: Enable PLL-MIPI LDOs when ungating it
spi/topcliff_pch: Fix potential NULL dereference on allocation error
rtc: cmos: ignore bogus century byte
IB/iser: Pass the correct number of entries for dma mapped SGL
ASoC: imx-sgtl5000: put of nodes if finding codec fails
crypto: tgr192 - fix unaligned memory access
crypto: brcm - Fix some set-but-not-used warning
kbuild: mark prepare0 as PHONY to fix external module build
media: s5p-jpeg: Correct step and max values for V4L2_CID_JPEG_RESTART_INTERVAL
drm/etnaviv: NULL vs IS_ERR() buf in etnaviv_core_dump()
RDMA/iw_cxgb4: Fix the unchecked ep dereference
spi: cadence: Correct initialisation of runtime PM
arm64: dts: apq8016-sbc: Increase load on l11 for SDCARD
drm/shmob: Fix return value check in shmob_drm_probe
RDMA/qedr: Fix out of bounds index check in query pkey
RDMA/ocrdma: Fix out of bounds index check in query pkey
IB/usnic: Fix out of bounds index check in query pkey
MIPS: BCM63XX: drop unused and broken DSP platform device
clk: dove: fix refcount leak in dove_clk_init()
clk: mv98dx3236: fix refcount leak in mv98dx3236_clk_init()
clk: armada-xp: fix refcount leak in axp_clk_init()
clk: kirkwood: fix refcount leak in kirkwood_clk_init()
clk: armada-370: fix refcount leak in a370_clk_init()
clk: vf610: fix refcount leak in vf610_clocks_init()
clk: imx7d: fix refcount leak in imx7d_clocks_init()
clk: imx6sx: fix refcount leak in imx6sx_clocks_init()
clk: imx6q: fix refcount leak in imx6q_clocks_init()
clk: samsung: exynos4: fix refcount leak in exynos4_get_xom()
clk: socfpga: fix refcount leak
clk: qoriq: fix refcount leak in clockgen_init()
clk: highbank: fix refcount leak in hb_clk_init()
Input: nomadik-ske-keypad - fix a loop timeout test
vxlan: changelink: Fix handling of default remotes
pinctrl: sh-pfc: sh7734: Remove bogus IPSR10 value
pinctrl: sh-pfc: sh7269: Add missing PCIOR0 field
pinctrl: sh-pfc: r8a77995: Remove bogus SEL_PWM[0-3]_3 configurations
pinctrl: sh-pfc: sh7734: Add missing IPSR11 field
pinctrl: sh-pfc: r8a7794: Remove bogus IPSR9 field
pinctrl: sh-pfc: sh73a0: Add missing TO pin to tpu4_to3 group
pinctrl: sh-pfc: r8a7791: Remove bogus marks from vin1_b_data18 group
pinctrl: sh-pfc: r8a7791: Remove bogus ctrl marks from qspi_data4_b group
pinctrl: sh-pfc: r8a7740: Add missing LCD0 marks to lcd0_data24_1 group
pinctrl: sh-pfc: r8a7740: Add missing REF125CK pin to gether_gmii group
switchtec: Remove immediate status check after submitting MRPC command
staging: bcm2835-camera: Abort probe if there is no camera
IB/rxe: Fix incorrect cache cleanup in error flow
net: phy: Fix not to call phy_resume() if PHY is not attached
drm/dp_mst: Skip validating ports during destruction, just ref
exportfs: fix 'passing zero to ERR_PTR()' warning
pcrypt: use format specifier in kobject_add
NTB: ntb_hw_idt: replace IS_ERR_OR_NULL with regular NULL checks
mlxsw: reg: QEEC: Add minimum shaper fields
drm/sun4i: hdmi: Fix double flag assignation
pwm: lpss: Release runtime-pm reference from the driver's remove callback
staging: comedi: ni_mio_common: protect register write overflow
ALSA: usb-audio: update quirk for B&W PX to remove microphone
IB/hfi1: Add mtu check for operational data VLs
IB/rxe: replace kvfree with vfree
drm/hisilicon: hibmc: Don't overwrite fb helper surface depth
PCI: iproc: Remove PAXC slot check to allow VF support
apparmor: don't try to replace stale label in ptrace access check
ALSA: hda: fix unused variable warning
drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset()
drm/sti: do not remove the drm_bridge that was never added
crypto: sun4i-ss - fix big endian issues
mt7601u: fix bbp version check in mt7601u_wait_bbp_ready
tipc: fix wrong timeout input for tipc_wait_for_cond()
powerpc/archrandom: fix arch_get_random_seed_int()
mfd: intel-lpss: Add default I2C device properties for Gemini Lake
xfs: Sanity check flags of Q_XQUOTARM call
FROMGIT: ext4: Add EXT4_IOC_FSGETXATTR/EXT4_IOC_FSSETXATTR to compat_ioctl.
ANDROID: cuttlefish_defconfig: enable CONFIG_IKHEADERS as m
ANDROID: cuttlefish_defconfig: enable NVDIMM/PMEM options
UPSTREAM: virtio-pmem: Add virtio pmem driver
BACKPORT: libnvdimm: nd_region flush callback support
UPSTREAM: libnvdimm/of_pmem: Provide a unique name for bus provider
UPSTREAM: libnvdimm/of_pmem: Fix platform_no_drv_owner.cocci warnings
UPSTREAM: libnvdimm, of_pmem: use dev_to_node() instead of of_node_to_nid()
UPSTREAM: libnvdimm: Add device-tree based driver
UPSTREAM: libnvdimm: Add of_node to region and bus descriptors
FROMLIST: security: selinux: allow per-file labelling for binderfs
UPSTREAM: mm/page_io.c: annotate refault stalls from swap_readpage
Revert "ANDROID: security,perf: Allow further restriction of perf_event_open"
ANDROID: selinux: modify RTM_GETLINK permission
UPSTREAM: lib/test_meminit.c: add bulk alloc/free tests
UPSTREAM: lib/test_meminit: add a kmem_cache_alloc_bulk() test
UPSTREAM: mm: slub: really fix slab walking for init_on_free
UPSTREAM: mm/slub.c: init_on_free=1 should wipe freelist ptr for bulk allocations
Conflicts:
drivers/mmc/core/quirks.h
include/uapi/linux/virtio_ids.h
New header file entries are added to .bp files.
Change-Id: I515cb78684f524e239850625b163ba023b517e10
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
|
||
|
Greg Kroah-Hartman
|
95495cdf37 |
Merge 4.14.177 into android-4.14-stable
Changes in 4.14.177
bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads
net: vxge: fix wrong __VA_ARGS__ usage
hinic: fix a bug of waitting for IO stopped
hinic: fix wrong para of wait_for_completion_timeout
cxgb4/ptp: pass the sign of offset delta in FW CMD
qlcnic: Fix bad kzalloc null test
i2c: st: fix missing struct parameter description
null_blk: Fix the null_add_dev() error path
null_blk: Handle null_add_dev() failures properly
null_blk: fix spurious IO errors after failed past-wp access
x86: Don't let pgprot_modify() change the page encryption bit
block: keep bdi->io_pages in sync with max_sectors_kb for stacked devices
irqchip/versatile-fpga: Handle chained IRQs properly
sched: Avoid scale real weight down to zero
selftests/x86/ptrace_syscall_32: Fix no-vDSO segfault
PCI/switchtec: Fix init_completion race condition with poll_wait()
libata: Remove extra scsi_host_put() in ata_scsi_add_hosts()
gfs2: Don't demote a glock until its revokes are written
x86/boot: Use unsigned comparison for addresses
efi/x86: Ignore the memory attributes table on i386
genirq/irqdomain: Check pointer in irq_domain_alloc_irqs_hierarchy()
block: Fix use-after-free issue accessing struct io_cq
usb: dwc3: core: add support for disabling SS instances in park mode
irqchip/gic-v4: Provide irq_retrigger to avoid circular locking dependency
locking/lockdep: Avoid recursion in lockdep_count_{for,back}ward_deps()
block, bfq: fix use-after-free in bfq_idle_slice_timer_body
btrfs: remove a BUG_ON() from merge_reloc_roots()
btrfs: track reloc roots based on their commit root bytenr
uapi: rename ext2_swab() to swab() and share globally in swab.h
misc: rtsx: set correct pcr_ops for rts522A
slub: improve bit diffusion for freelist ptr obfuscation
ASoC: fix regwmask
ASoC: dapm: connect virtual mux with default value
ASoC: dpcm: allow start or stop during pause for backend
ASoC: topology: use name_prefix for new kcontrol
usb: gadget: f_fs: Fix use after free issue as part of queue failure
usb: gadget: composite: Inform controller driver of self-powered
ALSA: usb-audio: Add mixer workaround for TRX40 and co
ALSA: hda: Add driver blacklist
ALSA: hda: Fix potential access overflow in beep helper
ALSA: ice1724: Fix invalid access for enumerated ctl items
ALSA: pcm: oss: Fix regression by buffer overflow fix
ALSA: doc: Document PC Beep Hidden Register on Realtek ALC256
ALSA: hda/realtek - Set principled PC Beep configuration for ALC256
media: ti-vpe: cal: fix disable_irqs to only the intended target
acpi/x86: ignore unspecified bit positions in the ACPI global lock field
thermal: devfreq_cooling: inline all stubs for CONFIG_DEVFREQ_THERMAL=n
nvme-fc: Revert "add module to ops template to allow module references"
PCI/ASPM: Clear the correct bits when enabling L1 substates
PCI: endpoint: Fix for concurrent memory allocation in OB address region
KEYS: reaching the keys quotas correctly
irqchip/versatile-fpga: Apply clear-mask earlier
MIPS: OCTEON: irq: Fix potential NULL pointer dereference
ath9k: Handle txpower changes even when TPC is disabled
signal: Extend exec_id to 64bits
x86/entry/32: Add missing ASM_CLAC to general_protection entry
KVM: nVMX: Properly handle userspace interrupt window request
KVM: s390: vsie: Fix region 1 ASCE sanity shadow address checks
KVM: s390: vsie: Fix delivery of addressing exceptions
KVM: x86: Allocate new rmap and large page tracking when moving memslot
KVM: VMX: Always VMCLEAR in-use VMCSes during crash with kexec support
KVM: VMX: fix crash cleanup when KVM wasn't used
CIFS: Fix bug which the return value by asynchronous read is error
btrfs: drop block from cache on error in relocation
crypto: mxs-dcp - fix scatterlist linearization for hash
ALSA: hda: Initialize power_state field properly
net: rtnl_configure_link: fix dev flags changes arg to __dev_notify_flags
powerpc/pseries: Drop pointless static qualifier in vpa_debugfs_init()
x86/speculation: Remove redundant arch_smt_update() invocation
tools: gpio: Fix out-of-tree build regression
mm: Use fixed constant in page_frag_alloc instead of size + 1
dm verity fec: fix memory leak in verity_fec_dtr
scsi: zfcp: fix missing erp_lock in port recovery trigger for point-to-point
arm64: armv8_deprecated: Fix undef_hook mask for thumb setend
rtc: omap: Use define directive for PIN_CONFIG_ACTIVE_HIGH
NFS: Fix a page leak in nfs_destroy_unlinked_subrequests()
ext4: fix a data race at inode->i_blocks
fs/filesystems.c: downgrade user-reachable WARN_ONCE() to pr_warn_once()
ocfs2: no need try to truncate file beyond i_size
perf tools: Support Python 3.8+ in Makefile
s390/diag: fix display of diagnose call statistics
Input: i8042 - add Acer Aspire 5738z to nomux list
kmod: make request_module() return an error when autoloading is disabled
cpufreq: powernv: Fix use-after-free
hfsplus: fix crash and filesystem corruption when deleting files
libata: Return correct status in sata_pmp_eh_recover_pm() when ATA_DFLAG_DETACH is set
powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle
powerpc/64/tm: Don't let userspace set regs->trap via sigreturn
powerpc/hash64/devmap: Use H_PAGE_THP_HUGE when setting up huge devmap PTE entries
powerpc/xive: Use XIVE_BAD_IRQ instead of zero to catch non configured IPIs
powerpc/kprobes: Ignore traps that happened in real mode
scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug
powerpc: Add attributes for setjmp/longjmp
powerpc: Make setjmp/longjmp signature standard
Btrfs: fix crash during unmount due to race with delayed inode workers
btrfs: use nofs allocations for running delayed items
dm zoned: remove duplicate nr_rnd_zones increase in dmz_init_zone()
crypto: caam - update xts sector size for large input length
drm/dp_mst: Fix clearing payload state on topology disable
drm: Remove PageReserved manipulation from drm_pci_alloc
ftrace/kprobe: Show the maxactive number on kprobe_events
ipmi: fix hung processes in __get_guid()
powerpc/fsl_booke: Avoid creating duplicate tlb1 entry
misc: echo: Remove unnecessary parentheses and simplify check for zero
mfd: dln2: Fix sanity checking for endpoints
amd-xgbe: Use __napi_schedule() in BH context
hsr: check protocol version in hsr_newlink()
net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin
net: ipv6: do not consider routes via gateways for anycast address check
net: qrtr: send msgs from local of same id as broadcast
net: revert default NAPI poll timeout to 2 jiffies
net: stmmac: dwmac-sunxi: Provide TX and RX fifo sizes
scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic
jbd2: improve comments about freeing data buffers whose page mapping is NULL
pwm: pca9685: Fix PWM/GPIO inter-operation
ext4: fix incorrect group count in ext4_fill_super error message
ext4: fix incorrect inodes per group in error message
ASoC: Intel: mrfld: fix incorrect check on p->sink
ASoC: Intel: mrfld: return error codes when an error occurs
ALSA: usb-audio: Don't override ignore_ctl_error value from the map
tracing: Fix the race between registering 'snapshot' event trigger and triggering 'snapshot' operation
btrfs: check commit root generation in should_ignore_root
mac80211_hwsim: Use kstrndup() in place of kasprintf()
ext4: do not zeroout extents beyond i_disksize
dm flakey: check for null arg_name in parse_features()
kvm: x86: Host feature SSBD doesn't imply guest feature SPEC_CTRL_SSBD
scsi: target: remove boilerplate code
scsi: target: fix hang when multiple threads try to destroy the same iscsi session
x86/microcode/AMD: Increase microcode PATCH_MAX_SIZE
x86/intel_rdt: Enumerate L2 Code and Data Prioritization (CDP) feature
x86/intel_rdt: Add two new resources for L2 Code and Data Prioritization (CDP)
x86/intel_rdt: Enable L2 CDP in MSR IA32_L2_QOS_CFG
x86/resctrl: Preserve CDP enable over CPU hotplug
x86/resctrl: Fix invalid attempt at removing the default resource group
mm/vmalloc.c: move 'area->pages' after if statement
objtool: Fix switch table detection in .text.unlikely
scsi: sg: add sg_remove_request in sg_common_write
ext4: use non-movable memory for superblock readahead
arm, bpf: Fix bugs with ALU64 {RSH, ARSH} BPF_K shift by 0
netfilter: nf_tables: report EOPNOTSUPP on unsupported flags/object type
irqchip/mbigen: Free msi_desc on device teardown
ALSA: hda: Don't release card at firmware loading error
lib/raid6: use vdupq_n_u8 to avoid endianness warnings
video: fbdev: sis: Remove unnecessary parentheses and commented code
drm: NULL pointer dereference [null-pointer-deref] (CWE 476) problem
clk: Fix debugfs_create_*() usage
Revert "gpio: set up initial state from .get_direction()"
arm64: perf: remove unsupported events for Cortex-A73
arm64: traps: Don't print stack or raw PC/LR values in backtraces
arch_topology: Fix section miss match warning due to free_raw_capacity()
wil6210: increase firmware ready timeout
wil6210: fix temperature debugfs
scsi: ufs: make sure all interrupts are processed
scsi: ufs: ufs-qcom: remove broken hci version quirk
wil6210: rate limit wil_rx_refill error
rpmsg: glink: use put_device() if device_register fail
rtc: pm8xxx: Fix issue in RTC write path
rpmsg: glink: Fix missing mutex_init() in qcom_glink_alloc_channel()
rpmsg: glink: smem: Ensure ordering during tx
wil6210: fix PCIe bus mastering in case of interface down
wil6210: add block size checks during FW load
wil6210: fix length check in __wmi_send
wil6210: abort properly in cfg suspend
soc: qcom: smem: Use le32_to_cpu for comparison
of: fix missing kobject init for !SYSFS && OF_DYNAMIC config
rbd: avoid a deadlock on header_rwsem when flushing notifies
rbd: call rbd_dev_unprobe() after unwatching and flushing notifies
of: unittest: kmemleak in of_unittest_platform_populate()
clk: at91: usb: continue if clk_hw_round_rate() return zero
power: supply: bq27xxx_battery: Silence deferred-probe error
clk: tegra: Fix Tegra PMC clock out parents
soc: imx: gpc: fix power up sequencing
rtc: 88pm860x: fix possible race condition
NFSv4/pnfs: Return valid stateids in nfs_layout_find_inode_by_stateid()
NFS: direct.c: Fix memory leak of dreq when nfs_get_lock_context fails
s390/cpuinfo: fix wrong output when CPU0 is offline
powerpc/maple: Fix declaration made after definition
ext4: do not commit super on read-only bdev
include/linux/swapops.h: correct guards for non_swap_entry()
percpu_counter: fix a data race at vm_committed_as
compiler.h: fix error in BUILD_BUG_ON() reporting
KVM: s390: vsie: Fix possible race when shadowing region 3 tables
x86: ACPI: fix CPU hotplug deadlock
drm/amdkfd: kfree the wrong pointer
NFS: Fix memory leaks in nfs_pageio_stop_mirroring()
iommu/vt-d: Fix mm reference leak
ext2: fix empty body warnings when -Wextra is used
ext2: fix debug reference to ext2_xattr_cache
libnvdimm: Out of bounds read in __nd_ioctl()
iommu/amd: Fix the configuration of GCR3 table root pointer
net: dsa: bcm_sf2: Fix overflow checks
fbdev: potential information leak in do_fb_ioctl()
tty: evh_bytechan: Fix out of bounds accesses
locktorture: Print ratio of acquisitions, not failures
mtd: lpddr: Fix a double free in probe()
mtd: phram: fix a double free issue in error path
KEYS: Use individual pages in big_key for crypto buffers
KEYS: Don't write out to userspace while holding key semaphore
Linux 4.14.177
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I5eb89921eb63ee9e92a031fc6f3a10d9e2616358
|
||
|
Eric W. Biederman
|
28c63ef17d |
signal: Extend exec_id to 64bits
commit d1e7fd6462ca9fc76650fbe6ca800e35b24267da upstream. Replace the 32bit exec_id with a 64bit exec_id to make it impossible to wrap the exec_id counter. With care an attacker can cause exec_id wrap and send arbitrary signals to a newly exec'd parent. This bypasses the signal sending checks if the parent changes their credentials during exec. The severity of this problem can been seen that in my limited testing of a 32bit exec_id it can take as little as 19s to exec 65536 times. Which means that it can take as little as 14 days to wrap a 32bit exec_id. Adam Zabrocki has succeeded wrapping the self_exe_id in 7 days. Even my slower timing is in the uptime of a typical server. Which means self_exec_id is simply a speed bump today, and if exec gets noticably faster self_exec_id won't even be a speed bump. Extending self_exec_id to 64bits introduces a problem on 32bit architectures where reading self_exec_id is no longer atomic and can take two read instructions. Which means that is is possible to hit a window where the read value of exec_id does not match the written value. So with very lucky timing after this change this still remains expoiltable. I have updated the update of exec_id on exec to use WRITE_ONCE and the read of exec_id in do_notify_parent to use READ_ONCE to make it clear that there is no locking between these two locations. Link: https://lore.kernel.org/kernel-hardening/20200324215049.GA3710@pi3.com.pl Fixes: 2.3.23pre2 Cc: stable@vger.kernel.org Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Blagovest Kolenichev
|
8ad87c80a2 |
Merge android-4.14.151 (2bb70f4) into msm-4.14
* refs/heads/tmp-2bb70f4:
ANDROID: virtio: virtio_input: Set the amount of multitouch slots in virtio input
ANDROID: dummy_cpufreq: Implement get()
rtlwifi: Fix potential overflow on P2P code
ANDROID: cpufreq: create dummy cpufreq driver
ANDROID: Allow DRM_IOCTL_MODE_*_DUMB for render clients.
