OpenSSL 3.0 deprecated the OpenSSL's ENGINE API. That is as may be, but
the kernel build host tools still use it. Disable the warning about
deprecated declarations until somebody who cares fixes it.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Change-Id: I655a75665920983abc9c3b0d73abfcb34f41b610
Fixes: 4b7e37cbcd65 ("usb: new attributes implementation to enable/disable usb data")
Bug: 194649527
Test: build, boot
Signed-off-by: Jimmy Hu <hhhuuu@google.com>
Change-Id: I63f58c3df620e91367b23b405fa0e9a577313964
Signed-off-by: Albert Wang <albertccwang@google.com>
Bug: 188760285
Test: driver probe and attributes access normally
Signed-off-by: Albert Wang <albertccwang@google.com>
Change-Id: I0aec98eebff9454cdec065bb09825f6442ac013b
dtc gained new warnings checking PCI and simple buses, unit address
formatting, and stricter node and property name checking. Disable the
new dtc warnings by default as there are 1000s. As before, warnings are
enabled with W=1 or W=2. The strict node and property name checks are a
bit subjective, so they are only enabled for W=2.
Signed-off-by: Rob Herring <robh@kernel.org>
Remove __packed from the usage of union gsi_wdi3_channel_scratch2_reg.
__packed is only needed in the union inclusion.
Bug: 152368391
Change-Id: I7a5df200b4cbf12b5bcbe13497987b696eec76b8
Signed-off-by: Wilson Sung <wilsonsung@google.com>
Remove __packed from the usage of struct gsi_mhi_channel_scratch.
__packed is only needed in the struct definition and one union inclusion.
include/linux/msm_gsi.h:
struct __packed gsi_mhi_channel_scratch {
...
}
union __packed gsi_channel_scratch {
...
struct __packed gsi_mhi_channel_scratch mhi;
...
}
Bug: 139442076
Bug: 139808631
Bug: 142366585
Change-Id: Ic07de9a164b88238bbe8655252b65783d846e933
Signed-off-by: Petri Gynther <pgynther@google.com>
(cherry picked from commit 43edfaab5f33aaa199f109e6c227221dbd13eac2)
Remove __packed from the usage of union gsi_evt_scratch.
__packed is only needed in the union definition.
include/linux/msm_gsi.h:
union __packed gsi_evt_scratch {
...
}
Bug: 139442076
Bug: 139808631
Bug: 142366585
Change-Id: If3d0e1bc2674f01d5a9a02e73d33b28a648539bc
Signed-off-by: Petri Gynther <pgynther@google.com>
(cherry picked from commit 33c2fa85bdfd90436d4c975757eefc6706a785c5)
Remove __packed from the usage of union gsi_wdi_channel_scratch3_reg.
__packed is only needed in the union definition.
include/linux/msm_gsi.h:
union __packed gsi_wdi_channel_scratch3_reg {
...
}
Bug: 139442076
Bug: 139808631
Bug: 142366585
Change-Id: I70edc50fbbe4c004309f76c020ac4d77cad91aad
Signed-off-by: Petri Gynther <pgynther@google.com>
(cherry picked from commit 2871c785dd89dd0926d12a93161fca6e27a6cd2e)
Remove __packed from the usage of union gsi_channel_scratch.
__packed is only needed in the union definition.
include/linux/msm_gsi.h:
union __packed gsi_channel_scratch {
...
}
Bug: 139442076
Bug: 139808631
Bug: 142366585
Change-Id: If59d3d217e6a4bae92b9931523e2f89a39a04be9
Signed-off-by: Petri Gynther <pgynther@google.com>
(cherry picked from commit 54ace836af62b9fc1edff9c3a436064e177fe2e4)
The reg in soc_dapm_mux is 32-bit. The BE DAI ID passed
as shift(to be operated on the reg) may be more than 31,
which may cause overflow.
Set reg field to SND_SOC_NOPM to avoid any DAPM operation
while passing BE IDs in shift_l field and hence avoid overflow.