ANDROID: sdcardfs: evict dentries on fscrypt key removal
ANDROID: fscrypt: add key removal notifier chain
ANDROID: Move from clang r353983c to r365631c
ANDROID: move up spin_unlock_bh() ahead of remove_proc_entry()
BACKPORT: arm64: tags: Preserve tags for addresses translated via TTBR1
UPSTREAM: arm64: memory: Implement __tag_set() as common function
UPSTREAM: arm64/mm: fix variable 'tag' set but not used
UPSTREAM: arm64: avoid clang warning about self-assignment
ANDROID: refactor build.config files to remove duplication
UPSTREAM: mm: vmalloc: show number of vmalloc pages in /proc/meminfo
BACKPORT: PM/sleep: Expose suspend stats in sysfs
UPSTREAM: power: supply: Init device wakeup after device_add()
UPSTREAM: PM / wakeup: Unexport wakeup_source_sysfs_{add,remove}()
UPSTREAM: PM / wakeup: Register wakeup class kobj after device is added
BACKPORT: PM / wakeup: Fix sysfs registration error path
BACKPORT: PM / wakeup: Show wakeup sources stats in sysfs
UPSTREAM: PM / wakeup: Print warn if device gets enabled as wakeup source during sleep
UPSTREAM: PM / wakeup: Use wakeup_source_register() in wakelock.c
UPSTREAM: PM / wakeup: Only update last time for active wakeup sources
UPSTREAM: PM / core: Add support to skip power management in device/driver model
cuttlefish-4.14: Enable CONFIG_DM_SNAPSHOT
ANDROID: cuttlefish_defconfig: Enable BPF_JIT and BPF_JIT_ALWAYS_ON
UPSTREAM: netfilter: xt_IDLETIMER: fix sysfs callback function type
UPSTREAM: mm: untag user pointers in mmap/munmap/mremap/brk
UPSTREAM: vfio/type1: untag user pointers in vaddr_get_pfn
UPSTREAM: media/v4l2-core: untag user pointers in videobuf_dma_contig_user_get
UPSTREAM: drm/radeon: untag user pointers in radeon_gem_userptr_ioctl
BACKPORT: drm/amdgpu: untag user pointers
UPSTREAM: userfaultfd: untag user pointers
UPSTREAM: fs/namespace: untag user pointers in copy_mount_options
UPSTREAM: mm: untag user pointers in get_vaddr_frames
UPSTREAM: mm: untag user pointers in mm/gup.c
BACKPORT: mm: untag user pointers passed to memory syscalls
BACKPORT: lib: untag user pointers in strn*_user
UPSTREAM: arm64: Fix reference to docs for ARM64_TAGGED_ADDR_ABI
UPSTREAM: selftests, arm64: add kernel headers path for tags_test
BACKPORT: arm64: Relax Documentation/arm64/tagged-pointers.rst
UPSTREAM: arm64: Define Documentation/arm64/tagged-address-abi.rst
UPSTREAM: arm64: Change the tagged_addr sysctl control semantics to only prevent the opt-in
UPSTREAM: arm64: Tighten the PR_{SET, GET}_TAGGED_ADDR_CTRL prctl() unused arguments
UPSTREAM: selftests, arm64: fix uninitialized symbol in tags_test.c
UPSTREAM: arm64: mm: Really fix sparse warning in untagged_addr()
UPSTREAM: selftests, arm64: add a selftest for passing tagged pointers to kernel
BACKPORT: arm64: Introduce prctl() options to control the tagged user addresses ABI
UPSTREAM: thread_info: Add update_thread_flag() helpers
UPSTREAM: arm64: untag user pointers in access_ok and __uaccess_mask_ptr
UPSTREAM: uaccess: add noop untagged_addr definition
BACKPORT: block: annotate refault stalls from IO submission
ext4: add verity flag check for dax
ANDROID: usb: gadget: Fix dependency for f_accessory
ANDROID: sched: fair: balance for single core cluster
UPSTREAM: mm/kasan: fix false positive invalid-free reports with CONFIG_KASAN_SW_TAGS=y
f2fs: add a condition to detect overflow in f2fs_ioc_gc_range()
f2fs: fix to add missing F2FS_IO_ALIGNED() condition
f2fs: fix to fallback to buffered IO in IO aligned mode
f2fs: fix to handle error path correctly in f2fs_map_blocks
f2fs: fix extent corrupotion during directIO in LFS mode
f2fs: check all the data segments against all node ones
f2fs: Add a small clarification to CONFIG_FS_F2FS_FS_SECURITY
f2fs: fix inode rwsem regression
f2fs: fix to avoid accessing uninitialized field of inode page in is_alive()
f2fs: avoid infinite GC loop due to stale atomic files
f2fs: Fix indefinite loop in f2fs_gc()
f2fs: convert inline_data in prior to i_size_write
f2fs: fix error path of f2fs_convert_inline_page()
f2fs: add missing documents of reserve_root/resuid/resgid
f2fs: fix flushing node pages when checkpoint is disabled
f2fs: enhance f2fs_is_checkpoint_ready()'s readability
f2fs: clean up __bio_alloc()'s parameter
f2fs: fix wrong error injection path in inc_valid_block_count()
f2fs: fix to writeout dirty inode during node flush
f2fs: optimize case-insensitive lookups
f2fs: introduce f2fs_match_name() for cleanup
f2fs: Fix indefinite loop in f2fs_gc()
f2fs: allocate memory in batch in build_sit_info()
f2fs: fix to avoid data corruption by forbidding SSR overwrite
f2fs: Fix build error while CONFIG_NLS=m
Revert "f2fs: avoid out-of-range memory access"
f2fs: cleanup the code in build_sit_entries.
f2fs: fix wrong available node count calculation
f2fs: remove duplicate code in f2fs_file_write_iter
f2fs: fix to migrate blocks correctly during defragment
f2fs: use wrapped f2fs_cp_error()
f2fs: fix to use more generic EOPNOTSUPP
f2fs: use wrapped IS_SWAPFILE()
f2fs: Support case-insensitive file name lookups
f2fs: include charset encoding information in the superblock
fs: Reserve flag for casefolding
f2fs: fix to avoid call kvfree under spinlock
fs: f2fs: Remove unnecessary checks of SM_I(sbi) in update_general_status()
f2fs: disallow direct IO in atomic write
f2fs: fix to handle quota_{on,off} correctly
f2fs: fix to detect cp error in f2fs_setxattr()
f2fs: fix to spread f2fs_is_checkpoint_ready()
f2fs: support fiemap() for directory inode
f2fs: fix to avoid discard command leak
f2fs: fix to avoid tagging SBI_QUOTA_NEED_REPAIR incorrectly
f2fs: fix to drop meta/node pages during umount
f2fs: disallow switching io_bits option during remount
f2fs: fix panic of IO alignment feature
f2fs: introduce {page,io}_is_mergeable() for readability
f2fs: fix livelock in swapfile writes
f2fs: add fs-verity support
ext4: update on-disk format documentation for fs-verity
ext4: add fs-verity read support
ext4: add basic fs-verity support
fs-verity: support builtin file signatures
fs-verity: add SHA-512 support
fs-verity: implement FS_IOC_MEASURE_VERITY ioctl
fs-verity: implement FS_IOC_ENABLE_VERITY ioctl
fs-verity: add data verification hooks for ->readpages()
fs-verity: add the hook for file ->setattr()
fs-verity: add the hook for file ->open()
fs-verity: add inode and superblock fields
fs-verity: add Kconfig and the helper functions for hashing
fs: uapi: define verity bit for FS_IOC_GETFLAGS
fs-verity: add UAPI header
fs-verity: add MAINTAINERS file entry
fs-verity: add a documentation file
ext4: fix kernel oops caused by spurious casefold flag
ext4: fix coverity warning on error path of filename setup
ext4: optimize case-insensitive lookups
ext4: fix dcache lookup of !casefolded directories
unicode: update to Unicode 12.1.0 final
unicode: add missing check for an error return from utf8lookup()
ext4: export /sys/fs/ext4/feature/casefold if Unicode support is present
unicode: refactor the rule for regenerating utf8data.h
ext4: Support case-insensitive file name lookups
ext4: include charset encoding information in the superblock
unicode: update unicode database unicode version 12.1.0
unicode: introduce test module for normalized utf8 implementation
unicode: implement higher level API for string handling
unicode: reduce the size of utf8data[]
unicode: introduce code for UTF-8 normalization
unicode: introduce UTF-8 character database
ext4 crypto: fix to check feature status before get policy
fscrypt: document the new ioctls and policy version
ubifs: wire up new fscrypt ioctls
f2fs: wire up new fscrypt ioctls
ext4: wire up new fscrypt ioctls
fscrypt: require that key be added when setting a v2 encryption policy
fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS ioctl
fscrypt: allow unprivileged users to add/remove keys for v2 policies
fscrypt: v2 encryption policy support
fscrypt: add an HKDF-SHA512 implementation
fscrypt: add FS_IOC_GET_ENCRYPTION_KEY_STATUS ioctl
fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl
fscrypt: rename keyinfo.c to keysetup.c
fscrypt: move v1 policy key setup to keysetup_v1.c
fscrypt: refactor key setup code in preparation for v2 policies
fscrypt: rename fscrypt_master_key to fscrypt_direct_key
fscrypt: add ->ci_inode to fscrypt_info
fscrypt: use FSCRYPT_* definitions, not FS_*
fscrypt: use FSCRYPT_ prefix for uapi constants
fs, fscrypt: move uapi definitions to new header <linux/fscrypt.h>
fscrypt: use ENOPKG when crypto API support missing
fscrypt: improve warnings for missing crypto API support
fscrypt: improve warning messages for unsupported encryption contexts
fscrypt: make fscrypt_msg() take inode instead of super_block
fscrypt: clean up base64 encoding/decoding
fscrypt: remove loadable module related code
ANDROID: arm64: bpf: implement arch_bpf_jit_check_func
ANDROID: bpf: validate bpf_func when BPF_JIT is enabled with CFI
UPSTREAM: kcm: use BPF_PROG_RUN
UPSTREAM: psi: get poll_work to run when calling poll syscall next time
UPSTREAM: sched/psi: Do not require setsched permission from the trigger creator
UPSTREAM: sched/psi: Reduce psimon FIFO priority
BACKPORT: arm64: Add support for relocating the kernel with RELR relocations
ANDROID: Log which device failed to suspend in dpm_suspend_start()
ANDROID: Revert "ANDROID: sched: Disallow WALT with CFS bandwidth control"
ANDROID: sched: WALT: Add support for CFS_BANDWIDTH
ANDROID: sched: WALT: Refactor cumulative runnable average fixup
ANDROID: sched: Disallow WALT with CFS bandwidth control
fscrypt: document testing with xfstests
fscrypt: remove selection of CONFIG_CRYPTO_SHA256
fscrypt: remove unnecessary includes of ratelimit.h
fscrypt: don't set policy for a dead directory
fscrypt: decrypt only the needed blocks in __fscrypt_decrypt_bio()
fscrypt: support decrypting multiple filesystem blocks per page
fscrypt: introduce fscrypt_decrypt_block_inplace()
fscrypt: handle blocksize < PAGE_SIZE in fscrypt_zeroout_range()
fscrypt: support encrypting multiple filesystem blocks per page
fscrypt: introduce fscrypt_encrypt_block_inplace()
fscrypt: clean up some BUG_ON()s in block encryption/decryption
fscrypt: rename fscrypt_do_page_crypto() to fscrypt_crypt_block()
fscrypt: remove the "write" part of struct fscrypt_ctx
fscrypt: simplify bounce page handling
ANDROID: fiq_debugger: remove
UPSTREAM: lib/test_meminit.c: use GFP_ATOMIC in RCU critical section
UPSTREAM: mm: slub: Fix slab walking for init_on_free
UPSTREAM: lib/test_meminit.c: minor test fixes
UPSTREAM: lib/test_meminit.c: fix -Wmaybe-uninitialized false positive
UPSTREAM: lib: introduce test_meminit module
UPSTREAM: mm: init: report memory auto-initialization features at boot time
BACKPORT: mm: security: introduce init_on_alloc=1 and init_on_free=1 boot options
UPSTREAM: arm64: move jump_label_init() before parse_early_param()
ANDROID: Add a tracepoint for mapping inode to full path
BACKPORT: arch: add pidfd and io_uring syscalls everywhere
UPSTREAM: dma-buf: add show_fdinfo handler
UPSTREAM: dma-buf: add DMA_BUF_SET_NAME ioctls
BACKPORT: dma-buf: give each buffer a full-fledged inode
ANDROID: fix kernelci build-break
UPSTREAM: drm/virtio: Fix cache entry creation race.
UPSTREAM: drm/virtio: Wake up all waiters when capset response comes in.
UPSTREAM: drm/virtio: Ensure cached capset entries are valid before copying.
UPSTREAM: drm/virtio: use u64_to_user_ptr macro
UPSTREAM: drm/virtio: remove irrelevant DRM_UNLOCKED flag
UPSTREAM: drm/virtio: Remove redundant return type
UPSTREAM: drm/virtio: allocate fences with GFP_KERNEL
UPSTREAM: drm/virtio: add trace events for commands
UPSTREAM: drm/virtio: trace drm_fence_emit
BACKPORT: drm/virtio: set seqno for dma-fence
BACKPORT: drm/virtio: move drm_connector_update_edid_property() call
UPSTREAM: drm/virtio: add missing drm_atomic_helper_shutdown() call.
BACKPORT: drm/virtio: rework resource creation workflow.
UPSTREAM: drm/virtio: params struct for virtio_gpu_cmd_create_resource_3d()
BACKPORT: drm/virtio: params struct for virtio_gpu_cmd_create_resource()
BACKPORT: drm/virtio: use struct to pass params to virtio_gpu_object_create()
UPSTREAM: drm/virtio: add virtio-gpu-features debugfs file.
UPSTREAM: drm/virtio: remove set but not used variable 'vgdev'
BACKPORT: drm/virtio: implement prime export
UPSTREAM: drm/virtio: remove prime pin/unpin callbacks.
UPSTREAM: drm/virtio: implement prime mmap
UPSTREAM: drm/virtio: drop virtio_gpu_fence_cleanup()
UPSTREAM: drm/virtio: fix pageflip flush
UPSTREAM: drm/virtio: log error responses
UPSTREAM: drm/virtio: Add missing virtqueue reset
UPSTREAM: drm/virtio: Remove incorrect kfree()
UPSTREAM: drm/virtio: virtio_gpu_cmd_resource_create_3d: drop unused fence arg
UPSTREAM: drm/virtio: fence: pass plain pointer
BACKPORT: drm/virtio: add edid support
UPSTREAM: virtio-gpu: add VIRTIO_GPU_F_EDID feature
BACKPORT: drm/virtio: fix memory leak of vfpriv on error return path
UPSTREAM: drm/virtio: bump driver version after explicit synchronization addition
UPSTREAM: drm/virtio: add in/out fence support for explicit synchronization
UPSTREAM: drm/virtio: add uapi for in and out explicit fences
UPSTREAM: drm/virtio: add virtio_gpu_alloc_fence()
UPSTREAM: drm/virtio: Handle error from virtio_gpu_resource_id_get
UPSTREAM: gpu/drm/virtio/virtgpu_vq.c: Use kmem_cache_zalloc
UPSTREAM: drm/virtio: fix resource id handling
UPSTREAM: drm/virtio: drop resource_id argument.
UPSTREAM: drm/virtio: use virtio_gpu_object->hw_res_handle in virtio_gpu_resource_create_ioctl()
UPSTREAM: drm/virtio: use virtio_gpu_object->hw_res_handle in virtio_gpu_mode_dumb_create()
UPSTREAM: drm/virtio: use virtio_gpu_object->hw_res_handle in virtio_gpufb_create()
BACKPORT: drm/virtio: track created object state
UPSTREAM: drm/virtio: document drm_dev_set_unique workaround
UPSTREAM: virtio: Support prime objects vmap/vunmap
UPSTREAM: virtio: Rework virtio_gpu_object_kmap()
UPSTREAM: virtio: Add virtio_gpu_object_kunmap()
UPSTREAM: drm/virtio: pass virtio_gpu_object to virtio_gpu_cmd_transfer_to_host_{2d, 3d}
UPSTREAM: drm/virtio: add dma sync for dma mapped virtio gpu framebuffer pages
UPSTREAM: drm/virtio: Remove set but not used variable 'bo'
UPSTREAM: drm/virtio: add iommu support.
UPSTREAM: drm/virtio: add virtio_gpu_object_detach() function
UPSTREAM: drm/virtio: track virtual output state
UPSTREAM: drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset()
UPSTREAM: gpu: drm: virtio: code cleanup
UPSTREAM: drm/virtio: Place GEM BOs in drm_framebuffer
UPSTREAM: drm/virtio: fix mode_valid's return type
UPSTREAM: drm/virtio: Add spaces around operators
UPSTREAM: drm/virtio: Remove multiple blank lines
UPSTREAM: drm/virtio: Replace 'unsigned' for 'unsigned int'
UPSTREAM: drm/virtio: Remove return from void function
UPSTREAM: drm/virtio: Add */ in block comments to separate line
UPSTREAM: drm/virtio: Add blank line after variable declarations
UPSTREAM: drm/virtio: Add tabs at the start of a line
UPSTREAM: drm/virtio: Don't return invalid caps on timeout
UPSTREAM: virtgpu: remove redundant task_comm copying
UPSTREAM: drm/virtio: add create_handle support.
UPSTREAM: drm: virtio: replace reference/unreference with get/put
UPSTREAM: drm/virtio: Replace instances of reference/unreference with get/put
UPSTREAM: drm: byteorder: add DRM_FORMAT_HOST_*
UPSTREAM: drm: add drm_connector_attach_edid_property()
BACKPORT: drm/prime: Add drm_gem_prime_mmap()
f2fs: fix build error on android tracepoints
ANDROID: cuttlefish_defconfig: Enable CAN/VCAN
UPSTREAM: pidfd: fix a poll race when setting exit_state
BACKPORT: arch: wire-up pidfd_open()
BACKPORT: pid: add pidfd_open()
UPSTREAM: pidfd: add polling support
UPSTREAM: signal: improve comments
UPSTREAM: fork: do not release lock that wasn't taken
BACKPORT: signal: support CLONE_PIDFD with pidfd_send_signal
BACKPORT: clone: add CLONE_PIDFD
UPSTREAM: Make anon_inodes unconditional
UPSTREAM: signal: use fdget() since we don't allow O_PATH
UPSTREAM: signal: don't silently convert SI_USER signals to non-current pidfd
BACKPORT: signal: add pidfd_send_signal() syscall
UPSTREAM: net-ipv6-ndisc: add support for RFC7710 RA Captive Portal Identifier
ANDROID: fix up 9p filesystem due to CFI non-upstream patches
f2fs: use EINVAL for superblock with invalid magic
f2fs: fix to read source block before invalidating it
f2fs: remove redundant check from f2fs_setflags_common()
f2fs: use generic checking function for FS_IOC_FSSETXATTR
f2fs: use generic checking and prep function for FS_IOC_SETFLAGS
ubifs, fscrypt: cache decrypted symlink target in ->i_link
vfs: use READ_ONCE() to access ->i_link
fs, fscrypt: clear DCACHE_ENCRYPTED_NAME when unaliasing directory
ANDROID: (arm64) cuttlefish_defconfig: enable CONFIG_CPU_FREQ_TIMES
ANDROID: xfrm: remove in_compat_syscall() checks
ANDROID: enable CONFIG_RTC_DRV_TEST on cuttlefish
UPSTREAM: binder: Set end of SG buffer area properly.
ANDROID: x86_64_cuttlefish_defconfig: enable CONFIG_CPU_FREQ_TIMES
ANDROID: f2fs: add android fsync tracepoint
ANDROID: f2fs: fix wrong android tracepoint
fscrypt: cache decrypted symlink target in ->i_link
fscrypt: fix race where ->lookup() marks plaintext dentry as ciphertext
fscrypt: only set dentry_operations on ciphertext dentries
fscrypt: fix race allowing rename() and link() of ciphertext dentries
fscrypt: clean up and improve dentry revalidation
fscrypt: use READ_ONCE() to access ->i_crypt_info
fscrypt: remove WARN_ON_ONCE() when decryption fails
fscrypt: drop inode argument from fscrypt_get_ctx()
f2fs: improve print log in f2fs_sanity_check_ckpt()
f2fs: avoid out-of-range memory access
f2fs: fix to avoid long latency during umount
f2fs: allow all the users to pin a file
f2fs: support swap file w/ DIO
f2fs: allocate blocks for pinned file
f2fs: fix is_idle() check for discard type
f2fs: add a rw_sem to cover quota flag changes
f2fs: set SBI_NEED_FSCK for xattr corruption case
f2fs: use generic EFSBADCRC/EFSCORRUPTED
f2fs: Use DIV_ROUND_UP() instead of open-coding
f2fs: print kernel message if filesystem is inconsistent
f2fs: introduce f2fs_<level> macros to wrap f2fs_printk()
f2fs: avoid get_valid_blocks() for cleanup
f2fs: ioctl for removing a range from F2FS
f2fs: only set project inherit bit for directory
f2fs: separate f2fs i_flags from fs_flags and ext4 i_flags
UPSTREAM: kasan: initialize tag to 0xff in __kasan_kmalloc
UPSTREAM: x86/boot: Provide KASAN compatible aliases for string routines
UPSTREAM: mm/kasan: Remove the ULONG_MAX stack trace hackery
UPSTREAM: x86/uaccess, kasan: Fix KASAN vs SMAP
UPSTREAM: x86/uaccess: Introduce user_access_{save,restore}()
UPSTREAM: kasan: fix variable 'tag' set but not used warning
UPSTREAM: Revert "x86_64: Increase stack size for KASAN_EXTRA"
UPSTREAM: kasan: fix coccinelle warnings in kasan_p*_table
UPSTREAM: kasan: fix kasan_check_read/write definitions
BACKPORT: kasan: remove use after scope bugs detection.