Change-Id: Ibbbca04c61b7c56eb4c5a7485a4e93dc28a09709
Signed-off-by: Soumya Managoli <smanag@codeaurora.org>
[dereference23: Forward port to 4.14]
Signed-off-by: Alexander Winkowski <dereference23@outlook.com>
The use of zero-length array causes undefined behavior.
Replace zero-length array with flexible-array member.
Bug: 174330770
Test: build pass and boot to home
Change-Id: I080ed1555d5b60075f6a86aa0ac15427529f7a1b
Signed-off-by: Jimmy Hu <hhhuuu@google.com>
Signed-off-by: Puma Hsu <pumahsu@google.com>
When attaching to audiopd on ADSP, allocate one
extra byte for the process name so that it is
null terminated when data is copied from file
pointer in the userspace.
Change-Id: Iffb9ef5cb0198ff7cbf44d0f3be03a1c9f29a90f
Acked-by: Vishnu Karthik D <vikarthi@qti.qualcomm.com>
Signed-off-by: Jeya R <jeyr@codeaurora.org>
(cherry-picked from commit 4d5a6020f9fc49c83e7808a63a2a8088225cde81)
[ASB_2021-10-05 / CVE-2021-30306 / Ref. ID A-193071117 - QC-CR#2915692]
Signed-off-by: Albert I <kras@raphielgang.org>
Signed-off-by: Alexander Winkowski <dereference23@outlook.com>
The array fastrpc_rpmsg_match is not ended with {}, out-of-bounds access
might occur when enumerating the ids listed in fastrpc_rpmsg_match.
Added {} to prevent out-of-bounds access.
bug: 189164670
Change-Id: Ia18e70c7739fca242c70187083c8fc651f98e968
Signed-off-by: JJ Lee <leejj@google.com>
Consider a case where ffs_data_new is getting called from
ffs_fs_get_tree and ffs_data_new returns error pointer since
the function (e.g. adb) is already mounted. The driver is only
checking for the NULL return value for ffs but in this case it
will not be NULL, which will fail the check and driver will go
ahead accessing invalid pointer which can lead to inconsistencies.
Fix this by having NULL as well as error pointer check for ffs.
Change-Id: Idad5a0b91148325258ea3f545d4da71644c7fc53
Signed-off-by: Pratham Pratap <prathampratap@codeaurora.org>
INVALID_TUNING_PHASE is defined to -1 but saved_tuning_phase is defined
as an unsigned integer. This causes the following UBSAN warning:
[ 1.150177] UBSAN: Undefined behaviour in ../../../../../../kernel/xiaomi/sm6250/drivers/mmc/host/sdhci-msm.c:542:2
[ 1.150180] index 255 is out of range for type 'u8 [16]'
[ 1.150185] CPU: 6 PID: 87 Comm: kworker/6:1 Tainted: G S 4.14.190-lineageos-ge44e3bc2e-dirty #17
[ 1.150187] Hardware name: Qualcomm Technologies, Inc. ATOLL-AB PM6150 wcd937x Audio Codec AB IDP CURTANA (DT)
[ 1.150196] Workqueue: events_freezable mmc_rescan
[ 1.150199] Call trace:
[ 1.150204] dump_backtrace+0x0/0x1d0
[ 1.150208] show_stack+0x18/0x24
[ 1.150213] dump_stack+0xd8/0x114
[ 1.150217] __ubsan_handle_out_of_bounds+0xc8/0x104
[ 1.150220] msm_config_cm_dll_phase+0x238/0x248
[ 1.150222] sdhci_msm_execute_tuning+0x2a0/0xb24
[ 1.150225] sdhci_execute_tuning+0xcc/0x6c0
[ 1.150228] mmc_execute_tuning+0x6c/0xc0
[ 1.150230] mmc_sd_init_card+0x62c/0x6e0
[ 1.150233] mmc_attach_sd+0xbc/0x2cc
[ 1.150235] mmc_rescan+0x2ac/0x3a4
[ 1.150239] process_one_work+0x260/0x45c
[ 1.150241] worker_thread+0x258/0x494
[ 1.150244] kthread+0x11c/0x12c
[ 1.150247] ret_from_fork+0x10/0x18
Fix it by changing the saved_tuning_phase definition to a signed integer.
Signed-off-by: Alexander Winkowski <dereference23@outlook.com>
Change-Id: I9f53d4c7a7a543e77f6538253c485af61c0e7684
Fixes the following clang warning:
../drivers/mmc/core/sdio_cis.c:58:31: warning: size argument in
'strlcpy' call appears to be size of the source; expected the size of
the destination [-Wstrlcpy-strlcat-size]
Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
Signed-off-by: khusika <khusikadhamar@gmail.com>
Change-Id: I1b35b56039e03fb3bf6572037fa2421302c6fe32
Change-Id: Ia33743c8770dbb3cffe52aa1b57faa3267f37d8f
Signed-off-by: Sultan Alsawaf <sultan@kerneltoast.com>
[dereference23: Extend to audio-kernel 4.0]
Signed-off-by: Alexander Winkowski <dereference23@outlook.com>
Change-Id: If2b6b67afafddc749557a2230582fbacd1c85c26
Signed-off-by: Sultan Alsawaf <sultan@kerneltoast.com>
[dereference23: Extend to audio-kernel 4.0]
Signed-off-by: Alexander Winkowski <dereference23@outlook.com>
The non-blocking if-statement here causes the AUDIO_GET_AMRWB_ENC_CONFIG
ioctl to always return -EFAULT, even upon success. Fix it by correctly
guarding the -EFAULT return value.
Change-Id: Ia3a7247f5febb21d3b654c0ed29e81135e732c79
Signed-off-by: Sultan Alsawaf <sultan@kerneltoast.com>
[dereference23: Extend to audio-kernel 4.0]
Signed-off-by: Alexander Winkowski <dereference23@outlook.com>
This confuses GCC's FORTIFY_SOURCE check for the copy_from_user() in
this function. Simplify it to resolve the GCC warning.
Signed-off-by: Sultan Alsawaf <sultan@kerneltoast.com>
Change-Id: I963ae2b81e4ac7cb46c08ece73bb7cd1201a621e
Accessing an atomic variable without the atomic_*() helpers is illegal.
Signed-off-by: Sultan Alsawaf <sultan@kerneltoast.com>
Change-Id: Ie2205c438ad0824f80b92d72e40c4618e6ec35aa
soc_private->cpas_handle is an array of registers; passing it wholesale
and casting the error away is completely wrong. Since it's unclear which
register is intended to be read here, just remove the nonsensical code
entirely.
Signed-off-by: Sultan Alsawaf <sultan@kerneltoast.com>
Change-Id: I94e895b09e1cff81f2b368efda18cb77eb63ee43
Fixes:
scripts/kconfig/symbol.c:1153:4: warning: misleading indentation;
statement is not part of the previous 'if' [-Wmisleading-indentation]
fprintf(stderr, "For a resolution refer to Documentation/kbuild/kconfig-language.txt\n");
^
scripts/kconfig/symbol.c:1150:3: note: previous statement is here
if (stack->sym == last_sym)
^
This code has been significantly rewritten upstream, it's not worth
backporting IMO.