BACKPORT: kasan: turn off asan-stack for clang-8 and earlier
UPSTREAM: slub: fix a crash with SLUB_DEBUG + KASAN_SW_TAGS
UPSTREAM: kasan, slab: remove redundant kasan_slab_alloc hooks
UPSTREAM: kasan, slab: make freelist stored without tags
UPSTREAM: kasan, slab: fix conflicts with CONFIG_HARDENED_USERCOPY
UPSTREAM: kasan: prevent tracing of tags.c
UPSTREAM: kasan: fix random seed generation for tag-based mode
UPSTREAM: slub: fix SLAB_CONSISTENCY_CHECKS + KASAN_SW_TAGS
UPSTREAM: kasan, slub: fix more conflicts with CONFIG_SLAB_FREELIST_HARDENED
UPSTREAM: kasan, slub: fix conflicts with CONFIG_SLAB_FREELIST_HARDENED
UPSTREAM: kasan, slub: move kasan_poison_slab hook before page_address
UPSTREAM: kasan, kmemleak: pass tagged pointers to kmemleak
UPSTREAM: kasan: fix assigning tags twice
UPSTREAM: kasan: mark file common so ftrace doesn't trace it
UPSTREAM: kasan, arm64: remove redundant ARCH_SLAB_MINALIGN define
UPSTREAM: kasan: fix krealloc handling for tag-based mode
UPSTREAM: kasan: make tag based mode work with CONFIG_HARDENED_USERCOPY
UPSTREAM: kasan, arm64: use ARCH_SLAB_MINALIGN instead of manual aligning
BACKPORT: mm/memblock.c: skip kmemleak for kasan_init()
UPSTREAM: kasan: add SPDX-License-Identifier mark to source files
BACKPORT: kasan: update documentation
UPSTREAM: kasan, arm64: select HAVE_ARCH_KASAN_SW_TAGS
UPSTREAM: kasan: add __must_check annotations to kasan hooks
BACKPORT: kasan, mm, arm64: tag non slab memory allocated via pagealloc
UPSTREAM: kasan, arm64: add brk handler for inline instrumentation
UPSTREAM: kasan: add hooks implementation for tag-based mode
UPSTREAM: mm: move obj_to_index to include/linux/slab_def.h
UPSTREAM: kasan: add bug reporting routines for tag-based mode
UPSTREAM: kasan: split out generic_report.c from report.c
UPSTREAM: kasan, mm: perform untagged pointers comparison in krealloc
BACKPORT: kasan, arm64: enable top byte ignore for the kernel
BACKPORT: kasan, arm64: fix up fault handling logic
UPSTREAM: kasan: preassign tags to objects with ctors or SLAB_TYPESAFE_BY_RCU
UPSTREAM: kasan, arm64: untag address in _virt_addr_is_linear
UPSTREAM: kasan: add tag related helper functions
BACKPORT: arm64: move untagged_addr macro from uaccess.h to memory.h
BACKPORT: kasan: initialize shadow to 0xff for tag-based mode
BACKPORT: kasan: rename kasan_zero_page to kasan_early_shadow_page
BACKPORT: kasan, arm64: adjust shadow size for tag-based mode
BACKPORT: kasan: add CONFIG_KASAN_GENERIC and CONFIG_KASAN_SW_TAGS
UPSTREAM: kasan: rename source files to reflect the new naming scheme
BACKPORT: kasan: move common generic and tag-based code to common.c
UPSTREAM: kasan, slub: handle pointer tags in early_kmem_cache_node_alloc
UPSTREAM: kasan, mm: change hooks signatures
UPSTREAM: arm64: add EXPORT_SYMBOL_NOKASAN()
BACKPORT: compiler: remove __no_sanitize_address_or_inline again
UPSTREAM: mm/kasan/quarantine.c: make quarantine_lock a raw_spinlock_t
UPSTREAM: lib/test_kasan.c: add tests for several string/memory API functions
UPSTREAM: arm64: lib: use C string functions with KASAN enabled
UPSTREAM: compiler: introduce __no_sanitize_address_or_inline
UPSTREAM: arm64: Fix typo in a comment in arch/arm64/mm/kasan_init.c
BACKPORT: kernel/memremap, kasan: make ZONE_DEVICE with work with KASAN
BACKPORT: mm/mempool.c: remove unused argument in kasan_unpoison_element() and remove_element()
UPSTREAM: kasan: only select SLUB_DEBUG with SYSFS=y
UPSTREAM: kasan: depend on CONFIG_SLUB_DEBUG
UPSTREAM: KASAN: prohibit KASAN+STRUCTLEAK combination
UPSTREAM: arm64: kasan: avoid pfn_to_nid() before page array is initialized
UPSTREAM: kasan: fix invalid-free test crashing the kernel
UPSTREAM: kasan, slub: fix handling of kasan_slab_free hook
UPSTREAM: slab, slub: skip unnecessary kasan_cache_shutdown()
BACKPORT: kasan: make kasan_cache_create() work with 32-bit slab cache sizes
UPSTREAM: locking/atomics: Instrument cmpxchg_double*()
UPSTREAM: locking/atomics: Instrument xchg()
UPSTREAM: locking/atomics: Simplify cmpxchg() instrumentation
UPSTREAM: locking/atomics/x86: Reduce arch_cmpxchg64*() instrumentation
UPSTREAM: locking/atomic, asm-generic, x86: Add comments for atomic instrumentation
UPSTREAM: locking/atomic, asm-generic: Add KASAN instrumentation to atomic operations
UPSTREAM: locking/atomic/x86: Switch atomic.h to use atomic-instrumented.h
UPSTREAM: locking/atomic, asm-generic: Add asm-generic/atomic-instrumented.h
BACKPORT: kasan, arm64: clean up KASAN_SHADOW_SCALE_SHIFT usage
UPSTREAM: kasan: clean up KASAN_SHADOW_SCALE_SHIFT usage
UPSTREAM: kasan: fix prototype author email address
UPSTREAM: kasan: detect invalid frees
UPSTREAM: kasan: unify code between kasan_slab_free() and kasan_poison_kfree()
UPSTREAM: kasan: detect invalid frees for large mempool objects
UPSTREAM: kasan: don't use __builtin_return_address(1)
UPSTREAM: kasan: detect invalid frees for large objects
UPSTREAM: kasan: add functions for unpoisoning stack variables
UPSTREAM: kasan: add tests for alloca poisoning
UPSTREAM: kasan: support alloca() poisoning
UPSTREAM: kasan/Makefile: support LLVM style asan parameters
BACKPORT: kasan: add compiler support for clang
BACKPORT: fs: dcache: Revert "manually unpoison dname after allocation to shut up kasan's reports"
UPSTREAM: fs/dcache: Use read_word_at_a_time() in dentry_string_cmp()
UPSTREAM: lib/strscpy: Shut up KASAN false-positives in strscpy()
UPSTREAM: compiler.h: Add read_word_at_a_time() function.
UPSTREAM: compiler.h, kasan: Avoid duplicating __read_once_size_nocheck()
UPSTREAM: arm64/mm/kasan: don't use vmemmap_populate() to initialize shadow
UPSTREAM: Documentation/features/KASAN: mark KASAN as supported only on 64-bit on x86
f2fs: Add option to limit required GC for checkpoint=disable
f2fs: Fix accounting for unusable blocks
f2fs: Fix root reserved on remount
f2fs: Lower threshold for disable_cp_again
f2fs: fix sparse warning
f2fs: fix f2fs_show_options to show nodiscard mount option
f2fs: add error prints for debugging mount failure
f2fs: fix to do sanity check on segment bitmap of LFS curseg
f2fs: add missing sysfs entries in documentation
f2fs: fix to avoid deadloop if data_flush is on
f2fs: always assume that the device is idle under gc_urgent
f2fs: add bio cache for IPU
f2fs: allow ssr block allocation during checkpoint=disable period
f2fs: fix to check layout on last valid checkpoint park
Conflicts:
arch/arm64/configs/cuttlefish_defconfig
arch/arm64/include/asm/memory.h
arch/arm64/include/asm/thread_info.h
arch/x86/configs/x86_64_cuttlefish_defconfig
build.config.common
drivers/dma-buf/dma-buf.c
fs/crypto/Makefile
fs/crypto/bio.c
fs/crypto/fscrypt_private.h
fs/crypto/keyinfo.c
fs/ext4/page-io.c
fs/f2fs/data.c
fs/f2fs/f2fs.h
fs/f2fs/inode.c
fs/f2fs/segment.c
fs/userfaultfd.c
include/linux/dma-buf.h
include/linux/fscrypt.h
include/linux/kasan.h
include/linux/platform_data/ds2482.h
include/uapi/linux/fs.h
kernel/sched/deadline.c
kernel/sched/fair.c
kernel/sched/rt.c
kernel/sched/sched.h
kernel/sched/stop_task.c
kernel/sched/walt.c
kernel/sched/walt.h
lib/test_kasan.c
mm/kasan/common.c
mm/kasan/kasan.h
mm/kasan/report.c
mm/slub.c
mm/vmalloc.c
scripts/Makefile.kasan
Changed below files to fix build errors:
drivers/char/diag/diagchar_core.c
drivers/power/supply/qcom/battery.c
drivers/power/supply/qcom/smb1390-charger-psy.c
drivers/power/supply/qcom/smb1390-charger.c
drivers/power/supply/qcom/step-chg-jeita.c
fs/crypto/fscrypt_ice.c
fs/crypto/fscrypt_private.h
fs/f2fs/inode.c
include/uapi/linux/fscrypt.h
net/qrtr/qrtr.c
gen_headers_arm.bp
gen_headers_arm64.bp
Extra added fixes in fs/f2fs/data.c for FBE:
* Fix FBE regression with
|
||
|
Greg Kroah-Hartman
|
32bc956bc2 |
Merge 4.14.174 into android-4.14
Changes in 4.14.174 phy: Revert toggling reset changes. net: phy: Avoid multiple suspends cgroup, netclassid: periodically release file_lock on classid updating gre: fix uninit-value in __iptunnel_pull_header ipv6/addrconf: call ipv6_mc_up() for non-Ethernet interface ipvlan: add cond_resched_rcu() while processing muticast backlog ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast() netlink: Use netlink header as base to calculate bad attribute offset net: macsec: update SCI upon MAC address change. net: nfc: fix bounds checking bugs on "pipe" net/packet: tpacket_rcv: do not increment ring index on drop r8152: check disconnect status after long sleep sfc: detach from cb_page in efx_copy_channel() bnxt_en: reinitialize IRQs when MTU is modified cgroup: memcg: net: do not associate sock with unrelated cgroup net: memcg: late association of sock to memcg net: memcg: fix lockdep splat in inet_csk_accept() fib: add missing attribute validation for tun_id nl802154: add missing attribute validation nl802154: add missing attribute validation for dev_type can: add missing attribute validation for termination macsec: add missing attribute validation for port net: fq: add missing attribute validation for orphan mask team: add missing attribute validation for port ifindex team: add missing attribute validation for array index nfc: add missing attribute validation for SE API nfc: add missing attribute validation for vendor subcommand net: phy: fix MDIO bus PM PHY resuming bonding/alb: make sure arp header is pulled before accessing it slip: make slhc_compress() more robust against malicious packets net: fec: validate the new settings in fec_enet_set_coalesce() macvlan: add cond_resched() during multicast processing inet_diag: return classid for all socket types ipvlan: do not add hardware address of master to its unicast filter list ipvlan: egress mcast packets are not exceptional ipvlan: don't deref eth hdr before checking it's set cgroup: cgroup_procs_next should increase position index cgroup: Iterate tasks that did not finish do_exit() iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168 devices virtio-blk: fix hw_queue stopped on arbitrary error iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn + add_taint workqueue: don't use wq_select_unbound_cpu() for bound works drm/amd/display: remove duplicated assignment to grph_obj_type ktest: Add timeout for ssh sync testing cifs_atomic_open(): fix double-put on late allocation failure gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache KVM: x86: clear stale x86_emulate_ctxt->intercept value ARC: define __ALIGN_STR and __ALIGN symbols for ARC efi: Fix a race and a buffer overflow while reading efivars via sysfs x86/mce: Fix logic and comments around MSR_PPIN_CTL iommu/dma: Fix MSI reservation allocation iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page pinctrl: meson-gxl: fix GPIOX sdio pins pinctrl: core: Remove extra kref_get which blocks hogs being freed nl80211: add missing attribute validation for critical protocol indication nl80211: add missing attribute validation for beacon report scanning nl80211: add missing attribute validation for channel switch netfilter: cthelper: add missing attribute validation for cthelper netfilter: nft_payload: add missing attribute validation for payload csum flags iommu/vt-d: Fix the wrong printing in RHSA parsing iommu/vt-d: Ignore devices with out-of-spec domain number i2c: acpi: put device when verifying client fails ipv6: restrict IPV6_ADDRFORM operation net/smc: check for valid ib_client_data efi: Add a sanity check to efivar_store_raw() batman-adv: Avoid spurious warnings from bat_v neigh_cmp implementation batman-adv: Always initialize fragment header priority batman-adv: Fix check of retrieved orig_gw in batadv_v_gw_is_eligible batman-adv: Fix lock for ogm cnt access in batadv_iv_ogm_calc_tq batman-adv: Fix internal interface indices types batman-adv: update data pointers after skb_cow() batman-adv: Avoid race in TT TVLV allocator helper batman-adv: Fix TT sync flags for intermediate TT responses batman-adv: prevent TT request storms by not sending inconsistent TT TLVLs batman-adv: Fix debugfs path for renamed hardif batman-adv: Fix debugfs path for renamed softif batman-adv: Fix duplicated OGMs on NETDEV_UP batman-adv: Avoid free/alloc race when handling OGM2 buffer batman-adv: Avoid free/alloc race when handling OGM buffer batman-adv: Don't schedule OGM for disabled interface perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT flag ACPI: watchdog: Allow disabling WDAT at boot HID: apple: Add support for recent firmware on Magic Keyboards HID: i2c-hid: add Trekstor Surfbook E11B to descriptor override cfg80211: check reg_rule for NULL in handle_channel_custom() scsi: libfc: free response frame from GPN_ID net: usb: qmi_wwan: restore mtu min/max values after raw_ip switch net: ks8851-ml: Fix IRQ handling and locking mac80211: rx: avoid RCU list traversal under mutex signal: avoid double atomic counter increments for user accounting slip: not call free_netdev before rtnl_unlock in slip_open hinic: fix a bug of setting hw_ioctxt net: rmnet: fix NULL pointer dereference in rmnet_newlink() jbd2: fix data races at struct journal_head ARM: 8957/1: VDSO: Match ARMv8 timer in cntvct_functional() ARM: 8958/1: rename missed uaccess .fixup section mm: slub: add missing TID bump in kmem_cache_alloc_bulk() ipv4: ensure rcu_read_lock() in cipso_v4_error() Linux 4.14.174 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I8594f155b5b3df71510fdb5dc034c80fb2332c91 |
||
|
Linus Torvalds
|
d8a4a55bdc |
signal: avoid double atomic counter increments for user accounting
[ Upstream commit fda31c50292a5062332fa0343c084bd9f46604d9 ] When queueing a signal, we increment both the users count of pending signals (for RLIMIT_SIGPENDING tracking) and we increment the refcount of the user struct itself (because we keep a reference to the user in the signal structure in order to correctly account for it when freeing). That turns out to be fairly expensive, because both of them are atomic updates, and particularly under extreme signal handling pressure on big machines, you can get a lot of cache contention on the user struct. That can then cause horrid cacheline ping-pong when you do these multiple accesses. So change the reference counting to only pin the user for the _first_ pending signal, and to unpin it when the last pending signal is dequeued. That means that when a user sees a lot of concurrent signal queuing - which is the only situation when this matters - the only atomic access needed is generally the 'sigpending' count update. This was noticed because of a particularly odd timing artifact on a dual-socket 96C/192T Cascade Lake platform: when you get into bad contention, on that machine for some reason seems to be much worse when the contention happens in the upper 32-byte half of the cacheline. As a result, the kernel test robot will-it-scale 'signal1' benchmark had an odd performance regression simply due to random alignment of the 'struct user_struct' (and pointed to a completely unrelated and apparently nonsensical commit for the regression). Avoiding the double increments (and decrements on the dequeueing side, of course) makes for much less contention and hugely improved performance on that will-it-scale microbenchmark. Quoting Feng Tang: "It makes a big difference, that the performance score is tripled! bump from original 17000 to 54000. Also the gap between 5.0-rc6 and 5.0-rc6+Jiri's patch is reduced to around 2%" [ The "2% gap" is the odd cacheline placement difference on that platform: under the extreme contention case, the effect of which half of the cacheline was hot was 5%, so with the reduced contention the odd timing artifact is reduced too ] It does help in the non-contended case too, but is not nearly as noticeable. Reported-and-tested-by: Feng Tang <feng.tang@intel.com> Cc: Eric W. Biederman <ebiederm@xmission.com> Cc: Huang, Ying <ying.huang@intel.com> Cc: Philip Li <philip.li@intel.com> Cc: Andi Kleen <andi.kleen@intel.com> Cc: Jiri Olsa <jolsa@redhat.com> Cc: Peter Zijlstra <peterz@infradead.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Blagovest Kolenichev
|
334e3e97bd |
Merge android-4.14-q.155 (13f83e6) into msm-4.14
* refs/heads/tmp-13f83e6: Linux 4.14.155 slcan: Fix memory leak in error path memfd: Use radix_tree_deref_slot_protected to avoid the warning. net: phy: mdio-bcm-unimac: mark PM functions as __maybe_unused IB/iser: Fix possible NULL deref at iser_inv_desc() fuse: use READ_ONCE on congestion_threshold and max_background usb: xhci-mtk: fix ISOC error when interval is zero netfilter: masquerade: don't flush all conntracks if only one address deleted on device rtc: armada38x: fix possible race condition ARM: dts: lpc32xx: Fix SPI controller node names arm64: dts: lg: Fix SPI controller node names arm64: dts: amd: Fix SPI bus warnings scsi: NCR5380: Check for bus reset scsi: NCR5380: Handle BUS FREE during reselection scsi: NCR5380: Don't call dsprintk() following reselection interrupt scsi: NCR5380: Don't clear busy flag when abort fails scsi: NCR5380: Check for invalid reselection target scsi: NCR5380: Use DRIVER_SENSE to indicate valid sense data scsi: NCR5380: Withhold disconnect privilege for REQUEST SENSE scsi: NCR5380: Have NCR5380_select() return a bool scsi: NCR5380: Clear all unissued commands on host reset iwlwifi: mvm: Allow TKIP for AP mode iwlwifi: api: annotate compressed BA notif array sizes iwlwifi: dbg: don't crash if the firmware crashes in the middle of a debug dump crypto: fix a memory leak in rsa-kcs1pad's encryption mode crypto: s5p-sss: Fix Fix argument list alignment x86/hyperv: Suppress "PCI: Fatal: No config space access function found" Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS Bluetooth: hci_serdev: clear HCI_UART_PROTO_READY to avoid closing proto races firmware: dell_rbu: Make payload memory uncachable ARM: dts: realview: Fix SPI controller node names EDAC: Raise the maximum number of memory controllers f2fs: mark inode dirty explicitly in recover_inode() f2fs: fix to recover inode's project id during POR net: faraday: fix return type of ndo_start_xmit function net: smsc: fix return type of ndo_start_xmit function ARM: dts: paz00: fix wakeup gpio keycode ARM: tegra: apalis_t30: fix mmc1 cmd pull-up ARM: dts: tegra30: fix xcvr-setup-use-fuses phy: lantiq: Fix compile warning scsi: libsas: always unregister the old device if going to discover new vfio/pci: Mask buggy SR-IOV VF INTx support vfio/pci: Fix potential memory leak in vfio_msi_cap_len misc: genwqe: should return proper error value. misc: kgdbts: Fix restrict error coresight: tmc: Fix byte-address alignment for RRP coresight: etm4x: Configure EL2 exception level when kernel is running in HYP coresight: perf: Disable trace path upon source error coresight: perf: Fix per cpu path management coresight: Fix handling of sinks usb: gadget: uvc: Only halt video streaming endpoint in bulk mode usb: gadget: uvc: Factor out video USB request queueing phy: phy-twl4030-usb: fix denied runtime access phy: renesas: rcar-gen3-usb2: fix vbus_ctrl for role sysfs phy: brcm-sata: allow PHY_BRCM_SATA driver to be built for DSL SoCs i2c: aspeed: fix invalid clock parameters for very large divisors usb: gadget: uvc: configfs: Prevent format changes after linking header usb: gadget: uvc: configfs: Drop leaked references to config items ARM: dts: rockchip: explicitly set vcc_sd0 pin to gpio on rk3188-radxarock media: davinci: Fix implicit enum conversion warning media: au0828: Fix incorrect error messages media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init() arm64: dts: rockchip: Fix microSD in rk3399 sapphire board MIPS: kexec: Relax memory restriction x86/CPU: Change query logic so CPUID is enabled before testing x86/CPU: Use correct macros for Cyrix calls net: freescale: fix return type of ndo_start_xmit function net: micrel: fix return type of ndo_start_xmit function net: phy: mdio-bcm-unimac: Allow configuring MDIO clock divider samples/bpf: fix compilation failure bnx2x: Ignore bandwidth attention in single function mode ARM: dts: clearfog: fix sdhci supply property name x86/mce-inject: Reset injection struct after injection ARM: dts: marvell: Fix SPI and I2C bus warnings crypto: arm/crc32 - avoid warning when compiling with Clang cpufeature: avoid warning when compiling with clang spi: pic32: Use proper enum in dmaengine_prep_slave_rg ARM: dts: ste: Fix SPI controller node names ARM: dts: ux500: Fix LCDA clock line muxing ARM: dts: ux500: Correct SCU unit address f2fs: fix to recover inode's uid/gid during POR ARM: dts: am335x-evm: fix number of cpsw mlxsw: spectrum: Init shaper for TCs 8..15 usb: chipidea: Fix otg event handler usb: chipidea: imx: enable OTG overcurrent in case USB subsystem is already started nfp: provide a better warning when ring allocation fails net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg() net: hns3: Fix for setting speed for phy failed problem net: sun: fix return type of ndo_start_xmit function net: amd: fix return type of ndo_start_xmit function net: broadcom: fix return type of ndo_start_xmit function net: xilinx: fix return type of ndo_start_xmit function net: toshiba: fix return type of ndo_start_xmit function power: supply: twl4030_charger: disable eoc interrupt on linear charge power: supply: twl4030_charger: fix charging current out-of-bounds libfdt: Ensure INT_MAX is defined in libfdt_env.h OPP: Protect dev_list with opp_table lock RDMA/i40iw: Fix incorrect iterator type powerpc: Fix duplicate const clang warning in user access code powerpc/pseries: Disable CPU hotplug across migrations powerpc/64s/hash: Fix stab_rr off by one initialization powerpc/iommu: Avoid derefence before pointer check net: hns3: fix return type of ndo_start_xmit function ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address spi: mediatek: Don't modify spi_transfer when transfer. samples/bpf: fix a compilation failure serial: mxs-auart: Fix potential infinite loop serial: samsung: Enable baud clock for UART reset procedure in resume serial: uartps: Fix suspend functionality PCI/ACPI: Correct error message for ASPM disabling s390/qeth: invoke softirqs after napi_schedule() ath9k: Fix a locking bug in ath9k_add_interface() ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask ARM: dts: rockchip: Fix erroneous SPI bus dtc warnings on rk3036 ip_gre: fix parsing gre header in ipgre_err kernfs: Fix range checks in kernfs_get_target_path component: fix loop condition to call unbind() if bind() fails power: supply: max8998-charger: Fix platform data retrieval power: reset: at91-poweroff: do not procede if at91_shdwc is allocated power: supply: ab8500_fg: silence uninitialized variable warnings arm64: dts: meson: Fix erroneous SPI bus warnings blok, bfq: do not plug I/O if all queues are weight-raised cxgb4: Fix endianness issue in t4_fwcache() pinctrl: at91: don't use the same irqchip with multiple gpiochips ARM: dts: socfpga: Fix I2C bus unit-address error powerpc/vdso: Correct call frame information soc: qcom: wcnss_ctrl: Avoid string overflow ARM: dts: qcom: ipq4019: fix cpu0's qcom,saw2 reg value llc: avoid blocking in llc_sap_close() pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map() ALSA: intel8x0m: Register irq handler after register initializations arm64: dts: meson: libretech: update board model media: dvb: fix compat ioctl translation media: fix: media: pci: meye: validate offset to avoid arbitrary access media: dt-bindings: adv748x: Fix decimal unit addresses nvmem: core: return error code instead of NULL from nvmem_device_get Drivers: hv: vmbus: Fix synic per-cpu context initialization kprobes: Don't call BUG_ON() if there is a kprobe in use on free list scsi: pm80xx: Fixed system hang issue during kexec boot scsi: pm80xx: Corrected dma_unmap_sg() parameter ARM: imx6: register pm_power_off handler if "fsl,pmic-stby-poweroff" is set scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir() scsi: lpfc: Fix errors in log messages. scsi: qla2xxx: Fix dropped srb resource. scsi: qla2xxx: Defer chip reset until target mode is enabled scsi: qla2xxx: Fix iIDMA error f2fs: fix memory leak of percpu counter in fill_super() signal: Properly deliver SIGSEGV from x86 uprobes signal: Properly deliver SIGILL from uprobes signal: Always ignore SIGKILL and SIGSTOP sent to the global init IB/hfi1: Missing return value in error path for user sdma ath9k: add back support for using active monitor interfaces for tx99 rtc: pl030: fix possible race condition rtc: mt6397: fix possible race condition EDAC, sb_edac: Return early on ADDRV bit and address type test dmaengine: dma-jz4780: Further residue status fix dmaengine: dma-jz4780: Don't depend on MACH_JZ4780 arm64: dts: rockchip: Fix VCC5V0_HOST_EN on rk3399-sapphire sched/debug: Use symbolic names for task state constants ARM: dts: omap3-gta04: keep vpll2 always on ARM: dts: omap3-gta04: make NAND partitions compatible with recent U-Boot ARM: dts: omap3-gta04: fix touchscreen tsc2007 ARM: dts: omap3-gta04: tvout: enable as display1 alias ARM: dts: omap3-gta04: fixes for tvout / venc ARM: dts: omap3-gta04: give spi_lcd node a label so that we can overwrite in other DTS files of: make PowerMac cache node search conditional on CONFIG_PPC_PMAC ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation mips: txx9: fix iounmap related issue RDMA/core: Follow correct unregister order between sysfs and cgroup RDMA/core: Rate limit MAD error messages IB/ipoib: Ensure that MTU isn't less than minimum permitted ath10k: wmi: disable softirq's while calling ieee80211_rx ARM: dts: exynos: Disable pull control for S5M8767 PMIC ASoC: sgtl5000: avoid division by zero if lo_vag is zero net: lan78xx: Bail out if lan78xx_get_endpoints fails ARM: dts: meson8b: fix the clock controller register size ARM: dts: meson8: fix the clock controller register size net: phy: mscc: read 'vsc8531, edge-slowdown' as an u32 net: phy: mscc: read 'vsc8531,vddmac' as an u32 ASoC: rsnd: ssi: Fix issue in dma data address assignment soc: imx: gpc: fix PDN delay rtl8187: Fix warning generated when strncpy() destination length matches the sixe argument ARM: dts: pxa: fix power i2c base address ARM: dts: pxa: fix the rtc controller iwlwifi: mvm: avoid sending too many BARs iwlwifi: don't WARN on trying to dump dead firmware IB/rxe: fixes for rdma read retry i40e: Prevent deleting MAC address from VF when set by PF i40e: hold the rtnl lock on clearing interrupt scheme i40e: use correct length for strncpy ARM: dts: exynos: Fix regulators configuration on Peach Pi/Pit Chromebooks liquidio: fix race condition in instruction completion processing ARM: dts: exynos: Fix sound in Snow-rev5 Chromebook MIPS: BCM47XX: Enable USB power on Netgear WNDR3400v3 pinctrl: ingenic: Probe driver at subsys_initcall ASoC: dpcm: Properly initialise hw->rate_max gfs2: Don't set GFS2_RDF_UPTODATE when the lvb is updated ath10k: limit available channels via DT ieee80211-freq-limit ath9k: fix tx99 with monitor mode interface ALSA: seq: Do error checks at creating system ports cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set extcon: cht-wc: Return from default case to avoid warnings remoteproc/davinci: Use %zx for formating size_t rtc: rv8803: fix the rv8803 id in the OF table ARM: dts: at91/trivial: Fix USART1 definition for at91sam9g45 arm64: dts: tegra210-p2180: Correct sdmmc4 vqmmc-supply ALSA: pcm: signedness bug in snd_pcm_plug_alloc() arm64: dts: allwinner: a64: NanoPi-A64: Fix DCDC1 voltage arm64: dts: allwinner: a64: Olinuxino: fix DRAM voltage iio: dac: mcp4922: fix error handling in mcp4922_write_raw ath10k: fix kernel panic by moving pci flush after napi_disable tee: optee: take DT status property into account iio: adc: max9611: explicitly cast gain_selectors mmc: sdhci-of-at91: fix quirk2 overwrite mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup() mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm() iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable i2c: acpi: Force bus speed to 400KHz if a Silead touchscreen is present IB/hfi1: Ensure full Gen3 speed in a Gen4 system Input: synaptics-rmi4 - destroy F54 poller workqueue when removing Input: synaptics-rmi4 - clear IRQ enables for F54 Input: synaptics-rmi4 - do not consume more data than we have (F11, F12) Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver Input: synaptics-rmi4 - fix video buffer size Input: ff-memless - kill timer in destroy() ALSA: usb-audio: not submit urb for stopped endpoint ALSA: usb-audio: Fix missing error check at mixer resolution test slip: Fix memory leak in slip_open error path net: usb: qmi_wwan: add support for Foxconn T77W968 LTE modules ax88172a: fix information leak on short answers powerpc/perf: Fix kfree memory allocated for nest pmus powerpc/perf: Fix IMC_MAX_PMU macro Revert "Input: synaptics-rmi4 - avoid processing unknown IRQs" scsi: core: Handle drivers which set sg_tablesize to zero MIPS: BCM63XX: fix switch core reset on BCM6368 KVM: x86: introduce is_pae_paging kvm: mmu: Don't read PDPTEs when paging is not enabled Conflicts: drivers/hwtracing/coresight/coresight-etm-perf.c drivers/hwtracing/coresight/coresight.c include/linux/libfdt_env.h Change-Id: I2ad0095d3092619013579ee7e7201900faf008da Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
509b38045c |
Merge 4.14.168 into android-4.14
Changes in 4.14.168
xfs: Sanity check flags of Q_XQUOTARM call
mfd: intel-lpss: Add default I2C device properties for Gemini Lake
powerpc/archrandom: fix arch_get_random_seed_int()
tipc: fix wrong timeout input for tipc_wait_for_cond()
mt7601u: fix bbp version check in mt7601u_wait_bbp_ready
crypto: sun4i-ss - fix big endian issues
drm/sti: do not remove the drm_bridge that was never added
drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset()
ALSA: hda: fix unused variable warning
apparmor: don't try to replace stale label in ptrace access check
PCI: iproc: Remove PAXC slot check to allow VF support
drm/hisilicon: hibmc: Don't overwrite fb helper surface depth
IB/rxe: replace kvfree with vfree
IB/hfi1: Add mtu check for operational data VLs
ALSA: usb-audio: update quirk for B&W PX to remove microphone
staging: comedi: ni_mio_common: protect register write overflow
pwm: lpss: Release runtime-pm reference from the driver's remove callback
drm/sun4i: hdmi: Fix double flag assignation
mlxsw: reg: QEEC: Add minimum shaper fields
NTB: ntb_hw_idt: replace IS_ERR_OR_NULL with regular NULL checks
pcrypt: use format specifier in kobject_add
exportfs: fix 'passing zero to ERR_PTR()' warning
drm/dp_mst: Skip validating ports during destruction, just ref
net: phy: Fix not to call phy_resume() if PHY is not attached
IB/rxe: Fix incorrect cache cleanup in error flow
staging: bcm2835-camera: Abort probe if there is no camera
switchtec: Remove immediate status check after submitting MRPC command
pinctrl: sh-pfc: r8a7740: Add missing REF125CK pin to gether_gmii group
pinctrl: sh-pfc: r8a7740: Add missing LCD0 marks to lcd0_data24_1 group
pinctrl: sh-pfc: r8a7791: Remove bogus ctrl marks from qspi_data4_b group
pinctrl: sh-pfc: r8a7791: Remove bogus marks from vin1_b_data18 group
pinctrl: sh-pfc: sh73a0: Add missing TO pin to tpu4_to3 group
pinctrl: sh-pfc: r8a7794: Remove bogus IPSR9 field
pinctrl: sh-pfc: sh7734: Add missing IPSR11 field
pinctrl: sh-pfc: r8a77995: Remove bogus SEL_PWM[0-3]_3 configurations
pinctrl: sh-pfc: sh7269: Add missing PCIOR0 field
pinctrl: sh-pfc: sh7734: Remove bogus IPSR10 value
vxlan: changelink: Fix handling of default remotes
Input: nomadik-ske-keypad - fix a loop timeout test
clk: highbank: fix refcount leak in hb_clk_init()
clk: qoriq: fix refcount leak in clockgen_init()
clk: socfpga: fix refcount leak
clk: samsung: exynos4: fix refcount leak in exynos4_get_xom()
clk: imx6q: fix refcount leak in imx6q_clocks_init()
clk: imx6sx: fix refcount leak in imx6sx_clocks_init()
clk: imx7d: fix refcount leak in imx7d_clocks_init()
clk: vf610: fix refcount leak in vf610_clocks_init()
clk: armada-370: fix refcount leak in a370_clk_init()
clk: kirkwood: fix refcount leak in kirkwood_clk_init()
clk: armada-xp: fix refcount leak in axp_clk_init()
clk: mv98dx3236: fix refcount leak in mv98dx3236_clk_init()
clk: dove: fix refcount leak in dove_clk_init()
MIPS: BCM63XX: drop unused and broken DSP platform device
IB/usnic: Fix out of bounds index check in query pkey
RDMA/ocrdma: Fix out of bounds index check in query pkey
RDMA/qedr: Fix out of bounds index check in query pkey
drm/shmob: Fix return value check in shmob_drm_probe
arm64: dts: apq8016-sbc: Increase load on l11 for SDCARD
spi: cadence: Correct initialisation of runtime PM
RDMA/iw_cxgb4: Fix the unchecked ep dereference
drm/etnaviv: NULL vs IS_ERR() buf in etnaviv_core_dump()
media: s5p-jpeg: Correct step and max values for V4L2_CID_JPEG_RESTART_INTERVAL
kbuild: mark prepare0 as PHONY to fix external module build
crypto: brcm - Fix some set-but-not-used warning
crypto: tgr192 - fix unaligned memory access
ASoC: imx-sgtl5000: put of nodes if finding codec fails
IB/iser: Pass the correct number of entries for dma mapped SGL
rtc: cmos: ignore bogus century byte
spi/topcliff_pch: Fix potential NULL dereference on allocation error
clk: sunxi-ng: sun8i-a23: Enable PLL-MIPI LDOs when ungating it
iwlwifi: mvm: avoid possible access out of array.
net/mlx5: Take lock with IRQs disabled to avoid deadlock
iwlwifi: mvm: fix A-MPDU reference assignment
tty: ipwireless: Fix potential NULL pointer dereference
driver: uio: fix possible memory leak in __uio_register_device
driver: uio: fix possible use-after-free in __uio_register_device
crypto: crypto4xx - Fix wrong ppc4xx_trng_probe()/ppc4xx_trng_remove() arguments
driver core: Do not resume suppliers under device_links_write_lock()
ARM: dts: lpc32xx: add required clocks property to keypad device node
ARM: dts: lpc32xx: reparent keypad controller to SIC1
ARM: dts: lpc32xx: fix ARM PrimeCell LCD controller variant
ARM: dts: lpc32xx: fix ARM PrimeCell LCD controller clocks property
ARM: dts: lpc32xx: phy3250: fix SD card regulator voltage
iwlwifi: mvm: fix RSS config command
staging: most: cdev: add missing check for cdev_add failure
rtc: ds1672: fix unintended sign extension
thermal: mediatek: fix register index error
net: phy: fixed_phy: Fix fixed_phy not checking GPIO
rtc: ds1307: rx8130: Fix alarm handling
rtc: 88pm860x: fix unintended sign extension
rtc: 88pm80x: fix unintended sign extension
rtc: pm8xxx: fix unintended sign extension
fbdev: chipsfb: remove set but not used variable 'size'
iw_cxgb4: use tos when importing the endpoint
iw_cxgb4: use tos when finding ipv6 routes
drm/etnaviv: potential NULL dereference
pinctrl: sh-pfc: emev2: Add missing pinmux functions
pinctrl: sh-pfc: r8a7791: Fix scifb2_data_c pin group
pinctrl: sh-pfc: r8a7792: Fix vin1_data18_b pin group
pinctrl: sh-pfc: sh73a0: Fix fsic_spdif pin groups
PCI: endpoint: functions: Use memcpy_fromio()/memcpy_toio()
usb: phy: twl6030-usb: fix possible use-after-free on remove
block: don't use bio->bi_vcnt to figure out segment number
keys: Timestamp new keys
vfio_pci: Enable memory accesses before calling pci_map_rom
hwmon: (pmbus/tps53679) Fix driver info initialization in probe routine
KVM: PPC: Release all hardware TCE tables attached to a group
staging: r8822be: check kzalloc return or bail
dmaengine: mv_xor: Use correct device for DMA API
cdc-wdm: pass return value of recover_from_urb_loss
regulator: pv88060: Fix array out-of-bounds access
regulator: pv88080: Fix array out-of-bounds access
regulator: pv88090: Fix array out-of-bounds access
net: dsa: qca8k: Enable delay for RGMII_ID mode
drm/nouveau/bios/ramcfg: fix missing parentheses when calculating RON
drm/nouveau/pmu: don't print reply values if exec is false
ASoC: qcom: Fix of-node refcount unbalance in apq8016_sbc_parse_of()
fs/nfs: Fix nfs_parse_devname to not modify it's argument
staging: rtlwifi: Use proper enum for return in halmac_parse_psd_data_88xx
powerpc/64s: Fix logic when handling unknown CPU features
NFS: Fix a soft lockup in the delegation recovery code
clocksource/drivers/sun5i: Fail gracefully when clock rate is unavailable
clocksource/drivers/exynos_mct: Fix error path in timer resources initialization
platform/x86: wmi: fix potential null pointer dereference
NFS/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount
mmc: sdhci-brcmstb: handle mmc_of_parse() errors during probe
ARM: 8847/1: pm: fix HYP/SVC mode mismatch when MCPM is used
ARM: 8848/1: virt: Align GIC version check with arm64 counterpart
regulator: wm831x-dcdc: Fix list of wm831x_dcdc_ilim from mA to uA
netfilter: nft_set_hash: fix lookups with fixed size hash on big endian
NFSv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE()
net: aquantia: fixed instack structure overflow
powerpc/mm: Check secondary hash page table
nios2: ksyms: Add missing symbol exports
x86/mm: Remove unused variable 'cpu'
scsi: megaraid_sas: reduce module load time
drivers/rapidio/rio_cm.c: fix potential oops in riocm_ch_listen()
xen, cpu_hotplug: Prevent an out of bounds access
net: sh_eth: fix a missing check of of_get_phy_mode
regulator: lp87565: Fix missing register for LP87565_BUCK_0
media: ivtv: update *pos correctly in ivtv_read_pos()
media: cx18: update *pos correctly in cx18_read_pos()
media: wl128x: Fix an error code in fm_download_firmware()
media: cx23885: check allocation return
regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB
jfs: fix bogus variable self-initialization
tipc: tipc clang warning
m68k: mac: Fix VIA timer counter accesses
arm64: dts: allwinner: a64: Add missing PIO clocks
ARM: OMAP2+: Fix potentially uninitialized return value for _setup_reset()
media: davinci-isif: avoid uninitialized variable use
media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame
spi: tegra114: clear packed bit for unpacked mode
spi: tegra114: fix for unpacked mode transfers
spi: tegra114: terminate dma and reset on transfer timeout
spi: tegra114: flush fifos
spi: tegra114: configure dma burst size to fifo trig level
soc/fsl/qe: Fix an error code in qe_pin_request()
spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios
ehea: Fix a copy-paste err in ehea_init_port_res
scsi: qla2xxx: Unregister chrdev if module initialization fails
scsi: target/core: Fix a race condition in the LUN lookup code
ARM: pxa: ssp: Fix "WARNING: invalid free of devm_ allocated data"
net: hns3: fix for vport->bw_limit overflow problem
hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses
platform/x86: alienware-wmi: fix kfree on potentially uninitialized pointer
tipc: set sysctl_tipc_rmem and named_timeout right range
selftests/ipc: Fix msgque compiler warnings
powerpc: vdso: Make vdso32 installation conditional in vdso_install
ARM: dts: ls1021: Fix SGMII PCS link remaining down after PHY disconnect
media: ov2659: fix unbalanced mutex_lock/unlock
6lowpan: Off by one handling ->nexthdr
dmaengine: axi-dmac: Don't check the number of frames for alignment
ALSA: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk()
NFS: Don't interrupt file writeout due to fatal errors
irqchip/gic-v3-its: fix some definitions of inner cacheability attributes
scsi: qla2xxx: Fix a format specifier
scsi: qla2xxx: Avoid that qlt_send_resp_ctio() corrupts memory
packet: in recvmsg msg_name return at least sizeof sockaddr_ll
ASoC: fix valid stream condition
usb: gadget: fsl: fix link error against usb-gadget module
dwc2: gadget: Fix completed transfer size calculation in DDMA
IB/mlx5: Add missing XRC options to QP optional params mask
iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU
net: ena: fix swapped parameters when calling ena_com_indirect_table_fill_entry
net: ena: fix: Free napi resources when ena_up() fails
net: ena: fix incorrect test of supported hash function
net: ena: fix ena_com_fill_hash_function() implementation
dmaengine: tegra210-adma: restore channel status
mmc: core: fix possible use after free of host
lightnvm: pblk: fix lock order in pblk_rb_tear_down_check
afs: Fix the afs.cell and afs.volume xattr handlers
vfio/mdev: Avoid release parent reference during error path
vfio/mdev: Fix aborting mdev child device removal if one fails
l2tp: Fix possible NULL pointer dereference
media: omap_vout: potential buffer overflow in vidioc_dqbuf()
media: davinci/vpbe: array underflow in vpbe_enum_outputs()
platform/x86: alienware-wmi: printing the wrong error code
crypto: caam - fix caam_dump_sg that iterates through scatterlist
netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule
pwm: meson: Consider 128 a valid pre-divider
pwm: meson: Don't disable PWM when setting duty repeatedly
ARM: riscpc: fix lack of keyboard interrupts after irq conversion
kdb: do a sanity check on the cpu in kdb_per_cpu()
backlight: lm3630a: Return 0 on success in update_status functions
thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power
EDAC/mc: Fix edac_mc_find() in case no device is found
ARM: dts: sun8i-h3: Fix wifi in Beelink X2 DT
dmaengine: tegra210-adma: Fix crash during probe
arm64: dts: meson: libretech-cc: set eMMC as removable
RDMA/qedr: Fix incorrect device rate.
spi: spi-fsl-spi: call spi_finalize_current_message() at the end
crypto: ccp - fix AES CFB error exposed by new test vectors
crypto: ccp - Fix 3DES complaint from ccp-crypto module
serial: stm32: fix rx error handling
serial: stm32: fix transmit_chars when tx is stopped
serial: stm32: Add support of TC bit status check
serial: stm32: fix wakeup source initialization
misc: sgi-xp: Properly initialize buf in xpc_get_rsvd_page_pa
iommu: Use right function to get group for device
signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of force_sig
inet: frags: call inet_frags_fini() after unregister_pernet_subsys()
netvsc: unshare skb in VF rx handler
cpufreq: brcmstb-avs-cpufreq: Fix initial command check
cpufreq: brcmstb-avs-cpufreq: Fix types for voltage/frequency
media: vivid: fix incorrect assignment operation when setting video mode
mpls: fix warning with multi-label encap
iommu/vt-d: Duplicate iommu_resv_region objects per device list
qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state
powerpc/cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild
powerpc/pseries/mobility: rebuild cacheinfo hierarchy post-migration
drm/msm/mdp5: Fix mdp5_cfg_init error return
net: netem: fix backlog accounting for corrupted GSO frames
net/af_iucv: always register net_device notifier
ASoC: ti: davinci-mcasp: Fix slot mask settings when using multiple AXRs
rtc: pcf8563: Fix interrupt trigger method
rtc: pcf8563: Clear event flags and disable interrupts before requesting irq
drm/msm/a3xx: remove TPL1 regs from snapshot
perf/ioctl: Add check for the sample_period value
dmaengine: hsu: Revert "set HSU_CH_MTSR to memory width"
clk: qcom: Fix -Wunused-const-variable
nvmem: imx-ocotp: Ensure WAIT bits are preserved when setting timing
bnxt_en: Fix ethtool selftest crash under error conditions.