Bug: 155426751
Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
Change-Id: I22f8317f7b92f59a9bd810593cbf3aacb4b73c5e
Fixes:
drivers/media/platform/msm/camera/cam_isp/isp_hw_mgr/isp_hw/vfe_hw/vfe_top/cam_vfe_fe_ver1.c:399:20:
error: cast to smaller integer type 'uint32_t' (aka 'unsigned int') from
'uint32_t *' (aka 'unsigned int *') [-Werror,-Wpointer-to-int-cast]
cam_cpas_reg_read((uint32_t)soc_private->cpas_handle,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/media/platform/msm/camera/cam_isp/isp_hw_mgr/isp_hw/vfe_hw/vfe_top/cam_vfe_fe_ver1.c:403:20:
error: cast to smaller integer type 'uint32_t' (aka 'unsigned int') from
'uint32_t *' (aka 'unsigned int *') [-Werror,-Wpointer-to-int-cast]
cam_cpas_reg_read((uint32_t)soc_private->cpas_handle,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This code should be carefully reviewed, as this looks like the compiler
has highlighted a bug. Based on the use of soc_private->cpas_handle
being passed to cam_cpas_reg_read in another translation unit,
drivers/media/platform/msm/camera_floral/cam_isp/isp_hw_mgr/isp_hw/vfe_hw/vfe_top/cam_vfe_camif_ver2.c
I suspect that they meant to use the first element's value, not the
address of the first element, truncated to 32b.
Bug: 155426751
Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
Change-Id: I966e41000aec72c5d117cbce5097128daa818a3d
Fixes:
drivers/media/platform/msm/camera/cam_icp/icp_hw/icp_hw_mgr/cam_icp_hw_mgr.c:3481:17:
error: multiple unsequenced modifications to 'num_cmd_buf'
[-Werror,-Wunsequenced]
num_cmd_buf-- : 0;
^
drivers/media/platform/msm/camera/cam_icp/icp_hw/icp_hw_mgr/cam_icp_hw_mgr.c:3505:17:
error: multiple unsequenced modifications to 'num_cmd_buf'
[-Werror,-Wunsequenced]
num_cmd_buf-- : 0;
^
This code is decrementing num_cmd_buf, but clamping it at 0.
See:
commit 05349feaa2032 ("Camera: Bring over camera driver changes")
to techpack/camera/drivers/cam_icp/icp_hw/icp_hw_mgr/cam_icp_hw_mgr.c
in newer device's kernels.
Bug: 155426751
Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
Change-Id: Ib55cd21f9298c125294d55837dc96bff9d7bc9e7
(cherry picked from commit 0d84d28ff30809c2e925eca06ecfda110e67c45b)
The KASAN builds have started producing the warning:
WARNING: vmlinux.o(.text+0x8cad78): Section mismatch in reference from the function spcom_probe() to the function .init.text:spcom_register_chardev()
The function spcom_probe() references
the function __init spcom_register_chardev().
This is often because spcom_probe lacks a __init
annotation or the annotation of spcom_register_chardev is wrong.
Indeed, spcom_register_chardev is called from the non-__init
spcom_probe, so marking spcom_register_chardev __init is dangerous.
Bug: 139442076
Change-Id: I8feff354bcea8171d8f8130cfa8a230439efc9b0
Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
This reverts commit 00d37423ce.
Causes the following assembler errors:
/tmp/spinlock_debug-15a9d8.s:441: Error: attempt to move .org backwards
The reverted commit is an out of tree patch that does not exist in
4.14.y upstream. Mainline has outright removed the arch_spin_trylock()
function in this translation units.
See also from mainline:
commit a4c1887d4c14 ("locking/arch: Remove dummy
arch_{read,spin,write}_lock_flags() implementations")
commit c11090474d70 ("arm64: locking: Replace ticket lock implementation
with qspinlock")
Bug: 117152549
Change-Id: I3eb40e5d18ed22c4e3ff1d2b8707e784067aabac
Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
Signed-off-by: Alexander Winkowski <dereference23@outlook.com>
This reverts commit d4807bd60d.
That out of tree patch causes the resulting kernel image to be too
large, causing ld.lld to error; likely due to the additional section and
alignment requirements. Android and floral don't host virtual targets
and thus do not run at EL2 on arm64.
Bug: 63740206
Change-Id: I357bf4d5c7e29230746eacd51fef413acec06067
Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
This reverts commit 1416d1c439.
Unnecessary with Clang 6.0+.
Signed-off-by: Danny Lin <danny@kdrag0n.dev>
Change-Id: I6f29ca050566e9027e51605e64bf6893602344ef