iommu/amd: Make iommu_disable safer
mfd: intel-lpss: Release IDA resources
rxrpc: Fix uninitialized error code in rxrpc_send_data_packet()
devres: allow const resource arguments
RDMA/hns: Fixs hw access invalid dma memory error
net: pasemi: fix an use-after-free in pasemi_mac_phy_init()
scsi: libfc: fix null pointer dereference on a null lport
clk: sunxi-ng: v3s: add the missing PLL_DDR1
PM: sleep: Fix possible overflow in pm_system_cancel_wakeup()
libertas_tf: Use correct channel range in lbtf_geo_init
qed: reduce maximum stack frame size
usb: host: xhci-hub: fix extra endianness conversion
mic: avoid statically declaring a 'struct device'.
x86/kgbd: Use NMI_VECTOR not APIC_DM_NMI
crypto: ccp - Reduce maximum stack usage
ALSA: aoa: onyx: always initialize register read value
tipc: reduce risk of wakeup queue starvation
ARM: dts: stm32: add missing vdda-supply to adc on stm32h743i-eval
net/mlx5: Fix mlx5_ifc_query_lag_out_bits
cifs: fix rmmod regression in cifs.ko caused by force_sig changes
crypto: caam - free resources in case caam_rng registration failed
ext4: set error return correctly when ext4_htree_store_dirent fails
ASoC: es8328: Fix copy-paste error in es8328_right_line_controls
ASoC: cs4349: Use PM ops 'cs4349_runtime_pm'
ASoC: wm8737: Fix copy-paste error in wm8737_snd_controls
net/rds: Add a few missing rds_stat_names entries
bnxt_en: Fix handling FRAG_ERR when NVM_INSTALL_UPDATE cmd fails
signal: Allow cifs and drbd to receive their terminating signals
ASoC: sun4i-i2s: RX and TX counter registers are swapped
dmaengine: dw: platform: Switch to acpi_dma_controller_register()
mac80211: minstrel_ht: fix per-group max throughput rate initialization
media: atmel: atmel-isi: fix timeout value for stop streaming
rtc: pcf2127: bugfix: read rtc disables watchdog
mips: avoid explicit UB in assignment of mips_io_port_base
iommu/mediatek: Fix iova_to_phys PA start for 4GB mode
ahci: Do not export local variable ahci_em_messages
Partially revert "kfifo: fix kfifo_alloc() and kfifo_init()"
hwmon: (lm75) Fix write operations for negative temperatures
power: supply: Init device wakeup after device_add()
x86, perf: Fix the dependency of the x86 insn decoder selftest
staging: greybus: light: fix a couple double frees
irqdomain: Add the missing assignment of domain->fwnode for named fwnode
bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA
iio: dac: ad5380: fix incorrect assignment to val
ath9k: dynack: fix possible deadlock in ath_dynack_node_{de}init
tty: serial: fsl_lpuart: Use appropriate lpuart32_* I/O funcs
net: sonic: return NETDEV_TX_OK if failed to map buffer
scsi: fnic: fix msix interrupt allocation
Btrfs: fix hang when loading existing inode cache off disk
Btrfs: fix inode cache waiters hanging on failure to start caching thread
Btrfs: fix inode cache waiters hanging on path allocation failure
btrfs: use correct count in btrfs_file_write_iter()
ixgbe: sync the first fragment unconditionally
hwmon: (shtc1) fix shtc1 and shtw1 id mask
net: sonic: replace dev_kfree_skb in sonic_send_packet
pinctrl: iproc-gpio: Fix incorrect pinconf configurations
ath10k: adjust skb length in ath10k_sdio_mbox_rx_packet
RDMA/cma: Fix false error message
net/rds: Fix 'ib_evt_handler_call' element in 'rds_ib_stat_names'
iommu/amd: Wait for completion of IOTLB flush in attach_device
net: aquantia: Fix aq_vec_isr_legacy() return value
net: hisilicon: Fix signedness bug in hix5hd2_dev_probe()
net: broadcom/bcmsysport: Fix signedness in bcm_sysport_probe()
net: stmmac: dwmac-meson8b: Fix signedness bug in probe
net: axienet: fix a signedness bug in probe
of: mdio: Fix a signedness bug in of_phy_get_and_connect()
net: ethernet: stmmac: Fix signedness bug in ipq806x_gmac_of_parse()
nvme: retain split access workaround for capability reads
net: stmmac: gmac4+: Not all Unicast addresses may be available
mac80211: accept deauth frames in IBSS mode
llc: fix another potential sk_buff leak in llc_ui_sendmsg()
llc: fix sk_buff refcounting in llc_conn_state_process()
net: stmmac: fix length of PTP clock's name string
act_mirred: Fix mirred_init_module error handling
net: avoid possible false sharing in sk_leave_memory_pressure()
net: add {READ|WRITE}_ONCE() annotations on ->rskq_accept_head
tcp: annotate lockless access to tcp_memory_pressure
drm/msm/dsi: Implement reset correctly
dmaengine: imx-sdma: fix size check for sdma script_number
net: netem: fix error path for corrupted GSO frames
net: netem: correct the parent's backlog when corrupted packet was dropped
net: qca_spi: Move reset_count to struct qcaspi
afs: Fix large file support
MIPS: Loongson: Fix return value of loongson_hwmon_init
hv_netvsc: flag software created hash value
net: neigh: use long type to store jiffies delta
packet: fix data-race in fanout_flow_is_huge()
mmc: sdio: fix wl1251 vendor id
mmc: core: fix wl1251 sdio quirks
affs: fix a memory leak in affs_remount
dmaengine: ti: edma: fix missed failure handling
drm/radeon: fix bad DMA from INTERRUPT_CNTL2
arm64: dts: juno: Fix UART frequency
IB/iser: Fix dma_nents type definition
serial: stm32: fix clearing interrupt error flags
m68k: Call timer_interrupt() with interrupts disabled
Linux 4.14.168
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I3eeaa348e8e99998356d27c99d06dcb38e48e7d5
|
||
|
Eric W. Biederman
|
cde0dc52e7 |
signal: Allow cifs and drbd to receive their terminating signals
[ Upstream commit 33da8e7c814f77310250bb54a9db36a44c5de784 ] My recent to change to only use force_sig for a synchronous events wound up breaking signal reception cifs and drbd. I had overlooked the fact that by default kthreads start out with all signals set to SIG_IGN. So a change I thought was safe turned out to have made it impossible for those kernel thread to catch their signals. Reverting the work on force_sig is a bad idea because what the code was doing was very much a misuse of force_sig. As the way force_sig ultimately allowed the signal to happen was to change the signal handler to SIG_DFL. Which after the first signal will allow userspace to send signals to these kernel threads. At least for wake_ack_receiver in drbd that does not appear actively wrong. So correct this problem by adding allow_kernel_signal that will allow signals whose siginfo reports they were sent by the kernel through, but will not allow userspace generated signals, and update cifs and drbd to call allow_kernel_signal in an appropriate place so that their thread can receive this signal. Fixing things this way ensures that userspace won't be able to send signals and cause problems, that it is clear which signals the threads are expecting to receive, and it guarantees that nothing else in the system will be affected. This change was partly inspired by similar cifs and drbd patches that added allow_signal. Reported-by: ronnie sahlberg <ronniesahlberg@gmail.com> Reported-by: Christoph Böhmwalder <christoph.boehmwalder@linbit.com> Tested-by: Christoph Böhmwalder <christoph.boehmwalder@linbit.com> Cc: Steve French <smfrench@gmail.com> Cc: Philipp Reisner <philipp.reisner@linbit.com> Cc: David Laight <David.Laight@ACULAB.COM> Fixes: 247bc9470b1e ("cifs: fix rmmod regression in cifs.ko caused by force_sig changes") Fixes: 72abe3bcf091 ("signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of force_sig") Fixes: fee109901f39 ("signal/drbd: Use send_sig not force_sig") Fixes: 3cf5d076fb4d ("signal: Remove task parameter from force_sig") Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
7bc77fd339 |
Merge 4.14.155 into android-4.14
Changes in 4.14.155 kvm: mmu: Don't read PDPTEs when paging is not enabled KVM: x86: introduce is_pae_paging MIPS: BCM63XX: fix switch core reset on BCM6368 scsi: core: Handle drivers which set sg_tablesize to zero Revert "Input: synaptics-rmi4 - avoid processing unknown IRQs" powerpc/perf: Fix IMC_MAX_PMU macro powerpc/perf: Fix kfree memory allocated for nest pmus ax88172a: fix information leak on short answers net: usb: qmi_wwan: add support for Foxconn T77W968 LTE modules slip: Fix memory leak in slip_open error path ALSA: usb-audio: Fix missing error check at mixer resolution test ALSA: usb-audio: not submit urb for stopped endpoint Input: ff-memless - kill timer in destroy() Input: synaptics-rmi4 - fix video buffer size Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver Input: synaptics-rmi4 - do not consume more data than we have (F11, F12) Input: synaptics-rmi4 - clear IRQ enables for F54 Input: synaptics-rmi4 - destroy F54 poller workqueue when removing IB/hfi1: Ensure full Gen3 speed in a Gen4 system i2c: acpi: Force bus speed to 400KHz if a Silead touchscreen is present ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm() mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup() mmc: sdhci-of-at91: fix quirk2 overwrite iio: adc: max9611: explicitly cast gain_selectors tee: optee: take DT status property into account ath10k: fix kernel panic by moving pci flush after napi_disable iio: dac: mcp4922: fix error handling in mcp4922_write_raw arm64: dts: allwinner: a64: Olinuxino: fix DRAM voltage arm64: dts: allwinner: a64: NanoPi-A64: Fix DCDC1 voltage ALSA: pcm: signedness bug in snd_pcm_plug_alloc() arm64: dts: tegra210-p2180: Correct sdmmc4 vqmmc-supply ARM: dts: at91/trivial: Fix USART1 definition for at91sam9g45 rtc: rv8803: fix the rv8803 id in the OF table remoteproc/davinci: Use %zx for formating size_t extcon: cht-wc: Return from default case to avoid warnings cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set ALSA: seq: Do error checks at creating system ports ath9k: fix tx99 with monitor mode interface ath10k: limit available channels via DT ieee80211-freq-limit gfs2: Don't set GFS2_RDF_UPTODATE when the lvb is updated ASoC: dpcm: Properly initialise hw->rate_max pinctrl: ingenic: Probe driver at subsys_initcall MIPS: BCM47XX: Enable USB power on Netgear WNDR3400v3 ARM: dts: exynos: Fix sound in Snow-rev5 Chromebook liquidio: fix race condition in instruction completion processing ARM: dts: exynos: Fix regulators configuration on Peach Pi/Pit Chromebooks i40e: use correct length for strncpy i40e: hold the rtnl lock on clearing interrupt scheme i40e: Prevent deleting MAC address from VF when set by PF IB/rxe: fixes for rdma read retry iwlwifi: don't WARN on trying to dump dead firmware iwlwifi: mvm: avoid sending too many BARs ARM: dts: pxa: fix the rtc controller ARM: dts: pxa: fix power i2c base address rtl8187: Fix warning generated when strncpy() destination length matches the sixe argument soc: imx: gpc: fix PDN delay ASoC: rsnd: ssi: Fix issue in dma data address assignment net: phy: mscc: read 'vsc8531,vddmac' as an u32 net: phy: mscc: read 'vsc8531, edge-slowdown' as an u32 ARM: dts: meson8: fix the clock controller register size ARM: dts: meson8b: fix the clock controller register size net: lan78xx: Bail out if lan78xx_get_endpoints fails ASoC: sgtl5000: avoid division by zero if lo_vag is zero ARM: dts: exynos: Disable pull control for S5M8767 PMIC ath10k: wmi: disable softirq's while calling ieee80211_rx IB/ipoib: Ensure that MTU isn't less than minimum permitted RDMA/core: Rate limit MAD error messages RDMA/core: Follow correct unregister order between sysfs and cgroup mips: txx9: fix iounmap related issue ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation of: make PowerMac cache node search conditional on CONFIG_PPC_PMAC ARM: dts: omap3-gta04: give spi_lcd node a label so that we can overwrite in other DTS files ARM: dts: omap3-gta04: fixes for tvout / venc ARM: dts: omap3-gta04: tvout: enable as display1 alias ARM: dts: omap3-gta04: fix touchscreen tsc2007 ARM: dts: omap3-gta04: make NAND partitions compatible with recent U-Boot ARM: dts: omap3-gta04: keep vpll2 always on sched/debug: Use symbolic names for task state constants arm64: dts: rockchip: Fix VCC5V0_HOST_EN on rk3399-sapphire dmaengine: dma-jz4780: Don't depend on MACH_JZ4780 dmaengine: dma-jz4780: Further residue status fix EDAC, sb_edac: Return early on ADDRV bit and address type test rtc: mt6397: fix possible race condition rtc: pl030: fix possible race condition ath9k: add back support for using active monitor interfaces for tx99 IB/hfi1: Missing return value in error path for user sdma signal: Always ignore SIGKILL and SIGSTOP sent to the global init signal: Properly deliver SIGILL from uprobes signal: Properly deliver SIGSEGV from x86 uprobes f2fs: fix memory leak of percpu counter in fill_super() scsi: qla2xxx: Fix iIDMA error scsi: qla2xxx: Defer chip reset until target mode is enabled scsi: qla2xxx: Fix dropped srb resource. scsi: lpfc: Fix errors in log messages. scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir() ARM: imx6: register pm_power_off handler if "fsl,pmic-stby-poweroff" is set scsi: pm80xx: Corrected dma_unmap_sg() parameter scsi: pm80xx: Fixed system hang issue during kexec boot kprobes: Don't call BUG_ON() if there is a kprobe in use on free list Drivers: hv: vmbus: Fix synic per-cpu context initialization nvmem: core: return error code instead of NULL from nvmem_device_get media: dt-bindings: adv748x: Fix decimal unit addresses media: fix: media: pci: meye: validate offset to avoid arbitrary access media: dvb: fix compat ioctl translation arm64: dts: meson: libretech: update board model ALSA: intel8x0m: Register irq handler after register initializations pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map() llc: avoid blocking in llc_sap_close() ARM: dts: qcom: ipq4019: fix cpu0's qcom,saw2 reg value soc: qcom: wcnss_ctrl: Avoid string overflow powerpc/vdso: Correct call frame information ARM: dts: socfpga: Fix I2C bus unit-address error pinctrl: at91: don't use the same irqchip with multiple gpiochips cxgb4: Fix endianness issue in t4_fwcache() blok, bfq: do not plug I/O if all queues are weight-raised arm64: dts: meson: Fix erroneous SPI bus warnings power: supply: ab8500_fg: silence uninitialized variable warnings power: reset: at91-poweroff: do not procede if at91_shdwc is allocated power: supply: max8998-charger: Fix platform data retrieval component: fix loop condition to call unbind() if bind() fails kernfs: Fix range checks in kernfs_get_target_path ip_gre: fix parsing gre header in ipgre_err ARM: dts: rockchip: Fix erroneous SPI bus dtc warnings on rk3036 ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask ath9k: Fix a locking bug in ath9k_add_interface() s390/qeth: invoke softirqs after napi_schedule() PCI/ACPI: Correct error message for ASPM disabling serial: uartps: Fix suspend functionality serial: samsung: Enable baud clock for UART reset procedure in resume serial: mxs-auart: Fix potential infinite loop samples/bpf: fix a compilation failure spi: mediatek: Don't modify spi_transfer when transfer. ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address net: hns3: fix return type of ndo_start_xmit function powerpc/iommu: Avoid derefence before pointer check powerpc/64s/hash: Fix stab_rr off by one initialization powerpc/pseries: Disable CPU hotplug across migrations powerpc: Fix duplicate const clang warning in user access code RDMA/i40iw: Fix incorrect iterator type OPP: Protect dev_list with opp_table lock libfdt: Ensure INT_MAX is defined in libfdt_env.h power: supply: twl4030_charger: fix charging current out-of-bounds power: supply: twl4030_charger: disable eoc interrupt on linear charge net: toshiba: fix return type of ndo_start_xmit function net: xilinx: fix return type of ndo_start_xmit function net: broadcom: fix return type of ndo_start_xmit function net: amd: fix return type of ndo_start_xmit function net: sun: fix return type of ndo_start_xmit function net: hns3: Fix for setting speed for phy failed problem net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg() nfp: provide a better warning when ring allocation fails usb: chipidea: imx: enable OTG overcurrent in case USB subsystem is already started usb: chipidea: Fix otg event handler mlxsw: spectrum: Init shaper for TCs 8..15 ARM: dts: am335x-evm: fix number of cpsw f2fs: fix to recover inode's uid/gid during POR ARM: dts: ux500: Correct SCU unit address ARM: dts: ux500: Fix LCDA clock line muxing ARM: dts: ste: Fix SPI controller node names spi: pic32: Use proper enum in dmaengine_prep_slave_rg cpufeature: avoid warning when compiling with clang crypto: arm/crc32 - avoid warning when compiling with Clang ARM: dts: marvell: Fix SPI and I2C bus warnings x86/mce-inject: Reset injection struct after injection ARM: dts: clearfog: fix sdhci supply property name bnx2x: Ignore bandwidth attention in single function mode samples/bpf: fix compilation failure net: phy: mdio-bcm-unimac: Allow configuring MDIO clock divider net: micrel: fix return type of ndo_start_xmit function net: freescale: fix return type of ndo_start_xmit function x86/CPU: Use correct macros for Cyrix calls x86/CPU: Change query logic so CPUID is enabled before testing MIPS: kexec: Relax memory restriction arm64: dts: rockchip: Fix microSD in rk3399 sapphire board media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init() media: au0828: Fix incorrect error messages media: davinci: Fix implicit enum conversion warning ARM: dts: rockchip: explicitly set vcc_sd0 pin to gpio on rk3188-radxarock usb: gadget: uvc: configfs: Drop leaked references to config items usb: gadget: uvc: configfs: Prevent format changes after linking header i2c: aspeed: fix invalid clock parameters for very large divisors phy: brcm-sata: allow PHY_BRCM_SATA driver to be built for DSL SoCs phy: renesas: rcar-gen3-usb2: fix vbus_ctrl for role sysfs phy: phy-twl4030-usb: fix denied runtime access usb: gadget: uvc: Factor out video USB request queueing usb: gadget: uvc: Only halt video streaming endpoint in bulk mode coresight: Fix handling of sinks coresight: perf: Fix per cpu path management coresight: perf: Disable trace path upon source error coresight: etm4x: Configure EL2 exception level when kernel is running in HYP coresight: tmc: Fix byte-address alignment for RRP misc: kgdbts: Fix restrict error misc: genwqe: should return proper error value. vfio/pci: Fix potential memory leak in vfio_msi_cap_len vfio/pci: Mask buggy SR-IOV VF INTx support scsi: libsas: always unregister the old device if going to discover new phy: lantiq: Fix compile warning ARM: dts: tegra30: fix xcvr-setup-use-fuses ARM: tegra: apalis_t30: fix mmc1 cmd pull-up ARM: dts: paz00: fix wakeup gpio keycode net: smsc: fix return type of ndo_start_xmit function net: faraday: fix return type of ndo_start_xmit function f2fs: fix to recover inode's project id during POR f2fs: mark inode dirty explicitly in recover_inode() EDAC: Raise the maximum number of memory controllers ARM: dts: realview: Fix SPI controller node names firmware: dell_rbu: Make payload memory uncachable Bluetooth: hci_serdev: clear HCI_UART_PROTO_READY to avoid closing proto races Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS x86/hyperv: Suppress "PCI: Fatal: No config space access function found" crypto: s5p-sss: Fix Fix argument list alignment crypto: fix a memory leak in rsa-kcs1pad's encryption mode iwlwifi: dbg: don't crash if the firmware crashes in the middle of a debug dump iwlwifi: api: annotate compressed BA notif array sizes iwlwifi: mvm: Allow TKIP for AP mode scsi: NCR5380: Clear all unissued commands on host reset scsi: NCR5380: Have NCR5380_select() return a bool scsi: NCR5380: Withhold disconnect privilege for REQUEST SENSE scsi: NCR5380: Use DRIVER_SENSE to indicate valid sense data scsi: NCR5380: Check for invalid reselection target scsi: NCR5380: Don't clear busy flag when abort fails scsi: NCR5380: Don't call dsprintk() following reselection interrupt scsi: NCR5380: Handle BUS FREE during reselection scsi: NCR5380: Check for bus reset arm64: dts: amd: Fix SPI bus warnings arm64: dts: lg: Fix SPI controller node names ARM: dts: lpc32xx: Fix SPI controller node names rtc: armada38x: fix possible race condition netfilter: masquerade: don't flush all conntracks if only one address deleted on device usb: xhci-mtk: fix ISOC error when interval is zero fuse: use READ_ONCE on congestion_threshold and max_background IB/iser: Fix possible NULL deref at iser_inv_desc() net: phy: mdio-bcm-unimac: mark PM functions as __maybe_unused memfd: Use radix_tree_deref_slot_protected to avoid the warning. slcan: Fix memory leak in error path Linux 4.14.155 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Eric W. Biederman
|
09357805c5 |
signal: Always ignore SIGKILL and SIGSTOP sent to the global init
[ Upstream commit 86989c41b5ea08776c450cb759592532314a4ed6 ] If the first process started (aka /sbin/init) receives a SIGKILL it will panic the system if it is delivered. Making the system unusable and undebugable. It isn't much better if the first process started receives SIGSTOP. So always ignore SIGSTOP and SIGKILL sent to init. This is done in a separate clause in sig_task_ignored as force_sig_info can clear SIG_UNKILLABLE and this protection should work even then. Reviewed-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Joel Fernandes (Google)
|
e44e96da7f |
UPSTREAM: pidfd: add polling support
This patch adds polling support to pidfd. Android low memory killer (LMK) needs to know when a process dies once it is sent the kill signal. It does so by checking for the existence of /proc/pid which is both racy and slow. For example, if a PID is reused between when LMK sends a kill signal and checks for existence of the PID, since the wrong PID is now possibly checked for existence. Using the polling support, LMK will be able to get notified when a process exists in race-free and fast way, and allows the LMK to do other things (such as by polling on other fds) while awaiting the process being killed to die. For notification to polling processes, we follow the same existing mechanism in the kernel used when the parent of the task group is to be notified of a child's death (do_notify_parent). This is precisely when the tasks waiting on a poll of pidfd are also awakened in this patch. We have decided to include the waitqueue in struct pid for the following reasons: 1. The wait queue has to survive for the lifetime of the poll. Including it in task_struct would not be option in this case because the task can be reaped and destroyed before the poll returns. 2. By including the struct pid for the waitqueue means that during de_thread(), the new thread group leader automatically gets the new waitqueue/pid even though its task_struct is different. Appropriate test cases are added in the second patch to provide coverage of all the cases the patch is handling. Cc: Andy Lutomirski <luto@amacapital.net> Cc: Steven Rostedt <rostedt@goodmis.org> Cc: Daniel Colascione <dancol@google.com> Cc: Jann Horn <jannh@google.com> Cc: Tim Murray <timmurray@google.com> Cc: Jonathan Kowalski <bl0pbl33p@gmail.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Kees Cook <keescook@chromium.org> Cc: David Howells <dhowells@redhat.com> Cc: Oleg Nesterov <oleg@redhat.com> Cc: kernel-team@android.com Reviewed-by: Oleg Nesterov <oleg@redhat.com> Co-developed-by: Daniel Colascione <dancol@google.com> Signed-off-by: Daniel Colascione <dancol@google.com> Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org> Signed-off-by: Christian Brauner <christian@brauner.io> (cherry picked from commit b53b0b9d9a613c418057f6cb921c2f40a6f78c24) Bug: 135608568 Test: test program using syscall(__NR_sys_pidfd_open,..) and poll() Change-Id: I02f259d2875bec46b198d580edfbb067f077084e Signed-off-by: Suren Baghdasaryan <surenb@google.com> |
||
|
Christian Brauner
|
b8a24925e8 |
UPSTREAM: signal: improve comments
Improve the comments for pidfd_send_signal(). First, the comment still referred to a file descriptor for a process as a "task file descriptor" which stems from way back at the beginning of the discussion. Replace this with "pidfd" for consistency. Second, the wording for the explanation of the arguments to the syscall was a bit inconsistent, e.g. some used the past tense some used present tense. Make the wording more consistent. Signed-off-by: Christian Brauner <christian@brauner.io> (cherry picked from commit c732327f04a3818f35fa97d07b1d64d31b691d78) Bug: 135608568 Test: test program using syscall(__NR_sys_pidfd_open,..) and poll() Change-Id: I06c6bdd1dddaeb8ac75a78dd21f9cdd0dc139a4c Signed-off-by: Suren Baghdasaryan <surenb@google.com> |
||
|
Christian Brauner
|
f2ab079640 |
BACKPORT: signal: support CLONE_PIDFD with pidfd_send_signal
Let pidfd_send_signal() use pidfds retrieved via CLONE_PIDFD. With this patch pidfd_send_signal() becomes independent of procfs. This fullfils the request made when we merged the pidfd_send_signal() patchset. The pidfd_send_signal() syscall is now always available allowing for it to be used by users without procfs mounted or even users without procfs support compiled into the kernel. Signed-off-by: Christian Brauner <christian@brauner.io> Co-developed-by: Jann Horn <jannh@google.com> Signed-off-by: Jann Horn <jannh@google.com> Acked-by: Oleg Nesterov <oleg@redhat.com> Cc: Arnd Bergmann <arnd@arndb.de> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Kees Cook <keescook@chromium.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: David Howells <dhowells@redhat.com> Cc: "Michael Kerrisk (man-pages)" <mtk.manpages@gmail.com> Cc: Andy Lutomirsky <luto@kernel.org> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Aleksa Sarai <cyphar@cyphar.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Al Viro <viro@zeniv.linux.org.uk> (cherry picked from commit 2151ad1b067275730de1b38c7257478cae47d29e) Conflicts: kernel/sys_ni.c (1. Replaced COND_SYSCALL with cond_syscall.) Bug: 135608568 Test: test program using syscall(__NR_sys_pidfd_open,..) and poll() Change-Id: I621fe6547397e0e68c560d7da60ef7715deb290c Signed-off-by: Suren Baghdasaryan <surenb@google.com> |
||
|
Christian Brauner
|
5cc6eff449 |
UPSTREAM: signal: use fdget() since we don't allow O_PATH
As stated in the original commit for pidfd_send_signal() we don't allow to signal processes through O_PATH file descriptors since it is semantically equivalent to a write on the pidfd. We already correctly error out right now and return EBADF if an O_PATH fd is passed. This is because we use file->f_op to detect whether a pidfd is passed and O_PATH fds have their file->f_op set to empty_fops in do_dentry_open() and thus fail the test. Thus, there is no regression. It's just semantically correct to use fdget() and return an error right from there instead of taking a reference and returning an error later. Signed-off-by: Christian Brauner <christian@brauner.io> Acked-by: Oleg Nesterov <oleg@redhat.com> Cc: Arnd Bergmann <arnd@arndb.de> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Kees Cook <keescook@chromium.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Jann Horn <jann@thejh.net> Cc: David Howells <dhowells@redhat.com> Cc: "Michael Kerrisk (man-pages)" <mtk.manpages@gmail.com> Cc: Andy Lutomirsky <luto@kernel.org> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Oleg Nesterov <oleg@redhat.com> Cc: Aleksa Sarai <cyphar@cyphar.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 738a7832d21e3d911fcddab98ce260b79010b461) Bug: 135608568 Test: test program using syscall(__NR_pidfd_send_signal,..) to send SIGKILL Change-Id: Id52eaadf9da371fb2d9caae4df49627760de7229 Signed-off-by: Suren Baghdasaryan <surenb@google.com> |
||
|
Jann Horn
|
b0358816aa |
UPSTREAM: signal: don't silently convert SI_USER signals to non-current pidfd
The current sys_pidfd_send_signal() silently turns signals with explicit
SI_USER context that are sent to non-current tasks into signals with
kernel-generated siginfo.
This is unlike do_rt_sigqueueinfo(), which returns -EPERM in this case.
If a user actually wants to send a signal with kernel-provided siginfo,
they can do that with pidfd_send_signal(pidfd, sig, NULL, 0); so allowing
this case is unnecessary.
Instead of silently replacing the siginfo, just bail out with an error;
this is consistent with other interfaces and avoids special-casing behavior
based on security checks.
Fixes: 3eb39f47934f ("signal: add pidfd_send_signal() syscall")
Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: Christian Brauner <christian@brauner.io>
(cherry picked from commit 556a888a14afe27164191955618990fb3ccc9aad)
Bug: 135608568
Test: test program using syscall(__NR_pidfd_send_signal,..) to send SIGKILL
Change-Id: I493af671b82c43bff1425ee24550d2fb9aa6d961
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
|
||
|
Christian Brauner
|
c8b9b2c5cc |
BACKPORT: signal: add pidfd_send_signal() syscall
The kill() syscall operates on process identifiers (pid). After a process
has exited its pid can be reused by another process. If a caller sends a
signal to a reused pid it will end up signaling the wrong process. This
issue has often surfaced and there has been a push to address this problem [1].
This patch uses file descriptors (fd) from proc/<pid> as stable handles on
struct pid. Even if a pid is recycled the handle will not change. The fd
can be used to send signals to the process it refers to.
Thus, the new syscall pidfd_send_signal() is introduced to solve this
problem. Instead of pids it operates on process fds (pidfd).
/* prototype and argument /*
long pidfd_send_signal(int pidfd, int sig, siginfo_t *info, unsigned int flags);
/* syscall number 424 */
The syscall number was chosen to be 424 to align with Arnd's rework in his
y2038 to minimize merge conflicts (cf. [25]).
In addition to the pidfd and signal argument it takes an additional
siginfo_t and flags argument. If the siginfo_t argument is NULL then
pidfd_send_signal() is equivalent to kill(<positive-pid>, <signal>). If it
is not NULL pidfd_send_signal() is equivalent to rt_sigqueueinfo().
The flags argument is added to allow for future extensions of this syscall.
It currently needs to be passed as 0. Failing to do so will cause EINVAL.
/* pidfd_send_signal() replaces multiple pid-based syscalls */
The pidfd_send_signal() syscall currently takes on the job of
rt_sigqueueinfo(2) and parts of the functionality of kill(2), Namely, when a
positive pid is passed to kill(2). It will however be possible to also
replace tgkill(2) and rt_tgsigqueueinfo(2) if this syscall is extended.
/* sending signals to threads (tid) and process groups (pgid) */
Specifically, the pidfd_send_signal() syscall does currently not operate on
process groups or threads. This is left for future extensions.
In order to extend the syscall to allow sending signal to threads and
process groups appropriately named flags (e.g. PIDFD_TYPE_PGID, and
PIDFD_TYPE_TID) should be added. This implies that the flags argument will
determine what is signaled and not the file descriptor itself. Put in other
words, grouping in this api is a property of the flags argument not a
property of the file descriptor (cf. [13]). Clarification for this has been
requested by Eric (cf. [19]).
When appropriate extensions through the flags argument are added then
pidfd_send_signal() can additionally replace the part of kill(2) which
operates on process groups as well as the tgkill(2) and
rt_tgsigqueueinfo(2) syscalls.
How such an extension could be implemented has been very roughly sketched
in [14], [15], and [16]. However, this should not be taken as a commitment
to a particular implementation. There might be better ways to do it.
Right now this is intentionally left out to keep this patchset as simple as
possible (cf. [4]).
/* naming */
The syscall had various names throughout iterations of this patchset:
- procfd_signal()
- procfd_send_signal()
- taskfd_send_signal()
In the last round of reviews it was pointed out that given that if the
flags argument decides the scope of the signal instead of different types
of fds it might make sense to either settle for "procfd_" or "pidfd_" as
prefix. The community was willing to accept either (cf. [17] and [18]).
Given that one developer expressed strong preference for the "pidfd_"
prefix (cf. [13]) and with other developers less opinionated about the name
we should settle for "pidfd_" to avoid further bikeshedding.
The "_send_signal" suffix was chosen to reflect the fact that the syscall
takes on the job of multiple syscalls. It is therefore intentional that the
name is not reminiscent of neither kill(2) nor rt_sigqueueinfo(2). Not the
fomer because it might imply that pidfd_send_signal() is a replacement for
kill(2), and not the latter because it is a hassle to remember the correct
spelling - especially for non-native speakers - and because it is not
descriptive enough of what the syscall actually does. The name
"pidfd_send_signal" makes it very clear that its job is to send signals.
/* zombies */
Zombies can be signaled just as any other process. No special error will be
reported since a zombie state is an unreliable state (cf. [3]). However,
this can be added as an extension through the @flags argument if the need
ever arises.
/* cross-namespace signals */
The patch currently enforces that the signaler and signalee either are in
the same pid namespace or that the signaler's pid namespace is an ancestor
of the signalee's pid namespace. This is done for the sake of simplicity
and because it is unclear to what values certain members of struct
siginfo_t would need to be set to (cf. [5], [6]).
/* compat syscalls */
It became clear that we would like to avoid adding compat syscalls
(cf. [7]). The compat syscall handling is now done in kernel/signal.c
itself by adding __copy_siginfo_from_user_generic() which lets us avoid
compat syscalls (cf. [8]). It should be noted that the addition of
__copy_siginfo_from_user_any() is caused by a bug in the original
implementation of rt_sigqueueinfo(2) (cf. 12).
With upcoming rework for syscall handling things might improve
significantly (cf. [11]) and __copy_siginfo_from_user_any() will not gain
any additional callers.
/* testing */
This patch was tested on x64 and x86.
/* userspace usage */
An asciinema recording for the basic functionality can be found under [9].
With this patch a process can be killed via:
#define _GNU_SOURCE
#include <errno.h>
#include <fcntl.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/stat.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <unistd.h>
static inline int do_pidfd_send_signal(int pidfd, int sig, siginfo_t *info,
unsigned int flags)
{
#ifdef __NR_pidfd_send_signal
return syscall(__NR_pidfd_send_signal, pidfd, sig, info, flags);
#else
return -ENOSYS;
#endif
}
int main(int argc, char *argv[])
{
int fd, ret, saved_errno, sig;
if (argc < 3)
exit(EXIT_FAILURE);
fd = open(argv[1], O_DIRECTORY | O_CLOEXEC);
if (fd < 0) {
printf("%s - Failed to open \"%s\"\n", strerror(errno), argv[1]);
exit(EXIT_FAILURE);
}
sig = atoi(argv[2]);
printf("Sending signal %d to process %s\n", sig, argv[1]);
ret = do_pidfd_send_signal(fd, sig, NULL, 0);
saved_errno = errno;
close(fd);
errno = saved_errno;
if (ret < 0) {
printf("%s - Failed to send signal %d to process %s\n",
strerror(errno), sig, argv[1]);
exit(EXIT_FAILURE);
}
exit(EXIT_SUCCESS);
}
/* Q&A
* Given that it seems the same questions get asked again by people who are
* late to the party it makes sense to add a Q&A section to the commit
* message so it's hopefully easier to avoid duplicate threads.
*
* For the sake of progress please consider these arguments settled unless
* there is a new point that desperately needs to be addressed. Please make
* sure to check the links to the threads in this commit message whether
* this has not already been covered.
*/
Q-01: (Florian Weimer [20], Andrew Morton [21])
What happens when the target process has exited?
A-01: Sending the signal will fail with ESRCH (cf. [22]).
Q-02: (Andrew Morton [21])
Is the task_struct pinned by the fd?
A-02: No. A reference to struct pid is kept. struct pid - as far as I
understand - was created exactly for the reason to not require to
pin struct task_struct (cf. [22]).
Q-03: (Andrew Morton [21])
Does the entire procfs directory remain visible? Just one entry
within it?
A-03: The same thing that happens right now when you hold a file descriptor
to /proc/<pid> open (cf. [22]).
Q-04: (Andrew Morton [21])
Does the pid remain reserved?
A-04: No. This patchset guarantees a stable handle not that pids are not
recycled (cf. [22]).
Q-05: (Andrew Morton [21])
Do attempts to signal that fd return errors?
A-05: See {Q,A}-01.
Q-06: (Andrew Morton [22])
Is there a cleaner way of obtaining the fd? Another syscall perhaps.
A-06: Userspace can already trivially retrieve file descriptors from procfs
so this is something that we will need to support anyway. Hence,
there's no immediate need to add another syscalls just to make
pidfd_send_signal() not dependent on the presence of procfs. However,
adding a syscalls to get such file descriptors is planned for a
future patchset (cf. [22]).
Q-07: (Andrew Morton [21] and others)
This fd-for-a-process sounds like a handy thing and people may well
think up other uses for it in the future, probably unrelated to
signals. Are the code and the interface designed to permit such
future applications?
A-07: Yes (cf. [22]).
Q-08: (Andrew Morton [21] and others)
Now I think about it, why a new syscall? This thing is looking
rather like an ioctl?
A-08: This has been extensively discussed. It was agreed that a syscall is
preferred for a variety or reasons. Here are just a few taken from
prior threads. Syscalls are safer than ioctl()s especially when
signaling to fds. Processes are a core kernel concept so a syscall
seems more appropriate. The layout of the syscall with its four
arguments would require the addition of a custom struct for the
ioctl() thereby causing at least the same amount or even more
complexity for userspace than a simple syscall. The new syscall will
replace multiple other pid-based syscalls (see description above).
The file-descriptors-for-processes concept introduced with this
syscall will be extended with other syscalls in the future. See also
[22], [23] and various other threads already linked in here.
Q-09: (Florian Weimer [24])
What happens if you use the new interface with an O_PATH descriptor?
A-09:
pidfds opened as O_PATH fds cannot be used to send signals to a
process (cf. [2]). Signaling processes through pidfds is the
equivalent of writing to a file. Thus, this is not an operation that
operates "purely at the file descriptor level" as required by the
open(2) manpage. See also [4].
/* References */
[1]: https://lore.kernel.org/lkml/20181029221037.87724-1-dancol@google.com/
[2]: https://lore.kernel.org/lkml/874lbtjvtd.fsf@oldenburg2.str.redhat.com/
[3]: https://lore.kernel.org/lkml/20181204132604.aspfupwjgjx6fhva@brauner.io/
[4]: https://lore.kernel.org/lkml/20181203180224.fkvw4kajtbvru2ku@brauner.io/
[5]: https://lore.kernel.org/lkml/20181121213946.GA10795@mail.hallyn.com/
[6]: https://lore.kernel.org/lkml/20181120103111.etlqp7zop34v6nv4@brauner.io/
[7]: https://lore.kernel.org/lkml/36323361-90BD-41AF-AB5B-EE0D7BA02C21@amacapital.net/
[8]: https://lore.kernel.org/lkml/87tvjxp8pc.fsf@xmission.com/
[9]: https://asciinema.org/a/IQjuCHew6bnq1cr78yuMv16cy
[11]: https://lore.kernel.org/lkml/F53D6D38-3521-4C20-9034-5AF447DF62FF@amacapital.net/
[12]: https://lore.kernel.org/lkml/87zhtjn8ck.fsf@xmission.com/
[13]: https://lore.kernel.org/lkml/871s6u9z6u.fsf@xmission.com/
[14]: https://lore.kernel.org/lkml/20181206231742.xxi4ghn24z4h2qki@brauner.io/
[15]: https://lore.kernel.org/lkml/20181207003124.GA11160@mail.hallyn.com/
[16]: https://lore.kernel.org/lkml/20181207015423.4miorx43l3qhppfz@brauner.io/
[17]: https://lore.kernel.org/lkml/CAGXu5jL8PciZAXvOvCeCU3wKUEB_dU-O3q0tDw4uB_ojMvDEew@mail.gmail.com/
[18]: https://lore.kernel.org/lkml/20181206222746.GB9224@mail.hallyn.com/
[19]: https://lore.kernel.org/lkml/20181208054059.19813-1-christian@brauner.io/
[20]: https://lore.kernel.org/lkml/8736rebl9s.fsf@oldenburg.str.redhat.com/
[21]: https://lore.kernel.org/lkml/20181228152012.dbf0508c2508138efc5f2bbe@linux-foundation.org/
[22]: https://lore.kernel.org/lkml/20181228233725.722tdfgijxcssg76@brauner.io/
[23]: https://lwn.net/Articles/773459/
[24]: https://lore.kernel.org/lkml/8736rebl9s.fsf@oldenburg.str.redhat.com/
[25]: https://lore.kernel.org/lkml/CAK8P3a0ej9NcJM8wXNPbcGUyOUZYX+VLoDFdbenW3s3114oQZw@mail.gmail.com/
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Jann Horn <jannh@google.com>
Cc: Andy Lutomirsky <luto@kernel.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Florian Weimer <fweimer@redhat.com>
Signed-off-by: Christian Brauner <christian@brauner.io>
Reviewed-by: Tycho Andersen <tycho@tycho.ws>
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: David Howells <dhowells@redhat.com>
Acked-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Serge Hallyn <serge@hallyn.com>
Acked-by: Aleksa Sarai <cyphar@cyphar.com>
(cherry picked from commit 3eb39f47934f9d5a3027fe00d906a45fe3a15fad)
Conflicts:
arch/x86/entry/syscalls/syscall_32.tbl - trivial manual merge
arch/x86/entry/syscalls/syscall_64.tbl - trivial manual merge
include/linux/proc_fs.h - trivial manual merge
include/linux/syscalls.h - trivial manual merge
include/uapi/asm-generic/unistd.h - trivial manual merge
kernel/signal.c - struct kernel_siginfo does not exist in 4.14
kernel/sys_ni.c - cond_syscall is used instead of COND_SYSCALL
arch/x86/entry/syscalls/syscall_32.tbl
arch/x86/entry/syscalls/syscall_64.tbl
(1. manual merges because of 4.14 differences
2. change prepare_kill_siginfo() to use struct siginfo instead of
kernel_siginfo
3. use copy_from_user() instead of copy_siginfo_from_user() in copy_siginfo_from_user_any()
4. replaced COND_SYSCALL with cond_syscall
5. Removed __ia32_sys_pidfd_send_signal in arch/x86/entry/syscalls/syscall_32.tbl.
6. Replaced __x64_sys_pidfd_send_signal with sys_pidfd_send_signal in arch/x86/entry/syscalls/syscall_64.tbl.)
Bug: 135608568
Test: test program using syscall(__NR_pidfd_send_signal,..) to send SIGKILL
Change-Id: I34da11c63ac8cafb0353d9af24c820cef519ec27
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
|
||
|
Blagovest Kolenichev
|
d545a613b5 |
Merge android-4.14.124 (225970c) into msm-4.14
* refs/heads/tmp-225970c:
Linux 4.14.124
media: uvcvideo: Fix uvc_alloc_entity() allocation alignment
binder: fix race between munmap() and direct reclaim
Revert "binder: fix handling of misaligned binder object"
Revert "x86/build: Move _etext to actual end of .text"
include/linux/module.h: copy __init/__exit attrs to init/cleanup_module
Compiler Attributes: add support for __copy (gcc >= 9)
drm/rockchip: shutdown drm subsystem on shutdown
drm/vmwgfx: Don't send drm sysfs hotplug events on initial master set
gcc-plugins: Fix build failures under Darwin host
Revert "lockd: Show pid of lockd for remote locks"
CIFS: cifs_read_allocate_pages: don't iterate through whole page array on ENOMEM
staging: wlan-ng: fix adapter initialization failure
staging: vc04_services: prevent integer overflow in create_pagelist()
serial: sh-sci: disable DMA for uart_console
ima: show rules with IMA_INMASK correctly
doc: Cope with Sphinx logging deprecations
doc: Cope with the deprecation of AutoReporter
docs: Fix conf.py for Sphinx 2.0
kernel/signal.c: trace_signal_deliver when signal_group_exit
memcg: make it work on sparse non-0-node systems
tty: max310x: Fix external crystal register setup
tty: serial: msm_serial: Fix XON/XOFF
drm/nouveau/i2c: Disable i2c bus access after ->fini()
KVM: s390: Do not report unusabled IDs via KVM_CAP_MAX_VCPU_ID
ALSA: hda/realtek - Set default power save node to 0
powerpc/perf: Fix MMCRA corruption by bhrb_filter
KVM: PPC: Book3S HV: XIVE: Do not clear IRQ data of passthrough interrupts
Btrfs: incremental send, fix file corruption when no-holes feature is enabled
Btrfs: fix fsync not persisting changed attributes of a directory
Btrfs: fix race updating log root item during fsync
Btrfs: fix wrong ctime and mtime of a directory after log replay
scsi: zfcp: fix to prevent port_remove with pure auto scan LUNs (only sdevs)
scsi: zfcp: fix missing zfcp_port reference put on -EBUSY from port_remove
media: smsusb: better handle optional alignment
media: usb: siano: Fix false-positive "uninitialized variable" warning
media: usb: siano: Fix general protection fault in smsusb
USB: rio500: fix memory leak in close after disconnect
USB: rio500: refuse more than one device at a time
USB: Add LPM quirk for Surface Dock GigE adapter
USB: sisusbvga: fix oops in error path of sisusb_probe
USB: Fix slab-out-of-bounds write in usb_get_bos_descriptor
usbip: usbip_host: fix stub_dev lock context imbalance regression
usbip: usbip_host: fix BUG: sleeping function called from invalid context
usb: xhci: avoid null pointer deref when bos field is NULL
xhci: Convert xhci_handshake() to use readl_poll_timeout_atomic()
xhci: Use %zu for printing size_t type
xhci: update bounce buffer with correct sg num
include/linux/bitops.h: sanitize rotate primitives
sparc64: Fix regression in non-hypervisor TLB flush xcall
tipc: fix modprobe tipc failed after switch order of device registration
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
xen/pciback: Don't disable PCI_COMMAND on PCI device reset.
crypto: vmx - ghash: do nosimd fallback manually
net: phy: marvell10g: report if the PHY fails to boot firmware
net: mvpp2: fix bad MVPP2_TXQ_SCHED_TOKEN_CNTR_REG queue value
net: mvneta: Fix err code path of probe
net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT
ipv4/igmp: fix build error if !CONFIG_IP_MULTICAST
ipv4/igmp: fix another memory leak in igmpv3_del_delrec()
bnxt_en: Fix aggregation buffer leak under OOM condition.
net/mlx5: Allocate root ns memory using kzalloc to match kfree
tipc: Avoid copying bytes beyond the supplied data
usbnet: fix kernel crash after disconnect
net: stmmac: fix reset gpio free missing
net-gro: fix use-after-free read in napi_gro_frags()
net: fec: fix the clk mismatch in failed_reset path
llc: fix skb leak in llc_build_and_send_ui_pkt()
ipv6: Consider sk_bound_dev_if when binding a raw socket to an address
inet: switch IP ID generator to siphash
ANDROID: uid_sys_stats: report uid_cputime stats in microseconds
Revert "fib_rules: return 0 directly if an exactly same rule exists when NLM_F_EXCL not supplied"
Revert "UPSTREAM: fib_rules: fix error in backport of e9919a24d302 ("fib_rules: return 0...")"
Revert "x86/build: Move _etext to actual end of .text"
Change-Id: I98ae54fff61393636d3f0828e32d87424b377c1f
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
|
||
|
Zhenliang Wei
|
3213acb17a |
kernel/signal.c: trace_signal_deliver when signal_group_exit
commit 98af37d624ed8c83f1953b1b6b2f6866011fc064 upstream. In the fixes commit, removing SIGKILL from each thread signal mask and executing "goto fatal" directly will skip the call to "trace_signal_deliver". At this point, the delivery tracking of the SIGKILL signal will be inaccurate. Therefore, we need to add trace_signal_deliver before "goto fatal" after executing sigdelset. Note: SEND_SIG_NOINFO matches the fact that SIGKILL doesn't have any info. Link: http://lkml.kernel.org/r/20190425025812.91424-1-weizhenliang@huawei.com Fixes: cf43a757fd4944 ("signal: Restore the stop PTRACE_EVENT_EXIT") Signed-off-by: Zhenliang Wei <weizhenliang@huawei.com> Reviewed-by: Christian Brauner <christian@brauner.io> Reviewed-by: Oleg Nesterov <oleg@redhat.com> Cc: Eric W. Biederman <ebiederm@xmission.com> Cc: Ivan Delalande <colona@arista.com> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Deepa Dinamani <deepa.kernel@gmail.com> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Blagovest Kolenichev
|
9ec70dd408 |
Merge android-4.14-p.102 (6d248da0) into msm-4.14
* refs/heads/tmp-6d248da0: Revert "sched, trace: Fix prev_state output in sched_switch tracepoint" Linux 4.14.102 uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define pinctrl: msm: fix gpio-hog related boot issues futex: Cure exit race sched, trace: Fix prev_state output in sched_switch tracepoint drm/i915: Prevent a race during I915_GEM_MMAP ioctl with WC set dm thin: fix bug where bio that overwrites thin block ignores FUA dm crypt: don't overallocate the integrity tag space x86/a.out: Clear the dump structure initially md/raid1: don't clear bitmap bits on interrupted recovery. signal: Restore the stop PTRACE_EVENT_EXIT x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls tracing/uprobes: Fix output for multiple string arguments alpha: Fix Eiger NR_IRQS to 128 alpha: fix page fault handling for r16-r18 targets mm: proc: smaps_rollup: fix pss_locked calculation Input: elantech - enable 3rd button support on Fujitsu CELSIUS H780 Input: bma150 - register input device after setting private data kvm: vmx: Fix entry number check for add_atomic_switch_msr() ALSA: usb-audio: Fix implicit fb endpoint setup by quirk ALSA: hda - Add quirk for HP EliteBook 840 G5 perf/x86: Add check_period PMU callback perf/core: Fix impossible ring-buffer sizes warning Input: elan_i2c - add ACPI ID for touchpad in Lenovo V330-15ISK Revert "Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G" cifs: Limit memory used by lock request calls to a page drm/nouveau/falcon: avoid touching registers if engine is off drm/nouveau: Don't disable polling in fallback mode gpio: pl061: handle failed allocations ARM: dts: kirkwood: Fix polarity of GPIO fan lines ARM: dts: da850-lcdk: Correct the sound card name ARM: dts: da850-evm: Correct the sound card name nvme-pci: use the same attributes when freeing host_mem_desc_bufs. drm/bridge: tc358767: fix output H/V syncs drm/bridge: tc358767: reject modes which require too much BW drm/bridge: tc358767: fix initial DP0/1_SRCCTRL value drm/bridge: tc358767: fix single lane configuration drm/bridge: tc358767: add defines for DP1_SRCCTRL & PHY_2LANE cpufreq: check if policy is inactive early in __cpufreq_get() perf test shell: Use a fallback to get the pathname in vfs_getname ACPI: NUMA: Use correct type for printing addresses on i386-PAE bnx2x: disable GSO where gso_size is too big for hardware net: create skb_gso_validate_mac_len() ARM: fix the cockup in the previous patch ARM: ensure that processor vtables is not lost after boot ARM: spectre-v2: per-CPU vtables to work around big.Little systems ARM: add PROC_VTABLE and PROC_TABLE macros ARM: clean up per-processor check_bugs method call ARM: split out processor lookup ARM: make lookup_processor_type() non-__init ARM: 8810/1: vfp: Fix wrong assignement to ufp_exc ARM: 8797/1: spectre-v1.1: harden __copy_to_user ARM: 8796/1: spectre-v1,v1.1: provide helpers for address sanitization ARM: 8795/1: spectre-v1.1: use put_user() for __put_user() ARM: 8794/1: uaccess: Prevent speculative use of the current addr_limit ARM: 8793/1: signal: replace __put_user_error with __put_user ARM: 8792/1: oabi-compat: copy oabi events using __copy_to_user() ARM: 8791/1: vfp: use __copy_to_user() when saving VFP state ARM: 8790/1: signal: always use __copy_to_user to save iwmmxt context ARM: 8789/1: signal: copy registers using __copy_to_user() uapi/if_ether.h: prevent redefinition of struct ethhdr blk-mq: fix a hung issue when fsync eeprom: at24: add support for 24c2048 dt-bindings: eeprom: at24: add "atmel,24c2048" compatible string Change-Id: I76266eef1ae49d35fb83938d82066e72be54bb2c Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> |
||
|
Blagovest Kolenichev
|
bc1363bd4e |
Merge android-4.14-p.100 (258c06c) into msm-4.14
* refs/heads/tmp-258c06c: Linux 4.14.100 Revert "uio: use request_threaded_irq instead" uio: fix possible circular locking dependency uio: fix wrong return value from uio_mmap() uio: fix crash after the device is unregistered uio: change to use the mutex lock instead of the spin lock uio: use request_threaded_irq instead uio: Prevent device destruction while fds are open uio: Reduce return paths from uio_write() perf tests attr: Make hw events optional perf tests attr: Fix group stat tests perf tests attr: Fix task term values batman-adv: Force mac header to start of data on xmit batman-adv: Avoid WARN on net_device without parent in netns xfrm: refine validation of template and selector families libceph: avoid KEEPALIVE_PENDING races in ceph_con_keepalive() Revert "ext4: use ext4_write_inode() when fsyncing w/o a journal" HID: debug: fix the ring buffer implementation drm/vmwgfx: Return error code from vmw_execbuf_copy_fence_user drm/vmwgfx: Fix setting of dma masks drm/modes: Prevent division by zero htotal mac80211: ensure that mgmt tx skbs have tailroom for encryption ARM: tango: Improve ARCH_MULTIPLATFORM compatibility ARM: iop32x/n2100: fix PCI IRQ mapping MIPS: VDSO: Include $(ccflags-vdso) in o32,n32 .lds builds MIPS: OCTEON: don't set octeon_dma_bar_type if PCI is disabled mips: cm: reprime error cause tracing: uprobes: Fix typo in pr_fmt string debugfs: fix debugfs_rename parameter checking samples: mei: use /dev/mei0 instead of /dev/mei misc: vexpress: Off by one in vexpress_syscfg_exec() signal: Better detection of synchronous signals signal: Always notice exiting tasks iio: chemical: atlas-ph-sensor: correct IIO_TEMP values to millicelsius iio: adc: axp288: Fix TS-pin handling mtd: rawnand: gpmi: fix MX28 bus master lockup problem Change-Id: Idcc7a8b330ce991a5d424ffe2aa7f6efbcc84b5c Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> |
||
|
Eric W. Biederman
|
910e3b3154 |
signal: Restore the stop PTRACE_EVENT_EXIT
commit cf43a757fd49442bc38f76088b70c2299eed2c2f upstream. In the middle of do_exit() there is there is a call "ptrace_event(PTRACE_EVENT_EXIT, code);" That call places the process in TACKED_TRACED aka "(TASK_WAKEKILL | __TASK_TRACED)" and waits for for the debugger to release the task or SIGKILL to be delivered. Skipping past dequeue_signal when we know a fatal signal has already been delivered resulted in SIGKILL remaining pending and TIF_SIGPENDING remaining set. This in turn caused the scheduler to not sleep in PTACE_EVENT_EXIT as it figured a fatal signal was pending. This also caused ptrace_freeze_traced in ptrace_check_attach to fail because it left a per thread SIGKILL pending which is what fatal_signal_pending tests for. This difference in signal state caused strace to report strace: Exit of unknown pid NNNNN ignored Therefore update the signal handling state like dequeue_signal would when removing a per thread SIGKILL, by removing SIGKILL from the per thread signal mask and clearing TIF_SIGPENDING. Acked-by: Oleg Nesterov <oleg@redhat.com> Reported-by: Oleg Nesterov <oleg@redhat.com> Reported-by: Ivan Delalande <colona@arista.com> Cc: stable@vger.kernel.org Fixes: 35634ffa1751 ("signal: Always notice exiting tasks") Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Eric W. Biederman
|
284f7b1a09 |
signal: Better detection of synchronous signals
commit 7146db3317c67b517258cb5e1b08af387da0618b upstream.
Recently syzkaller was able to create unkillablle processes by
creating a timer that is delivered as a thread local signal on SIGHUP,
and receiving SIGHUP SA_NODEFERER. Ultimately causing a loop failing
to deliver SIGHUP but always trying.
When the stack overflows delivery of SIGHUP fails and force_sigsegv is
called. Unfortunately because SIGSEGV is numerically higher than
SIGHUP next_signal tries again to deliver a SIGHUP.
From a quality of implementation standpoint attempting to deliver the
timer SIGHUP signal is wrong. We should attempt to deliver the
synchronous SIGSEGV signal we just forced.
We can make that happening in a fairly straight forward manner by
instead of just looking at the signal number we also look at the
si_code. In particular for exceptions (aka synchronous signals) the
si_code is always greater than 0.
That still has the potential to pick up a number of asynchronous
signals as in a few cases the same si_codes that are used
for synchronous signals are also used for asynchronous signals,
and SI_KERNEL is also included in the list of possible si_codes.
Still the heuristic is much better and timer signals are definitely
excluded. Which is enough to prevent all known ways for someone
sending a process signals fast enough to cause unexpected and
arguably incorrect behavior.
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Eric W. Biederman
|
3edbf74325 |
signal: Always notice exiting tasks
commit 35634ffa1751b6efd8cf75010b509dcb0263e29b upstream. Recently syzkaller was able to create unkillablle processes by creating a timer that is delivered as a thread local signal on SIGHUP, and receiving SIGHUP SA_NODEFERER. Ultimately causing a loop failing to deliver SIGHUP but always trying. Upon examination it turns out part of the problem is actually most of the solution. Since 2.5 signal delivery has found all fatal signals, marked the signal group for death, and queued SIGKILL in every threads thread queue relying on signal->group_exit_code to preserve the information of which was the actual fatal signal. The conversion of all fatal signals to SIGKILL results in the synchronous signal heuristic in next_signal kicking in and preferring SIGHUP to SIGKILL. Which is especially problematic as all fatal signals have already been transformed into SIGKILL. Instead of dequeueing signals and depending upon SIGKILL to be the first signal dequeued, first test if the signal group has already been marked for death. This guarantees that nothing in the signal queue can prevent a process that needs to exit from exiting. Cc: stable@vger.kernel.org Tested-by: Dmitry Vyukov <dvyukov@google.com> Reported-by: Dmitry Vyukov <dvyukov@google.com> Ref: ebf5ebe31d2c ("[PATCH] signal-fixes-2.5.59-A4") History Tree: https://git.kernel.org/pub/scm/linux/kernel/git/tglx/history.git Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Blagovest Kolenichev
|
ce2f7fefc5 |
Merge android-4.14-p.81 (b435b51) into msm-4.14
* refs/heads/tmp-b435b51:
Linux 4.14.81
MD: fix invalid stored role for a disk - try2
bpf: wait for running BPF programs when updating map-in-map
net: sched: Remove TCA_OPTIONS from policy
Btrfs: fix fsync after hole punching when using no-holes feature
Btrfs: fix use-after-free when dumping free space
Btrfs: fix use-after-free during inode eviction
btrfs: move the dio_sem higher up the callchain
btrfs: don't run delayed_iputs in commit
btrfs: only free reserved extent if we didn't insert it
btrfs: don't use ctl->free_space for max_extent_size
btrfs: set max_extent_size properly
Btrfs: fix assertion on fsync of regular file when using no-holes feature
Btrfs: fix null pointer dereference on compressed write path error
btrfs: qgroup: Dirty all qgroups before rescan
Btrfs: fix wrong dentries after fsync of file that got its parent replaced
Btrfs: fix warning when replaying log after fsync of a tmpfile
btrfs: make sure we create all new block groups
btrfs: reset max_extent_size on clear in a bitmap
btrfs: protect space cache inode alloc with GFP_NOFS
btrfs: wait on caching when putting the bg cache
btrfs: don't attempt to trim devices that don't support it
btrfs: iterate all devices during trim, instead of fs_devices::alloc_list
btrfs: Ensure btrfs_trim_fs can trim the whole filesystem
btrfs: Enhance btrfs_trim_fs function to handle error better
btrfs: fix error handling in free_log_tree
btrfs: locking: Add extra check in btrfs_init_new_buffer() to avoid deadlock
btrfs: Handle owner mismatch gracefully when walking up tree
btrfs: qgroup: Avoid calling qgroup functions if qgroup is not enabled
selftests/powerpc: Fix ptrace tm failure
soc/tegra: pmc: Fix child-node lookup
arm64: dts: stratix10: Correct System Manager register size
ARM: dts: socfpga: Fix SDRAM node address for Arria10
Cramfs: fix abad comparison when wrap-arounds occur
rpmsg: smd: fix memory leak on channel create
arm64: lse: remove -fcall-used-x0 flag
media: media colorspaces*.rst: rename AdobeRGB to opRGB
media: em28xx: make v4l2-compliance happier by starting sequence on zero
media: em28xx: fix input name for Terratec AV 350
media: tvp5150: avoid going past array on v4l2_querymenu()
media: em28xx: use a default format if TRY_FMT fails
xen-blkfront: fix kernel panic with negotiate_mq error path
xen: fix xen_qlock_wait()
kgdboc: Passing ekgdboc to command line causes panic
media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD
TC: Set DMA masks for devices
iommu/arm-smmu: Ensure that page-table updates are visible before TLBI
MIPS: OCTEON: fix out of bounds array access on CN68XX
powerpc/msi: Fix compile error on mpc83xx
dm zoned: fix various dmz_get_mblock() issues
dm zoned: fix metadata block ref counting
dm ioctl: harden copy_params()'s copy_from_user() from malicious users
lockd: fix access beyond unterminated strings in prints
nfsd: Fix an Oops in free_session()
nfs: Fix a missed page unlock after pg_doio()
NFSv4.1: Fix the r/wsize checking
genirq: Fix race on spurious interrupt detection
printk: Fix panic caused by passing log_buf_len to command line
smb3: on kerberos mount if server doesn't specify auth type use krb5
smb3: do not attempt cifs operation in smb3 query info error path
smb3: allow stats which track session and share reconnects to be reset
w1: omap-hdq: fix missing bus unregister at removal
iio: adc: at91: fix wrong channel number in triggered buffer mode
iio: adc: at91: fix acking DRDY irq on simple conversions
iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs()
iio: ad5064: Fix regulator handling
kbuild: fix kernel/bounds.c 'W=1' warning
KVM: arm64: Fix caching of host MDCR_EL2 value
mm/rmap: map_pte() was not handling private ZONE_DEVICE page properly
hugetlbfs: dirty pages as they are added to pagecache
ima: fix showing large 'violations' or 'runtime_measurements_count'
mm: /proc/pid/smaps_rollup: fix NULL pointer deref in smaps_pte_range()
crypto: tcrypt - fix ghash-generic speed test
crypto: lrw - Fix out-of bounds access on counter overflow
signal: Guard against negative signal numbers in copy_siginfo_from_user32
signal/GenWQE: Fix sending of SIGKILL
PCI: vmd: White list for fast interrupt handlers
PCI: Add Device IDs for Intel GPU "spurious interrupt" quirk
PCI/ASPM: Fix link_state teardown on device removal
ARM: dts: dra7: Fix up unaligned access setting for PCIe EP
EDAC, skx_edac: Fix logical channel intermediate decoding
EDAC, {i7core,sb,skx}_edac: Fix uncorrected error counting
EDAC, amd64: Add Family 17h, models 10h-2fh support
HID: hiddev: fix potential Spectre v1
ext4: fix use-after-free race in ext4_remount()'s error path
ext4: propagate error from dquot_initialize() in EXT4_IOC_FSSETXATTR
ext4: fix setattr project check in fssetxattr ioctl
ext4: initialize retries variable in ext4_da_write_inline_data_begin()
gfs2_meta: ->mount() can get NULL dev_name
jbd2: fix use after free in jbd2_log_do_checkpoint()
IB/mlx5: Fix MR cache initialization
ASoC: intel: skylake: Add missing break in skl_tplg_get_token()
libnvdimm, region: Fail badblocks listing for inactive regions
libnvdimm: Hold reference on parent while scheduling async init
dmaengine: stm32-dma: fix incomplete configuration in cyclic mode
dmaengine: ppc4xx: fix off-by-one build failure
net/ipv4: defensive cipso option parsing
iwlwifi: mvm: check return value of rs_rate_from_ucode_rate()
usb: gadget: udc: renesas_usb3: Fix b-device mode for "workaround"
usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten
libertas: don't set URB_ZERO_PACKET on IN USB transfer
xen/pvh: don't try to unplug emulated devices
xen/pvh: increase early stack size
xen: make xen_qlock_wait() nestable
xen: fix race in xen_qlock_wait()
xen/balloon: Support xend-based toolstack
xen/blkfront: avoid NULL blkfront_info dereference on device removal
tpm: Restore functionality to xen vtpm driver.
xen-swiotlb: use actually allocated size on check physical continuous
ARM: dts: exynos: Mark 1 GHz CPU OPP as suspend OPP on Exynos5250
ARM: dts: exynos: Convert exynos5250.dtsi to opp-v2 bindings
arm: dts: exynos: Add missing cooling device properties for CPUs
ARM: dts: exynos: Remove "cooling-{min|max}-level" for CPU nodes
f2fs: fix to account IO correctly
Revert "f2fs: fix to clear PG_checked flag in set_page_dirty()"
cpupower: Fix AMD Family 0x17 msr_pstate size
ALSA: hda: Check the non-cached stream buffers more explicitly
IB/rxe: fix for duplicate request processing and ack psns
dmaengine: dma-jz4780: Return error if not probed from DT
mfd: menelaus: Fix possible race condition and leak
signal: Always deliver the kernel's SIGKILL and SIGSTOP to a pid namespace init
f2fs: report error if quota off error during umount
scsi: lpfc: Correct race with abort on completion path
scsi: lpfc: Correct soft lockup when running mds diagnostics
uio: ensure class is registered before devices
driver/dma/ioat: Call del_timer_sync() without holding prep_lock
usb: chipidea: Prevent unbalanced IRQ disable
crypto: caam - fix implicit casts in endianness helpers
PCI: dwc: pci-dra7xx: Enable errata i870 for both EP and RC mode
coresight: etb10: Fix handling of perf mode
PCI/MSI: Warn and return error if driver enables MSI/MSI-X twice
f2fs: fix to recover inode's i_flags during POR
MD: fix invalid stored role for a disk
ext4: fix argument checking in EXT4_IOC_MOVE_EXT
usb: gadget: udc: atmel: handle at91sam9rl PMC
PCI / ACPI: Enable wake automatically for power managed bridges
VMCI: Resource wildcard match fixed
Drivers: hv: vmbus: Use cpumask_var_t for on-stack cpu mask
tpm: suppress transmit cmd error logs when TPM 1.2 is disabled/deactivated
PCI: mediatek: Fix mtk_pcie_find_port() endpoint/port matching logic
usb: host: ohci-at91: fix request of irq for optional gpio
RDMA/bnxt_re: Fix recursive lock warning in debug kernel
IB/ipoib: Clear IPCB before icmp_send
RDMA/core: Do not expose unsupported counters
scsi: megaraid_sas: fix a missing-check bug
KVM: nVMX: Clear reserved bits of #DB exit qualification
UAPI: ndctl: Fix g++-unsupported initialisation in headers
scsi: esp_scsi: Track residual for PIO transfers
cgroup, netclassid: add a preemption point to write_classid
thermal: da9062/61: Prevent hardware access during system suspend
ath10k: schedule hardware restart if WMI command times out
ixgbevf: VF2VF TCP RSS
iwlwifi: mvm: fix BAR seq ctrl reporting
net: dsa: mv88e6xxx: Fix writing to a PHY page.
pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant
pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant
pinctrl: qcom: spmi-mpp: Fix drive strength setting
ACPI / LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers
kprobes: Return error if we fail to reuse kprobe instead of BUG_ON()
block, bfq: correctly charge and reset entity service in all cases
net: phy: phylink: ensure the carrier is off when starting phylink
brcmfmac: fix for proper support of 160MHz bandwidth
pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux
x86: boot: Fix EFI stub alignment
Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth
signal: Introduce COMPAT_SIGMINSTKSZ for use in compat_sys_sigaltstack
mtd: rawnand: atmel: Fix potential NULL pointer dereference
cpufreq: dt: Try freeing static OPPs only if we have added them
ACPI / processor: Fix the return value of acpi_processor_ids_walk()
x86/olpc: Indicate that legacy PC XO-1 platform should not register RTC
iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface
iwlwifi: pcie: avoid empty free RB queue
mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01
cpupower: Fix coredump on VMWare
perf strbuf: Match va_{add,copy} with va_end
perf tools: Cleanup trace-event-info 'tdata' leak
perf tools: Free temporary 'sys' string in read_event_files()
spi: spi-ep93xx: Use dma_data_direction for ep93xx_spi_dma_{finish,prepare}
lightnvm: pblk: fix two sleep-in-atomic-context bugs
hwmon: (pwm-fan) Set fan speed to 0 on suspend
s390/sthyi: Fix machine name validity indication
tun: Consistently configure generic netdev params via rtnetlink
nfp: devlink port split support for 1x100G CXP NIC
swim: fix cleanup on setup error
ataflop: fix error handling during setup
locking/lockdep: Fix debug_locks off performance problem
i2c: rcar: cleanup DMA for all kinds of failure
selftests: ftrace: Add synthetic event syntax testcase
net: qla3xxx: Remove overflowing shift statement
x86/fpu: Remove second definition of fpu in __fpu__restore_sig()
perf cpu_map: Align cpu map synthesized events properly.
perf tools: Fix use of alternatives to find JDIR
sched/fair: Fix the min_vruntime update logic in dequeue_entity()
sparc64: Make proc_id signed.
sparc: Throttle perf events properly.
sparc: Fix single-pcr perf event counter management.
perf vendor events intel: Fix wrong filter_band* values for uncore events
xfrm: policy: use hlist rcu variants on insert
Revert "perf tools: Fix PMU term format max value calculation"
bpf: do not blindly change rlimit in reuseport net selftest
ARM: dts: exynos: Disable pull control for MAX8997 interrupts on Origen
x86/speculation: Support Enhanced IBRS on future CPUs
x86/mm/pat: Disable preemption around __flush_tlb_all()
x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided
x86/xen: Fix boot loader version reported for PVH guests
x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation
ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops
ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905)
ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo M715
ALSA: hda - Fix headphone pin config for ASUS G751
ALSA: hda - Add quirk for ASUS G751 laptop
parisc: Fix exported address of os_hpmc handler
parisc: Fix map_pages() to not overwrite existing pte entries
parisc: Fix address in HPMC IVA
ipmi: Fix timer race with module unload
pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges
cpufreq: conservative: Take limits changes into account properly
jffs2: free jffs2_sb_info through jffs2_kill_sb()
hwmon: (pmbus) Fix page count auto-detection.
bcache: fix miss key refill->end in writeback
bcache: trace missed reading by cache_missed
spi: bcm-qspi: switch back to reading flash using smaller chunks
mtd: spi-nor: fsl-quadspi: fix read error for flash size larger than 16MB
Conflicts:
drivers/iommu/arm-smmu.c
Change-Id: I639fbf255e1ad1533d0018bfeb1a6b88109aa970
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
|
||
|
Eric W. Biederman
|
51f62e8271 |
signal: Guard against negative signal numbers in copy_siginfo_from_user32
commit a36700589b85443e28170be59fa11c8a104130a5 upstream.
While fixing an out of bounds array access in known_siginfo_layout
reported by the kernel test robot it became apparent that the same bug
exists in siginfo_layout and affects copy_siginfo_from_user32.
The straight forward fix that makes guards against making this mistake
in the future and should keep the code size small is to just take an
unsigned signal number instead of a signed signal number, as I did to
fix known_siginfo_layout.
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Eric W. Biederman
|
06bd97b795 |
signal: Always deliver the kernel's SIGKILL and SIGSTOP to a pid namespace init
[ Upstream commit 3597dfe01d12f570bc739da67f857fd222a3ea66 ]
Instead of playing whack-a-mole and changing SEND_SIG_PRIV to
SEND_SIG_FORCED throughout the kernel to ensure a pid namespace init
gets signals sent by the kernel, stop allowing a pid namespace init to
ignore SIGKILL or SIGSTOP sent by the kernel. A pid namespace init is
only supposed to be able to ignore signals sent from itself and
children with SIG_DFL.
Fixes:
|
||
|
Will Deacon
|
b66d0bb19f |
signal: Introduce COMPAT_SIGMINSTKSZ for use in compat_sys_sigaltstack
[ Upstream commit 22839869f21ab3850fbbac9b425ccc4c0023926f ] The sigaltstack(2) system call fails with -ENOMEM if the new alternative signal stack is found to be smaller than SIGMINSTKSZ. On architectures such as arm64, where the native value for SIGMINSTKSZ is larger than the compat value, this can result in an unexpected error being reported to a compat task. See, for example: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904385 This patch fixes the problem by extending do_sigaltstack to take the minimum signal stack size as an additional parameter, allowing the native and compat system call entry code to pass in their respective values. COMPAT_SIGMINSTKSZ is just defined as SIGMINSTKSZ if it has not been defined by the architecture. Cc: Arnd Bergmann <arnd@arndb.de> Cc: Dominik Brodowski <linux@dominikbrodowski.net> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Oleg Nesterov <oleg@redhat.com> Reported-by: Steve McIntyre <steve.mcintyre@arm.com> Tested-by: Steve McIntyre <93sam@debian.org> Signed-off-by: Will Deacon <will.deacon@arm.com> Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Peter Zijlstra
|
0742396317 |
sched/core: Introduce set_special_state()
[ Upstream commit b5bf9a90bbebffba888c9144c5a8a10317b04064 ] Gaurav reported a perceived problem with TASK_PARKED, which turned out to be a broken wait-loop pattern in __kthread_parkme(), but the reported issue can (and does) in fact happen for states that do not do condition based sleeps. When the 'current->state = TASK_RUNNING' store of a previous (concurrent) try_to_wake_up() collides with the setting of a 'special' sleep state, we can loose the sleep state. Normal condition based wait-loops are immune to this problem, but for sleep states that are not condition based are subject to this problem. There already is a fix for TASK_DEAD. Abstract that and also apply it to TASK_STOPPED and TASK_TRACED, both of which are also without condition based wait-loop. Reported-by: Gaurav Kohli <gkohli@codeaurora.org> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Reviewed-by: Oleg Nesterov <oleg@redhat.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Ingo Molnar <mingo@kernel.org> Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Peter Zijlstra
|
f199c2b6d4 |
sched/core: Introduce set_special_state()
Gaurav reported a perceived problem with TASK_PARKED, which turned out to be a broken wait-loop pattern in __kthread_parkme(), but the reported issue can (and does) in fact happen for states that do not do condition based sleeps. When the 'current->state = TASK_RUNNING' store of a previous (concurrent) try_to_wake_up() collides with the setting of a 'special' sleep state, we can loose the sleep state. Normal condition based wait-loops are immune to this problem, but for sleep states that are not condition based are subject to this problem. There already is a fix for TASK_DEAD. Abstract that and also apply it to TASK_STOPPED and TASK_TRACED, both of which are also without condition based wait-loop. Change-Id: I438d22302731eaaf8427c1fc7499659f96de33d2 Reported-by: Gaurav Kohli <gkohli@codeaurora.org> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Reviewed-by: Oleg Nesterov <oleg@redhat.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Ingo Molnar <mingo@kernel.org> Git-commit: b5bf9a90bbebffba888c9144c5a8a10317b04064 Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git Signed-off-by: Gaurav Kohli <gkohli@codeaurora.org> Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org> |
||
|
Charan Teja Reddy
|
724adb4433 |
mm: oom_kill: reap memory of a task that receives SIGKILL
Free the pages parallely for a task that receives SIGKILL using the oom_reaper. This freeing of pages will help to give the pages to buddy system well advance. This reaps for the process which received SIGKILL through either sys_kill from user or kill_pid from kernel and that sending process has CAP_KILL capability. Also sysctl interface, reap_mem_on_sigkill, is added to turn on/off this feature. Change-Id: I21adb95de5e380a80d7eb0b87d9b5b553f52e28a Signed-off-by: Charan Teja Reddy <charante@codeaurora.org> |
||
|
Levin, Alexander (Sasha Levin)
|
ae63fd26b2 |
kmemcheck: stop using GFP_NOTRACK and SLAB_NOTRACK
commit 75f296d93bcebcfe375884ddac79e30263a31766 upstream. Convert all allocations that used a NOTRACK flag to stop using it. Link: http://lkml.kernel.org/r/20171007030159.22241-3-alexander.levin@verizon.com Signed-off-by: Sasha Levin <alexander.levin@verizon.com> Cc: Alexander Potapenko <glider@google.com> Cc: Eric W. Biederman <ebiederm@xmission.com> Cc: Michal Hocko <mhocko@kernel.org> Cc: Pekka Enberg <penberg@kernel.org> Cc: Steven Rostedt <rostedt@goodmis.org> Cc: Tim Hansen <devtimhansen@gmail.com> Cc: Vegard Nossum <vegardno@ifi.uio.no> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Oleg Nesterov
|
289b51d3c1 |
kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal()
commit 426915796ccaf9c2bd9bb06dc5702225957bc2e5 upstream.
complete_signal() checks SIGNAL_UNKILLABLE before it starts to destroy
the thread group, today this is wrong in many ways.
If nothing else, fatal_signal_pending() should always imply that the
whole thread group (except ->group_exit_task if it is not NULL) is
killed, this check breaks the rule.
After the previous changes we can rely on sig_task_ignored();
sig_fatal(sig) && SIGNAL_UNKILLABLE can only be true if we actually want
to kill this task and sig == SIGKILL OR it is traced and debugger can
intercept the signal.
This should hopefully fix the problem reported by Dmitry. This
test-case
static int init(void *arg)
{
for (;;)
pause();
}
int main(void)
{
char stack[16 * 1024];
for (;;) {
int pid = clone(init, stack + sizeof(stack)/2,
CLONE_NEWPID | SIGCHLD, NULL);
assert(pid > 0);
assert(ptrace(PTRACE_ATTACH, pid, 0, 0) == 0);
assert(waitpid(-1, NULL, WSTOPPED) == pid);
assert(ptrace(PTRACE_DETACH, pid, 0, SIGSTOP) == 0);
assert(syscall(__NR_tkill, pid, SIGKILL) == 0);
assert(pid == wait(NULL));
}
}
triggers the WARN_ON_ONCE(!(task->jobctl & JOBCTL_STOP_PENDING)) in
task_participate_group_stop(). do_signal_stop()->signal_group_exit()
checks SIGNAL_GROUP_EXIT and return false, but task_set_jobctl_pending()
checks fatal_signal_pending() and does not set JOBCTL_STOP_PENDING.
And his should fix the minor security problem reported by Kyle,
SECCOMP_RET_TRACE can miss fatal_signal_pending() the same way if the
task is the root of a pid namespace.
Link: http://lkml.kernel.org/r/20171103184246.GD21036@redhat.com
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Reported-by: Kyle Huey <me@kylehuey.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Tested-by: Kyle Huey <me@kylehuey.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Oleg Nesterov
|
94429f3536 |
kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from !sig_kernel_only() signals
commit ac25385089f673560867eb5179228a44ade0cfc1 upstream. Change sig_task_ignored() to drop the SIG_DFL && !sig_kernel_only() signals even if force == T. This simplifies the next change and this matches the same check in get_signal() which will drop these signals anyway. Link: http://lkml.kernel.org/r/20171103184227.GC21036@redhat.com Signed-off-by: Oleg Nesterov <oleg@redhat.com> Tested-by: Kyle Huey <me@kylehuey.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Oleg Nesterov
|
2ebd69e8c2 |
kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL
commit 628c1bcba204052d19b686b5bac149a644cdb72e upstream. The comment in sig_ignored() says "Tracers may want to know about even ignored signals" but SIGKILL can not be reported to debugger and it is just wrong to return 0 in this case: SIGKILL should only kill the SIGNAL_UNKILLABLE task if it comes from the parent ns. Change sig_ignored() to ignore ->ptrace if sig == SIGKILL and rely on sig_task_ignored(). SISGTOP coming from within the namespace is not really right too but at least debugger can intercept it, and we can't drop it here because this will break "gdb -p 1": ptrace_attach() won't work. Perhaps we will add another ->ptrace check later, we will see. Link: http://lkml.kernel.org/r/20171103184206.GB21036@redhat.com Signed-off-by: Oleg Nesterov <oleg@redhat.com> Tested-by: Kyle Huey <me@kylehuey.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Andrew Clayton
|
c3aff086ea |
signal: Fix name of SIGEMT in #if defined() check
Commit |
||
|
Linus Torvalds
|
dd198ce714 |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
Pull namespace updates from Eric Biederman:
"Life has been busy and I have not gotten half as much done this round
as I would have liked. I delayed it so that a minor conflict
resolution with the mips tree could spend a little time in linux-next
before I sent this pull request.
This includes two long delayed user namespace changes from Kirill
Tkhai. It also includes a very useful change from Serge Hallyn that
allows the security capability attribute to be used inside of user
namespaces. The practical effect of this is people can now untar
tarballs and install rpms in user namespaces. It had been suggested to
generalize this and encode some of the namespace information
information in the xattr name. Upon close inspection that makes the
things that should be hard easy and the things that should be easy
more expensive.
Then there is my bugfix/cleanup for signal injection that removes the
magic encoding of the siginfo union member from the kernel internal
si_code. The mips folks reported the case where I had used FPE_FIXME
me is impossible so I have remove FPE_FIXME from mips, while at the
same time including a return statement in that case to keep gcc from
complaining about unitialized variables.
I almost finished the work to get make copy_siginfo_to_user a trivial
copy to user. The code is available at:
git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git neuter-copy_siginfo_to_user-v3
But I did not have time/energy to get the code posted and reviewed
before the merge window opened.
I was able to see that the security excuse for just copying fields
that we know are initialized doesn't work in practice there are buggy
initializations that don't initialize the proper fields in siginfo. So
we still sometimes copy unitialized data to userspace"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
Introduce v3 namespaced file capabilities
mips/signal: In force_fcr31_sig return in the impossible case
signal: Remove kernel interal si_code magic
fcntl: Don't use ambiguous SIG_POLL si_codes
prctl: Allow local CAP_SYS_ADMIN changing exe_file
security: Use user_namespace::level to avoid redundant iterations in cap_capable()
userns,pidns: Verify the userns for new pid namespaces
signal/testing: Don't look for __SI_FAULT in userspace
signal/mips: Document a conflict with SI_USER with SIGFPE
signal/sparc: Document a conflict with SI_USER with SIGFPE
signal/ia64: Document a conflict with SI_USER with SIGFPE
signal/alpha: Document a conflict with SI_USER for SIGTRAP
|
||
|
Jamie Iles
|
eb61b5911b |
signal: don't remove SIGNAL_UNKILLABLE for traced tasks.
When forcing a signal, SIGNAL_UNKILLABLE is removed to prevent recursive faults, but this is undesirable when tracing. For example, debugging an init process (whether global or namespace), hitting a breakpoint and SIGTRAP will force SIGTRAP and then remove SIGNAL_UNKILLABLE. Everything continues fine, but then once debugging has finished, the init process is left killable which is unlikely what the user expects, resulting in either an accidentally killed init or an init that stops reaping zombies. Link: http://lkml.kernel.org/r/20170815112806.10728-1-jamie.iles@oracle.com Signed-off-by: Jamie Iles <jamie.iles@oracle.com> Acked-by: Oleg Nesterov <oleg@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Dmitry V. Levin
|
fbb77611e9 |
Fix compat_sys_sigpending breakage
The latest change of compat_sys_sigpending in commit |
||
|
Eric W. Biederman
|
cc731525f2 |
signal: Remove kernel interal si_code magic
struct siginfo is a union and the kernel since 2.4 has been hiding a union tag in the high 16bits of si_code using the values: __SI_KILL __SI_TIMER __SI_POLL __SI_FAULT __SI_CHLD __SI_RT __SI_MESGQ __SI_SYS While this looks plausible on the surface, in practice this situation has not worked well. - Injected positive signals are not copied to user space properly unless they have these magic high bits set. - Injected positive signals are not reported properly by signalfd unless they have these magic high bits set. - These kernel internal values leaked to userspace via ptrace_peek_siginfo - It was possible to inject these kernel internal values and cause the the kernel to misbehave. - Kernel developers got confused and expected these kernel internal values in userspace in kernel self tests. - Kernel developers got confused and set si_code to __SI_FAULT which is SI_USER in userspace which causes userspace to think an ordinary user sent the signal and that it was not kernel generated. - The values make it impossible to reorganize the code to transform siginfo_copy_to_user into a plain copy_to_user. As si_code must be massaged before being passed to userspace. So remove these kernel internal si codes and make the kernel code simpler and more maintainable. To replace these kernel internal magic si_codes introduce the helper function siginfo_layout, that takes a signal number and an si_code and computes which union member of siginfo is being used. Have siginfo_layout return an enumeration so that gcc will have enough information to warn if a switch statement does not handle all of union members. A couple of architectures have a messed up ABI that defines signal specific duplications of SI_USER which causes more special cases in siginfo_layout than I would like. The good news is only problem architectures pay the cost. Update all of the code that used the previous magic __SI_ values to use the new SIL_ values and to call siginfo_layout to get those values. Escept where not all of the cases are handled remove the defaults in the switch statements so that if a new case is missed in the future the lack will show up at compile time. Modify the code that copies siginfo si_code to userspace to just copy the value and not cast si_code to a short first. The high bits are no longer used to hold a magic union member. Fixup the siginfo header files to stop including the __SI_ values in their constants and for the headers that were missing it to properly update the number of si_codes for each signal type. The fixes to copy_siginfo_from_user32 implementations has the interesting property that several of them perviously should never have worked as the __SI_ values they depended up where kernel internal. With that dependency gone those implementations should work much better. The idea of not passing the __SI_ values out to userspace and then not reinserting them has been tested with criu and criu worked without changes. Ref: 2.4.0-test1 Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> |
||
|
zhongjiang
|
4ea77014af |
kernel/signal.c: avoid undefined behaviour in kill_something_info
When running kill(72057458746458112, 0) in userspace I hit the following issue. UBSAN: Undefined behaviour in kernel/signal.c:1462:11 negation of -2147483648 cannot be represented in type 'int': CPU: 226 PID: 9849 Comm: test Tainted: G B ---- ------- 3.10.0-327.53.58.70.x86_64_ubsan+ #116 Hardware name: Huawei Technologies Co., Ltd. RH8100 V3/BC61PBIA, BIOS BLHSV028 11/11/2014 Call Trace: dump_stack+0x19/0x1b ubsan_epilogue+0xd/0x50 __ubsan_handle_negate_overflow+0x109/0x14e SYSC_kill+0x43e/0x4d0 SyS_kill+0xe/0x10 system_call_fastpath+0x16/0x1b Add code to avoid the UBSAN detection. [akpm@linux-foundation.org: tweak comment] Link: http://lkml.kernel.org/r/1496670008-59084-1-git-send-email-zhongjiang@huawei.com Signed-off-by: zhongjiang <zhongjiang@huawei.com> Cc: Oleg Nesterov <oleg@redhat.com> Cc: Michal Hocko <mhocko@kernel.org> Cc: Vlastimil Babka <vbabka@suse.cz> Cc: Xishi Qiu <qiuxishi@huawei.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |