There is no longer any interface to read data from the blocking
pool, so remove it.
This enables quite a bit of code deletion, much of which will be
done in subsequent patches.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Link: https://lore.kernel.org/r/511225a224bf0a291149d3c0b8b45393cd03ab96.1577088521.git.luto@kernel.org
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit 90ea1c6436d26e62496616fb5891e00819ff4849)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: I0ccca476cfbed9e17ab8c3bec4808adb117b57a7
This patch changes the read semantics of /dev/random to be the same
as /dev/urandom except that reads will block until the CRNG is
ready.
None of the cleanups that this enables have been done yet. As a
result, this gives a warning about an unused function.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Link: https://lore.kernel.org/r/5e6ac8831c6cf2e56a7a4b39616d1732b2bdd06c.1577088521.git.luto@kernel.org
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit 30c08efec8884fb106b8e57094baa51bb4c44e32)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: I40d6f5b535aca178419cb4f7821b4a9105367c51
/dev/random and getrandom() never warn. Split the meat of
urandom_read() into urandom_read_nowarn() and leave the warning code
in urandom_read().
This has no effect on kernel behavior, but it makes subsequent
patches more straightforward. It also makes the fact that
getrandom() never warns more obvious.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Link: https://lore.kernel.org/r/c87ab200588de746431d9f916501ef11e5242b13.1577088521.git.luto@kernel.org
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit c6f1deb158789abba02a7eba600747843eeb3a57)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: Iaf34ab88dac9c6a0e217d48543d1d26be32591e5
crng_init_wait is only used to wayt for crng_init to be set to 2, so
there's no point to waking it when crng_init is set to 1. Remove the
unnecessary wake_up_interruptible() call.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Link: https://lore.kernel.org/r/6fbc0bfcbfc1fa2c76fd574f5b6f552b11be7fde.1577088521.git.luto@kernel.org
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit 4c8d062186d9923c09488716b2fb1b829b5b8006)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: I472e05f72ffce40683aa187aaf0870af39007ac8
Introducing a chosen node, rng-seed, which is an entropy that can be
passed to kernel called very early to increase initial device
randomness. Bootloader should provide this entropy and the value is
read from /chosen/rng-seed in DT.
Obtain of_fdt_crc32 for CRC check after early_init_dt_scan_nodes(),
since early_init_dt_scan_chosen() would modify fdt to erase rng-seed.
Add a new interface add_bootloader_randomness() for rng-seed use case.
Depends on whether the seed is trustworthy, rng seed would be passed to
add_hwgenerator_randomness(). Otherwise it would be passed to
add_device_randomness(). Decision is controlled by kernel config
RANDOM_TRUST_BOOTLOADER.
Signed-off-by: Hsin-Yi Wang <hsinyi@chromium.org>
Reviewed-by: Stephen Boyd <swboyd@chromium.org>
Reviewed-by: Rob Herring <robh@kernel.org>
Reviewed-by: Theodore Ts'o <tytso@mit.edu> # drivers/char/random.c
Signed-off-by: Will Deacon <will@kernel.org>
(cherry picked from commit 428826f5358c922dc378830a1717b682c0823160)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: I54fb81eb88b955ead400fd39180c0fa41de37c8e
Fixes: eb9d1bf079bb: "random: only read from /dev/random after its pool has received 128 bits"
Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit 58be0106c5306b939b07b4b8bf00669a20593f4b)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: I87df025423848df2e8ff2ccb6856da073a385750
Explain what these functions are for and when they offer
an advantage over get_random_bytes().
(We still need documentation on rng_is_initialized(), the
random_ready_callback system, and early boot in general.)
Signed-off-by: George Spelvin <lkml@sdf.org>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit 92e507d216139b356a375afbda2824e85235e748)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: I8a218b2569a10ec1106ad04eebccbf26fd7e1ca3
Right now rand_initialize() is run as an early_initcall(), but it only
depends on timekeeping_init() (for mixing ktime_get_real() into the
pools). However, the call to boot_init_stack_canary() for stack canary
initialization runs earlier, which triggers a warning at boot:
random: get_random_bytes called from start_kernel+0x357/0x548 with crng_init=0
Instead, this moves rand_initialize() to after timekeeping_init(), and moves
canary initialization here as well.
Note that this warning may still remain for machines that do not have
UEFI RNG support (which initializes the RNG pools during setup_arch()),
or for x86 machines without RDRAND (or booting without "random.trust=on"
or CONFIG_RANDOM_TRUST_CPU=y).
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit d55535232c3dbde9a523a9d10d68670f5fe5dec3)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: If2aec7b464244ae89bdcd0ce2c363c36645aaa6c
Immediately after boot, we allow reads from /dev/random before its
entropy pool has been fully initialized. Fix this so that we don't
allow this until the blocking pool has received 128 bits.
We do this by repurposing the initialized flag in the entropy pool
struct, and use the initialized flag in the blocking pool to indicate
whether it is safe to pull from the blocking pool.
To do this, we needed to rework when we decide to push entropy from the
input pool to the blocking pool, since the initialized flag for the
input pool was used for this purpose. To simplify things, we no
longer use the initialized flag for that purpose, nor do we use the
entropy_total field any more.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit eb9d1bf079bb438d1a066d72337092935fc770f6)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: Ic0f66f7f04b514446cdec4cab4a47a0d3a184886
Since the definition of struct crng_state is private to random.c, and
primary_crng is neither declared or used elsewhere, there's no reason
for that symbol to have external linkage.
Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit 764ed189c82090c1d85f0e30636156736d8f09a8)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: I717cda431b78bb99f3339461b6868308dd31cf12
This field is never used, might as well remove it.
Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit 3bd0b5bf7dc3ea02070fcbcd682ecf628269e8ef)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: I29de002717f8b600adb741e469fada15a9c0d25c
Never modified, might as well be put in .rodata.
Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit 26e0854ab3310bbeef1ed404a2c87132fc91f8e1)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: I764d96db977cdf1a6a890897033999793dc53848
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl461NIACgkQONu9yGCS
aT6Mqw//W5xIIcs0Ut+P+QYNN6lCTRJ0AvFUolz79M3pyK/rHUluwTvYJbDAeGE3
sckv96rE1pxj5ZSf6LegXIoALrA4RlYHS8xXkYnRrt6xfrb7UwpqsJtt4Mx+IrJ3
9uFfaWRSvuDfRCraZxLiE2Bl9xVYvaPfFJYBmH383VB+deYNfpwORFsqNDQT+gR6
PZLuV0x//Kerwmd4OvaaHR/fIl8YVKmIz5lu3+3WIuVKxTK6Bbd3YzVu13dhVaX2
mETflLEAO/sYsUQiS4SO22ejLAiWyD8LyMV8s9KeTFQXzML3JpibKnt3ySDfzsFE
m8VRlaLcQwB0Ca2AVGHA5QV0+V+2+6qh/IcZl630feBueGQX59qLQkOurD4e/9lm
Na6ZkLPTh9UipIfTu9fvA5HY5lPt2VcSWwG2nLluckfJIpKNFVQEB7vuk9zd7468
qkXmj/J1YDdJzt2YgD0WZuKu3f1/No7rXbNmT2Oj0+HNWWvIU9xFNFlIPAxo7pJy
kwekd9+gHI0n1OhLRjzYUyf0pD+j0o75ZHsYYsUW0y6cGoWX/LmQ8JPFi+waHiov
FOe8FJz/uDtfQnJ4+izAM5Jjbu1LE+L8uGoIExYAv4DuXgPZtI2wtHvP4HHM3Aov
mDWLesMgizsroViv57aXC0C1ZPksPpGeHT+HcH7RnDQ0kQmpe3E=
=2XGW
-----END PGP SIGNATURE-----
Merge 4.19.102 into android-4.19
Changes in 4.19.102
vfs: fix do_last() regression
x86/resctrl: Fix use-after-free when deleting resource groups
x86/resctrl: Fix use-after-free due to inaccurate refcount of rdtgroup
x86/resctrl: Fix a deadlock due to inaccurate reference
crypto: pcrypt - Fix user-after-free on module unload
rsi: add hci detach for hibernation and poweroff
rsi: fix use-after-free on failed probe and unbind
perf c2c: Fix return type for histogram sorting comparision functions
PM / devfreq: Add new name attribute for sysfs
tools lib: Fix builds when glibc contains strlcpy()
arm64: kbuild: remove compressed images on 'make ARCH=arm64 (dist)clean'
ext4: validate the debug_want_extra_isize mount option at parse time
mm/mempolicy.c: fix out of bounds write in mpol_parse_str()
reiserfs: Fix memory leak of journal device string
media: digitv: don't continue if remote control state can't be read
media: af9005: uninitialized variable printked
media: vp7045: do not read uninitialized values if usb transfer fails
media: gspca: zero usb_buf
media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0
tomoyo: Use atomic_t for statistics counter
ttyprintk: fix a potential deadlock in interrupt context issue
Bluetooth: Fix race condition in hci_release_sock()
cgroup: Prevent double killing of css when enabling threaded cgroup
media: si470x-i2c: Move free() past last use of 'radio'
ARM: dts: sun8i: a83t: Correct USB3503 GPIOs polarity
ARM: dts: am57xx-beagle-x15/am57xx-idk: Remove "gpios" for endpoint dt nodes
ARM: dts: beagle-x15-common: Model 5V0 regulator
soc: ti: wkup_m3_ipc: Fix race condition with rproc_boot
tools lib traceevent: Fix memory leakage in filter_event
rseq: Unregister rseq for clone CLONE_VM
clk: sunxi-ng: h6-r: Fix AR100/R_APB2 parent order
mac80211: mesh: restrict airtime metric to peered established plinks
clk: mmp2: Fix the order of timer mux parents
ASoC: rt5640: Fix NULL dereference on module unload
ixgbevf: Remove limit of 10 entries for unicast filter list
ixgbe: Fix calculation of queue with VFs and flow director on interface flap
igb: Fix SGMII SFP module discovery for 100FX/LX.
platform/x86: GPD pocket fan: Allow somewhat lower/higher temperature limits
ASoC: sti: fix possible sleep-in-atomic
qmi_wwan: Add support for Quectel RM500Q
parisc: Use proper printk format for resource_size_t
wireless: fix enabling channel 12 for custom regulatory domain
cfg80211: Fix radar event during another phy CAC
mac80211: Fix TKIP replay protection immediately after key setup
wireless: wext: avoid gcc -O3 warning
netfilter: nft_tunnel: ERSPAN_VERSION must not be null
net: dsa: bcm_sf2: Configure IMP port for 2Gb/sec
bnxt_en: Fix ipv6 RFS filter matching logic.
riscv: delete temporary files
iwlwifi: Don't ignore the cap field upon mcc update
ARM: dts: am335x-boneblack-common: fix memory size
vti[6]: fix packet tx through bpf_redirect()
xfrm interface: fix packet tx through bpf_redirect()
xfrm: interface: do not confirm neighbor when do pmtu update
scsi: fnic: do not queue commands during fwreset
ARM: 8955/1: virt: Relax arch timer version check during early boot
tee: optee: Fix compilation issue with nommu
airo: Fix possible info leak in AIROOLDIOCTL/SIOCDEVPRIVATE
airo: Add missing CAP_NET_ADMIN check in AIROOLDIOCTL/SIOCDEVPRIVATE
r8152: get default setting of WOL before initializing
ARM: dts: am43x-epos-evm: set data pin directions for spi0 and spi1
qlcnic: Fix CPU soft lockup while collecting firmware dump
powerpc/fsl/dts: add fsl,erratum-a011043
net/fsl: treat fsl,erratum-a011043
net: fsl/fman: rename IF_MODE_XGMII to IF_MODE_10G
seq_tab_next() should increase position index
l2t_seq_next should increase position index
net: Fix skb->csum update in inet_proto_csum_replace16().
btrfs: do not zero f_bavail if we have available space
perf report: Fix no libunwind compiled warning break s390 issue
mm/migrate.c: also overwrite error when it is bigger than zero
Linux 4.19.102
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ia9b63c7932b66f469ab0e88467e1e07741408f0b
commit 9a655c77ff8fc65699a3f98e237db563b37c439b upstream.
tpk_write()/tpk_close() could be interrupted when holding a mutex, then
in timer handler tpk_write() may be called again trying to acquire same
mutex, lead to deadlock.
Google syzbot reported this issue with CONFIG_DEBUG_ATOMIC_SLEEP
enabled:
BUG: sleeping function called from invalid context at
kernel/locking/mutex.c:938
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 0, name: swapper/1
1 lock held by swapper/1/0:
...
Call Trace:
<IRQ>
dump_stack+0x197/0x210
___might_sleep.cold+0x1fb/0x23e
__might_sleep+0x95/0x190
__mutex_lock+0xc5/0x13c0
mutex_lock_nested+0x16/0x20
tpk_write+0x5d/0x340
resync_tnc+0x1b6/0x320
call_timer_fn+0x1ac/0x780
run_timer_softirq+0x6c3/0x1790
__do_softirq+0x262/0x98c
irq_exit+0x19b/0x1e0
smp_apic_timer_interrupt+0x1a3/0x610
apic_timer_interrupt+0xf/0x20
</IRQ>
See link https://syzkaller.appspot.com/bug?extid=2eeef62ee31f9460ad65 for
more details.
Fix it by using spinlock in process context instead of mutex and having
interrupt disabled in critical section.
Reported-by: syzbot+2eeef62ee31f9460ad65@syzkaller.appspotmail.com
Signed-off-by: Zhenzhong Duan <zhenzhong.duan@gmail.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Link: https://lore.kernel.org/r/20200113034842.435-1-zhenzhong.duan@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 50ee7529ec4500c88f8664560770a7a1b65db72b upstream.
For 5.3 we had to revert a nice ext4 IO pattern improvement, because it
caused a bootup regression due to lack of entropy at bootup together
with arguably broken user space that was asking for secure random
numbers when it really didn't need to.
See commit 72dbcf721566 (Revert "ext4: make __ext4_get_inode_loc plug").
This aims to solve the issue by actively generating entropy noise using
the CPU cycle counter when waiting for the random number generator to
initialize. This only works when you have a high-frequency time stamp
counter available, but that's the case on all modern x86 CPU's, and on
most other modern CPU's too.
What we do is to generate jitter entropy from the CPU cycle counter
under a somewhat complex load: calling the scheduler while also
guaranteeing a certain amount of timing noise by also triggering a
timer.
I'm sure we can tweak this, and that people will want to look at other
alternatives, but there's been a number of papers written on jitter
entropy, and this should really be fairly conservative by crediting one
bit of entropy for every timer-induced jump in the cycle counter. Not
because the timer itself would be all that unpredictable, but because
the interaction between the timer and the loop is going to be.
Even if (and perhaps particularly if) the timer actually happens on
another CPU, the cacheline interaction between the loop that reads the
cycle counter and the timer itself firing is going to add perturbations
to the cycle counter values that get mixed into the entropy pool.
As Thomas pointed out, with a modern out-of-order CPU, even quite simple
loops show a fair amount of hard-to-predict timing variability even in
the absense of external interrupts. But this tries to take that further
by actually having a fairly complex interaction.
This is not going to solve the entropy issue for architectures that have
no CPU cycle counter, but it's not clear how (and if) that is solvable,
and the hardware in question is largely starting to be irrelevant. And
by doing this we can at least avoid some of the even more contentious
approaches (like making the entropy waiting time out in order to avoid
the possibly unbounded waiting).
Cc: Ahmed Darwish <darwish.07@gmail.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Theodore Ts'o <tytso@mit.edu>
Cc: Nicholas Mc Guire <hofrat@opentech.at>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: Willy Tarreau <w@1wt.eu>
Cc: Alexander E. Patrakov <patrakov@gmail.com>
Cc: Lennart Poettering <mzxreary@0pointer.de>
Cc: Noah Meyerhans <noahm@debian.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4u6tsACgkQONu9yGCS
aT693A//TExeDRnNnf+2v4TJorylyRr17BMxk/Ie2L5E6d2n/RWodsrOThAPU9tx
5alNUkXCT8Jd31BUVnUoPoAQ4zSymSVi++XEf05wDeO0tQ982IESGaLmu9EC1uMF
nnM5y4IdRYmFI1Zji4h5vRJckoYUlB6Mdg4BgMr4Q1KX7RkZYfe6bjs7DwM/uyMx
jVXdFaQBD1H6F5W6A+GmgUZ36g9uNqzcBxxWwv5URj+q816NdI4bsxIJMF0v0WC+
S54fmpS07QWIYKKsQBUepeSgEF4ECESOE2VoF1ICcnfakdPnDBmNgyPJPSrLmVf+
itRUxoH1MewaOvoJrv+xsGBPmM29LcKH2oBmj5DR2Xstp7ACPs+OtXJEU9dUTDN4
NhaSts5fIp0f4Y5mMn508pDUwYDAWDt99ZJWdx6aK/TRyUsHBgpxBQDt37BE3U5W
PCBnObNe2b2KDAsVXLjX5iDYoA0+usFreveMo8uEP+ohfh0ANvJlRkzedYw7NquI
ZCcT+I1P9q8aa0528tR332VLrQeYg+kG6LVi2kAabmRA/VtEsT0w90MY/eo2vuTU
WlPmbs2yerv2HTm050e6MOgBZfPh7wP/FpbjsSXufj7EDywlfxF+1hXdwfrpPJeN
fN3g0kepeUp7+kLzO40FLam/z5ndjAUhyN2SBaPzGsXjMkZdETk=
=zvlh
-----END PGP SIGNATURE-----
Merge 4.19.99 into android-4.19
Changes in 4.19.99
Revert "efi: Fix debugobjects warning on 'efi_rts_work'"
xfs: Sanity check flags of Q_XQUOTARM call
i2c: stm32f7: rework slave_id allocation
i2c: i2c-stm32f7: fix 10-bits check in slave free id search loop
mfd: intel-lpss: Add default I2C device properties for Gemini Lake
SUNRPC: Fix svcauth_gss_proxy_init()
powerpc/pseries: Enable support for ibm,drc-info property
powerpc/archrandom: fix arch_get_random_seed_int()
tipc: update mon's self addr when node addr generated
tipc: fix wrong timeout input for tipc_wait_for_cond()
mt7601u: fix bbp version check in mt7601u_wait_bbp_ready
crypto: sun4i-ss - fix big endian issues
perf map: No need to adjust the long name of modules
soc: aspeed: Fix snoop_file_poll()'s return type
watchdog: sprd: Fix the incorrect pointer getting from driver data
ipmi: Fix memory leak in __ipmi_bmc_register
drm/sti: do not remove the drm_bridge that was never added
ARM: dts: at91: nattis: set the PRLUD and HIPOW signals low
ARM: dts: at91: nattis: make the SD-card slot work
ixgbe: don't clear IPsec sa counters on HW clearing
drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset()
iio: fix position relative kernel version
apparmor: Fix network performance issue in aa_label_sk_perm
ALSA: hda: fix unused variable warning
apparmor: don't try to replace stale label in ptrace access check
ARM: qcom_defconfig: Enable MAILBOX
firmware: coreboot: Let OF core populate platform device
PCI: iproc: Remove PAXC slot check to allow VF support
bridge: br_arp_nd_proxy: set icmp6_router if neigh has NTF_ROUTER
drm/hisilicon: hibmc: Don't overwrite fb helper surface depth
signal/ia64: Use the generic force_sigsegv in setup_frame
signal/ia64: Use the force_sig(SIGSEGV,...) in ia64_rt_sigreturn
ASoC: wm9712: fix unused variable warning
mailbox: mediatek: Add check for possible failure of kzalloc
IB/rxe: replace kvfree with vfree
IB/hfi1: Add mtu check for operational data VLs
genirq/debugfs: Reinstate full OF path for domain name
usb: dwc3: add EXTCON dependency for qcom
usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure
cfg80211: regulatory: make initialization more robust
mei: replace POLL* with EPOLL* for write queues.
drm/msm: fix unsigned comparison with less than zero
of: Fix property name in of_node_get_device_type
ALSA: usb-audio: update quirk for B&W PX to remove microphone
iwlwifi: nvm: get num of hw addresses from firmware
staging: comedi: ni_mio_common: protect register write overflow
netfilter: nft_osf: usage from output path is not valid
pwm: lpss: Release runtime-pm reference from the driver's remove callback
powerpc/pseries/memory-hotplug: Fix return value type of find_aa_index
rtlwifi: rtl8821ae: replace _rtl8821ae_mrate_idx_to_arfr_id with generic version
RDMA/bnxt_re: Add missing spin lock initialization
netfilter: nf_flow_table: do not remove offload when other netns's interface is down
powerpc/kgdb: add kgdb_arch_set/remove_breakpoint()
tipc: eliminate message disordering during binding table update
net: socionext: Add dummy PHY register read in phy_write()
drm/sun4i: hdmi: Fix double flag assignation
net: hns3: add error handler for hns3_nic_init_vector_data()
mlxsw: reg: QEEC: Add minimum shaper fields
mlxsw: spectrum: Set minimum shaper on MC TCs
NTB: ntb_hw_idt: replace IS_ERR_OR_NULL with regular NULL checks
ASoC: wm97xx: fix uninitialized regmap pointer problem
ARM: dts: bcm283x: Correct mailbox register sizes
pcrypt: use format specifier in kobject_add
ASoC: sun8i-codec: add missing route for ADC
pinctrl: meson-gxl: remove invalid GPIOX tsin_a pins
bus: ti-sysc: Add mcasp optional clocks flag
exportfs: fix 'passing zero to ERR_PTR()' warning
drm: rcar-du: Fix the return value in case of error in 'rcar_du_crtc_set_crc_source()'
drm: rcar-du: Fix vblank initialization
net: always initialize pagedlen
drm/dp_mst: Skip validating ports during destruction, just ref
arm64: dts: meson-gx: Add hdmi_5v regulator as hdmi tx supply
arm64: dts: renesas: r8a7795-es1: Add missing power domains to IPMMU nodes
net: phy: Fix not to call phy_resume() if PHY is not attached
IB/hfi1: Correctly process FECN and BECN in packets
OPP: Fix missing debugfs supply directory for OPPs
IB/rxe: Fix incorrect cache cleanup in error flow
mailbox: ti-msgmgr: Off by one in ti_msgmgr_of_xlate()
staging: bcm2835-camera: Abort probe if there is no camera
staging: bcm2835-camera: fix module autoloading
switchtec: Remove immediate status check after submitting MRPC command
ipv6: add missing tx timestamping on IPPROTO_RAW
pinctrl: sh-pfc: r8a7740: Add missing REF125CK pin to gether_gmii group
pinctrl: sh-pfc: r8a7740: Add missing LCD0 marks to lcd0_data24_1 group
pinctrl: sh-pfc: r8a7791: Remove bogus ctrl marks from qspi_data4_b group
pinctrl: sh-pfc: r8a7791: Remove bogus marks from vin1_b_data18 group
pinctrl: sh-pfc: sh73a0: Add missing TO pin to tpu4_to3 group
pinctrl: sh-pfc: r8a7794: Remove bogus IPSR9 field
pinctrl: sh-pfc: r8a77970: Add missing MOD_SEL0 field
pinctrl: sh-pfc: r8a77980: Add missing MOD_SEL0 field
pinctrl: sh-pfc: sh7734: Add missing IPSR11 field
pinctrl: sh-pfc: r8a77995: Remove bogus SEL_PWM[0-3]_3 configurations
pinctrl: sh-pfc: sh7269: Add missing PCIOR0 field
pinctrl: sh-pfc: sh7734: Remove bogus IPSR10 value
net: hns3: fix error handling int the hns3_get_vector_ring_chain
vxlan: changelink: Fix handling of default remotes
Input: nomadik-ske-keypad - fix a loop timeout test
fork,memcg: fix crash in free_thread_stack on memcg charge fail
clk: highbank: fix refcount leak in hb_clk_init()
clk: qoriq: fix refcount leak in clockgen_init()
clk: ti: fix refcount leak in ti_dt_clocks_register()
clk: socfpga: fix refcount leak
clk: samsung: exynos4: fix refcount leak in exynos4_get_xom()
clk: imx6q: fix refcount leak in imx6q_clocks_init()
clk: imx6sx: fix refcount leak in imx6sx_clocks_init()
clk: imx7d: fix refcount leak in imx7d_clocks_init()
clk: vf610: fix refcount leak in vf610_clocks_init()
clk: armada-370: fix refcount leak in a370_clk_init()
clk: kirkwood: fix refcount leak in kirkwood_clk_init()
clk: armada-xp: fix refcount leak in axp_clk_init()
clk: mv98dx3236: fix refcount leak in mv98dx3236_clk_init()
clk: dove: fix refcount leak in dove_clk_init()
MIPS: BCM63XX: drop unused and broken DSP platform device
arm64: defconfig: Re-enable bcm2835-thermal driver
remoteproc: qcom: q6v5-mss: Add missing clocks for MSM8996
remoteproc: qcom: q6v5-mss: Add missing regulator for MSM8996
drm: Fix error handling in drm_legacy_addctx
ARM: dts: r8a7743: Remove generic compatible string from iic3
drm/etnaviv: fix some off by one bugs
drm/fb-helper: generic: Fix setup error path
fork, memcg: fix cached_stacks case
IB/usnic: Fix out of bounds index check in query pkey
RDMA/ocrdma: Fix out of bounds index check in query pkey
RDMA/qedr: Fix out of bounds index check in query pkey
drm/shmob: Fix return value check in shmob_drm_probe
arm64: dts: apq8016-sbc: Increase load on l11 for SDCARD
spi: cadence: Correct initialisation of runtime PM
RDMA/iw_cxgb4: Fix the unchecked ep dereference
net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ9031
memory: tegra: Don't invoke Tegra30+ specific memory timing setup on Tegra20
drm/etnaviv: NULL vs IS_ERR() buf in etnaviv_core_dump()
media: s5p-jpeg: Correct step and max values for V4L2_CID_JPEG_RESTART_INTERVAL
kbuild: mark prepare0 as PHONY to fix external module build
crypto: brcm - Fix some set-but-not-used warning
crypto: tgr192 - fix unaligned memory access
ASoC: imx-sgtl5000: put of nodes if finding codec fails
IB/iser: Pass the correct number of entries for dma mapped SGL
net: hns3: fix wrong combined count returned by ethtool -l
media: tw9910: Unregister subdevice with v4l2-async
IB/mlx5: Don't override existing ip_protocol
rtc: cmos: ignore bogus century byte
spi/topcliff_pch: Fix potential NULL dereference on allocation error
net: hns3: fix bug of ethtool_ops.get_channels for VF
ARM: dts: sun8i-a23-a33: Move NAND controller device node to sort by address
clk: sunxi-ng: sun8i-a23: Enable PLL-MIPI LDOs when ungating it
iwlwifi: mvm: avoid possible access out of array.
net/mlx5: Take lock with IRQs disabled to avoid deadlock
ip_tunnel: Fix route fl4 init in ip_md_tunnel_xmit
arm64: dts: allwinner: h6: Move GIC device node fix base address ordering
iwlwifi: mvm: fix A-MPDU reference assignment
bus: ti-sysc: Fix timer handling with drop pm_runtime_irq_safe()
tty: ipwireless: Fix potential NULL pointer dereference
driver: uio: fix possible memory leak in __uio_register_device
driver: uio: fix possible use-after-free in __uio_register_device
crypto: crypto4xx - Fix wrong ppc4xx_trng_probe()/ppc4xx_trng_remove() arguments
driver core: Fix DL_FLAG_AUTOREMOVE_SUPPLIER device link flag handling
driver core: Avoid careless re-use of existing device links
driver core: Do not resume suppliers under device_links_write_lock()
driver core: Fix handling of runtime PM flags in device_link_add()
driver core: Do not call rpm_put_suppliers() in pm_runtime_drop_link()
ARM: dts: lpc32xx: add required clocks property to keypad device node
ARM: dts: lpc32xx: reparent keypad controller to SIC1
ARM: dts: lpc32xx: fix ARM PrimeCell LCD controller variant
ARM: dts: lpc32xx: fix ARM PrimeCell LCD controller clocks property
ARM: dts: lpc32xx: phy3250: fix SD card regulator voltage
drm/xen-front: Fix mmap attributes for display buffers
iwlwifi: mvm: fix RSS config command
staging: most: cdev: add missing check for cdev_add failure
clk: ingenic: jz4740: Fix gating of UDC clock
rtc: ds1672: fix unintended sign extension
thermal: mediatek: fix register index error
arm64: dts: msm8916: remove bogus argument to the cpu clock
ath10k: fix dma unmap direction for management frames
net: phy: fixed_phy: Fix fixed_phy not checking GPIO
rtc: ds1307: rx8130: Fix alarm handling
net/smc: original socket family in inet_sock_diag
rtc: 88pm860x: fix unintended sign extension
rtc: 88pm80x: fix unintended sign extension
rtc: pm8xxx: fix unintended sign extension
fbdev: chipsfb: remove set but not used variable 'size'
iw_cxgb4: use tos when importing the endpoint
iw_cxgb4: use tos when finding ipv6 routes
ipmi: kcs_bmc: handle devm_kasprintf() failure case
xsk: add missing smp_rmb() in xsk_mmap
drm/etnaviv: potential NULL dereference
ntb_hw_switchtec: debug print 64bit aligned crosslink BAR Numbers
ntb_hw_switchtec: NT req id mapping table register entry number should be 512
pinctrl: sh-pfc: emev2: Add missing pinmux functions
pinctrl: sh-pfc: r8a7791: Fix scifb2_data_c pin group
pinctrl: sh-pfc: r8a7792: Fix vin1_data18_b pin group
pinctrl: sh-pfc: sh73a0: Fix fsic_spdif pin groups
RDMA/mlx5: Fix memory leak in case we fail to add an IB device
driver core: Fix possible supplier PM-usage counter imbalance
PCI: endpoint: functions: Use memcpy_fromio()/memcpy_toio()
usb: phy: twl6030-usb: fix possible use-after-free on remove
block: don't use bio->bi_vcnt to figure out segment number
keys: Timestamp new keys
net: dsa: b53: Fix default VLAN ID
net: dsa: b53: Properly account for VLAN filtering
net: dsa: b53: Do not program CPU port's PVID
mt76: usb: fix possible memory leak in mt76u_buf_free
media: sh: migor: Include missing dma-mapping header
vfio_pci: Enable memory accesses before calling pci_map_rom
hwmon: (pmbus/tps53679) Fix driver info initialization in probe routine
mdio_bus: Fix PTR_ERR() usage after initialization to constant
KVM: PPC: Release all hardware TCE tables attached to a group
staging: r8822be: check kzalloc return or bail
dmaengine: mv_xor: Use correct device for DMA API
cdc-wdm: pass return value of recover_from_urb_loss
brcmfmac: create debugfs files for bus-specific layer
regulator: pv88060: Fix array out-of-bounds access
regulator: pv88080: Fix array out-of-bounds access
regulator: pv88090: Fix array out-of-bounds access
net: dsa: qca8k: Enable delay for RGMII_ID mode
net/mlx5: Delete unused FPGA QPN variable
drm/nouveau/bios/ramcfg: fix missing parentheses when calculating RON
drm/nouveau/pmu: don't print reply values if exec is false
drm/nouveau: fix missing break in switch statement
driver core: Fix PM-runtime for links added during consumer probe
ASoC: qcom: Fix of-node refcount unbalance in apq8016_sbc_parse_of()
net: dsa: fix unintended change of bridge interface STP state
fs/nfs: Fix nfs_parse_devname to not modify it's argument
staging: rtlwifi: Use proper enum for return in halmac_parse_psd_data_88xx
powerpc/64s: Fix logic when handling unknown CPU features
NFS: Fix a soft lockup in the delegation recovery code
perf: Copy parent's address filter offsets on clone
perf, pt, coresight: Fix address filters for vmas with non-zero offset
clocksource/drivers/sun5i: Fail gracefully when clock rate is unavailable
clocksource/drivers/exynos_mct: Fix error path in timer resources initialization
platform/x86: wmi: fix potential null pointer dereference
NFS/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount
mmc: sdhci-brcmstb: handle mmc_of_parse() errors during probe
iommu: Fix IOMMU debugfs fallout
ARM: 8847/1: pm: fix HYP/SVC mode mismatch when MCPM is used
ARM: 8848/1: virt: Align GIC version check with arm64 counterpart
ARM: 8849/1: NOMMU: Fix encodings for PMSAv8's PRBAR4/PRLAR4
regulator: wm831x-dcdc: Fix list of wm831x_dcdc_ilim from mA to uA
ath10k: Fix length of wmi tlv command for protected mgmt frames
netfilter: nft_set_hash: fix lookups with fixed size hash on big endian
netfilter: nft_set_hash: bogus element self comparison from deactivation path
net: sched: act_csum: Fix csum calc for tagged packets
hwrng: bcm2835 - fix probe as platform device
iommu/vt-d: Fix NULL pointer reference in intel_svm_bind_mm()
NFS: Add missing encode / decode sequence_maxsz to v4.2 operations
NFSv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE()
net: aquantia: fixed instack structure overflow
powerpc/mm: Check secondary hash page table
media: dvb/earth-pt1: fix wrong initialization for demod blocks
rbd: clear ->xferred on error from rbd_obj_issue_copyup()
PCI: Fix "try" semantics of bus and slot reset
nios2: ksyms: Add missing symbol exports
x86/mm: Remove unused variable 'cpu'
scsi: megaraid_sas: reduce module load time
nfp: fix simple vNIC mailbox length
drivers/rapidio/rio_cm.c: fix potential oops in riocm_ch_listen()
xen, cpu_hotplug: Prevent an out of bounds access
net/mlx5: Fix multiple updates of steering rules in parallel
net/mlx5e: IPoIB, Fix RX checksum statistics update
net: sh_eth: fix a missing check of of_get_phy_mode
regulator: lp87565: Fix missing register for LP87565_BUCK_0
soc: amlogic: gx-socinfo: Add mask for each SoC packages
media: ivtv: update *pos correctly in ivtv_read_pos()
media: cx18: update *pos correctly in cx18_read_pos()
media: wl128x: Fix an error code in fm_download_firmware()
media: cx23885: check allocation return
regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB
crypto: ccree - reduce kernel stack usage with clang
jfs: fix bogus variable self-initialization
tipc: tipc clang warning
m68k: mac: Fix VIA timer counter accesses
ARM: dts: sun8i: a33: Reintroduce default pinctrl muxing
arm64: dts: allwinner: a64: Add missing PIO clocks
ARM: dts: sun9i: optimus: Fix fixed-regulators
net: phy: don't clear BMCR in genphy_soft_reset
ARM: OMAP2+: Fix potentially uninitialized return value for _setup_reset()
net: dsa: Avoid null pointer when failing to connect to PHY
soc: qcom: cmd-db: Fix an error code in cmd_db_dev_probe()
media: davinci-isif: avoid uninitialized variable use
media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame
spi: tegra114: clear packed bit for unpacked mode
spi: tegra114: fix for unpacked mode transfers
spi: tegra114: terminate dma and reset on transfer timeout
spi: tegra114: flush fifos
spi: tegra114: configure dma burst size to fifo trig level
bus: ti-sysc: Fix sysc_unprepare() when no clocks have been allocated
soc/fsl/qe: Fix an error code in qe_pin_request()
spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios
drm/fb-helper: generic: Call drm_client_add() after setup is done
arm64/vdso: don't leak kernel addresses
rtc: Fix timestamp value for RTC_TIMESTAMP_BEGIN_1900
rtc: mt6397: Don't call irq_dispose_mapping.
ehea: Fix a copy-paste err in ehea_init_port_res
bpf: Add missed newline in verifier verbose log
drm/vmwgfx: Remove set but not used variable 'restart'
scsi: qla2xxx: Unregister chrdev if module initialization fails
of: use correct function prototype for of_overlay_fdt_apply()
net/sched: cbs: fix port_rate miscalculation
clk: qcom: Skip halt checks on gcc_pcie_0_pipe_clk for 8998
ACPI: button: reinitialize button state upon resume
firmware: arm_scmi: fix of_node leak in scmi_mailbox_check
rxrpc: Fix detection of out of order acks
scsi: target/core: Fix a race condition in the LUN lookup code
brcmfmac: fix leak of mypkt on error return path
ARM: pxa: ssp: Fix "WARNING: invalid free of devm_ allocated data"
PCI: rockchip: Fix rockchip_pcie_ep_assert_intx() bitwise operations
net: hns3: fix for vport->bw_limit overflow problem
hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses
perf/core: Fix the address filtering fix
staging: android: vsoc: fix copy_from_user overrun
PCI: dwc: Fix dw_pcie_ep_find_capability() to return correct capability offset
soc: amlogic: meson-gx-pwrc-vpu: Fix power on/off register bitmask
platform/x86: alienware-wmi: fix kfree on potentially uninitialized pointer
tipc: set sysctl_tipc_rmem and named_timeout right range
usb: typec: tcpm: Notify the tcpc to start connection-detection for SRPs
selftests/ipc: Fix msgque compiler warnings
net: hns3: fix loop condition of hns3_get_tx_timeo_queue_info()
powerpc: vdso: Make vdso32 installation conditional in vdso_install
ARM: dts: ls1021: Fix SGMII PCS link remaining down after PHY disconnect
media: ov2659: fix unbalanced mutex_lock/unlock
6lowpan: Off by one handling ->nexthdr
dmaengine: axi-dmac: Don't check the number of frames for alignment
ALSA: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk()
afs: Fix AFS file locking to allow fine grained locks
afs: Further fix file locking
NFS: Don't interrupt file writeout due to fatal errors
coresight: catu: fix clang build warning
s390/kexec_file: Fix potential segment overlap in ELF loader
irqchip/gic-v3-its: fix some definitions of inner cacheability attributes
scsi: qla2xxx: Fix a format specifier
scsi: qla2xxx: Fix error handling in qlt_alloc_qfull_cmd()
scsi: qla2xxx: Avoid that qlt_send_resp_ctio() corrupts memory
KVM: PPC: Book3S HV: Fix lockdep warning when entering the guest
netfilter: nft_flow_offload: add entry to flowtable after confirmation
PCI: iproc: Enable iProc config read for PAXBv2
ARM: dts: logicpd-som-lv: Fix MMC1 card detect
packet: in recvmsg msg_name return at least sizeof sockaddr_ll
ASoC: fix valid stream condition
usb: gadget: fsl: fix link error against usb-gadget module
dwc2: gadget: Fix completed transfer size calculation in DDMA
IB/mlx5: Add missing XRC options to QP optional params mask
RDMA/rxe: Consider skb reserve space based on netdev of GID
iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU
net: ena: fix swapped parameters when calling ena_com_indirect_table_fill_entry
net: ena: fix: Free napi resources when ena_up() fails
net: ena: fix incorrect test of supported hash function
net: ena: fix ena_com_fill_hash_function() implementation
dmaengine: tegra210-adma: restore channel status
watchdog: rtd119x_wdt: Fix remove function
mmc: core: fix possible use after free of host
lightnvm: pblk: fix lock order in pblk_rb_tear_down_check
ath10k: Fix encoding for protected management frames
afs: Fix the afs.cell and afs.volume xattr handlers
vfio/mdev: Avoid release parent reference during error path
vfio/mdev: Follow correct remove sequence
vfio/mdev: Fix aborting mdev child device removal if one fails
l2tp: Fix possible NULL pointer dereference
ALSA: aica: Fix a long-time build breakage
media: omap_vout: potential buffer overflow in vidioc_dqbuf()
media: davinci/vpbe: array underflow in vpbe_enum_outputs()
platform/x86: alienware-wmi: printing the wrong error code
crypto: caam - fix caam_dump_sg that iterates through scatterlist
netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule
pwm: meson: Consider 128 a valid pre-divider
pwm: meson: Don't disable PWM when setting duty repeatedly
ARM: riscpc: fix lack of keyboard interrupts after irq conversion
nfp: bpf: fix static check error through tightening shift amount adjustment
kdb: do a sanity check on the cpu in kdb_per_cpu()
netfilter: nf_tables: correct NFT_LOGLEVEL_MAX value
backlight: lm3630a: Return 0 on success in update_status functions
thermal: rcar_gen3_thermal: fix interrupt type
thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power
EDAC/mc: Fix edac_mc_find() in case no device is found
afs: Fix key leak in afs_release() and afs_evict_inode()
afs: Don't invalidate callback if AFS_VNODE_DIR_VALID not set
afs: Fix lock-wait/callback-break double locking
afs: Fix double inc of vnode->cb_break
ARM: dts: sun8i-h3: Fix wifi in Beelink X2 DT
clk: meson: gxbb: no spread spectrum on mpll0
clk: meson: axg: spread spectrum is on mpll2
dmaengine: tegra210-adma: Fix crash during probe
arm64: dts: meson: libretech-cc: set eMMC as removable
RDMA/qedr: Fix incorrect device rate.
spi: spi-fsl-spi: call spi_finalize_current_message() at the end
crypto: ccp - fix AES CFB error exposed by new test vectors
crypto: ccp - Fix 3DES complaint from ccp-crypto module
serial: stm32: fix word length configuration
serial: stm32: fix rx error handling
serial: stm32: fix rx data length when parity enabled
serial: stm32: fix transmit_chars when tx is stopped
serial: stm32: Add support of TC bit status check
serial: stm32: fix wakeup source initialization
misc: sgi-xp: Properly initialize buf in xpc_get_rsvd_page_pa
iommu: Add missing new line for dma type
iommu: Use right function to get group for device
signal/bpfilter: Fix bpfilter_kernl to use send_sig not force_sig
signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of force_sig
inet: frags: call inet_frags_fini() after unregister_pernet_subsys()
net: hns3: fix a memory leak issue for hclge_map_unmap_ring_to_vf_vector
crypto: talitos - fix AEAD processing.
netvsc: unshare skb in VF rx handler
net: core: support XDP generic on stacked devices.
RDMA/uverbs: check for allocation failure in uapi_add_elm()
net: don't clear sock->sk early to avoid trouble in strparser
phy: qcom-qusb2: fix missing assignment of ret when calling clk_prepare_enable
cpufreq: brcmstb-avs-cpufreq: Fix initial command check
cpufreq: brcmstb-avs-cpufreq: Fix types for voltage/frequency
clk: sunxi-ng: sun50i-h6-r: Fix incorrect W1 clock gate register
media: vivid: fix incorrect assignment operation when setting video mode
crypto: inside-secure - fix zeroing of the request in ahash_exit_inv
crypto: inside-secure - fix queued len computation
arm64: dts: renesas: ebisu: Remove renesas, no-ether-link property
mpls: fix warning with multi-label encap
serial: stm32: fix a recursive locking in stm32_config_rs485
arm64: dts: meson-gxm-khadas-vim2: fix gpio-keys-polled node
arm64: dts: meson-gxm-khadas-vim2: fix Bluetooth support
iommu/vt-d: Duplicate iommu_resv_region objects per device list
phy: usb: phy-brcm-usb: Remove sysfs attributes upon driver removal
firmware: arm_scmi: fix bitfield definitions for SENSOR_DESC attributes
firmware: arm_scmi: update rate_discrete in clock_describe_rates_get
ntb_hw_switchtec: potential shift wrapping bug in switchtec_ntb_init_sndev()
ASoC: meson: axg-tdmin: right_j is not supported
ASoC: meson: axg-tdmout: right_j is not supported
qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state
qed: iWARP - fix uninitialized callback
powerpc/cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild
powerpc/pseries/mobility: rebuild cacheinfo hierarchy post-migration
bpf: fix the check that forwarding is enabled in bpf_ipv6_fib_lookup
IB/hfi1: Handle port down properly in pio
drm/msm/mdp5: Fix mdp5_cfg_init error return
net: netem: fix backlog accounting for corrupted GSO frames
net/udp_gso: Allow TX timestamp with UDP GSO
net/af_iucv: build proper skbs for HiperTransport
net/af_iucv: always register net_device notifier
ASoC: ti: davinci-mcasp: Fix slot mask settings when using multiple AXRs
rtc: pcf8563: Fix interrupt trigger method
rtc: pcf8563: Clear event flags and disable interrupts before requesting irq
ARM: dts: iwg20d-q7-common: Fix SDHI1 VccQ regularor
net/sched: cbs: Fix error path of cbs_module_init
arm64: dts: allwinner: h6: Pine H64: Add interrupt line for RTC
drm/msm/a3xx: remove TPL1 regs from snapshot
ip6_fib: Don't discard nodes with valid routing information in fib6_locate_1()
perf/ioctl: Add check for the sample_period value
dmaengine: hsu: Revert "set HSU_CH_MTSR to memory width"
clk: qcom: Fix -Wunused-const-variable
nvmem: imx-ocotp: Ensure WAIT bits are preserved when setting timing
nvmem: imx-ocotp: Change TIMING calculation to u-boot algorithm
tools: bpftool: use correct argument in cgroup errors
backlight: pwm_bl: Fix heuristic to determine number of brightness levels
fork,memcg: alloc_thread_stack_node needs to set tsk->stack
bnxt_en: Fix ethtool selftest crash under error conditions.
bnxt_en: Suppress error messages when querying DSCP DCB capabilities.
iommu/amd: Make iommu_disable safer
mfd: intel-lpss: Release IDA resources
rxrpc: Fix uninitialized error code in rxrpc_send_data_packet()
xprtrdma: Fix use-after-free in rpcrdma_post_recvs
um: Fix IRQ controller regression on console read
PM: ACPI/PCI: Resume all devices during hibernation
ACPI: PM: Simplify and fix PM domain hibernation callbacks
ACPI: PM: Introduce "poweroff" callbacks for ACPI PM domain and LPSS
fsi/core: Fix error paths on CFAM init
devres: allow const resource arguments
fsi: sbefifo: Don't fail operations when in SBE IPL state
RDMA/hns: Fixs hw access invalid dma memory error
PCI: mobiveil: Remove the flag MSI_FLAG_MULTI_PCI_MSI
PCI: mobiveil: Fix devfn check in mobiveil_pcie_valid_device()
PCI: mobiveil: Fix the valid check for inbound and outbound windows
ceph: fix "ceph.dir.rctime" vxattr value
net: pasemi: fix an use-after-free in pasemi_mac_phy_init()
net/tls: fix socket wmem accounting on fallback with netem
x86/pgtable/32: Fix LOWMEM_PAGES constant
xdp: fix possible cq entry leak
ARM: stm32: use "depends on" instead of "if" after prompt
scsi: libfc: fix null pointer dereference on a null lport
xfrm interface: ifname may be wrong in logs
drm/panel: make drm_panel.h self-contained
clk: sunxi-ng: v3s: add the missing PLL_DDR1
PM: sleep: Fix possible overflow in pm_system_cancel_wakeup()
libertas_tf: Use correct channel range in lbtf_geo_init
qed: reduce maximum stack frame size
usb: host: xhci-hub: fix extra endianness conversion
media: rcar-vin: Clean up correct notifier in error path
mic: avoid statically declaring a 'struct device'.
x86/kgbd: Use NMI_VECTOR not APIC_DM_NMI
crypto: ccp - Reduce maximum stack usage
ALSA: aoa: onyx: always initialize register read value
arm64: dts: renesas: r8a77995: Fix register range of display node
tipc: reduce risk of wakeup queue starvation
ARM: dts: stm32: add missing vdda-supply to adc on stm32h743i-eval
net/mlx5: Fix mlx5_ifc_query_lag_out_bits
cifs: fix rmmod regression in cifs.ko caused by force_sig changes
iio: tsl2772: Use devm_add_action_or_reset for tsl2772_chip_off
net: fix bpf_xdp_adjust_head regression for generic-XDP
spi: bcm-qspi: Fix BSPI QUAD and DUAL mode support when using flex mode
cxgb4: smt: Add lock for atomic_dec_and_test
crypto: caam - free resources in case caam_rng registration failed
ext4: set error return correctly when ext4_htree_store_dirent fails
RDMA/hns: Bugfix for slab-out-of-bounds when unloading hip08 driver
RDMA/hns: bugfix for slab-out-of-bounds when loading hip08 driver
ASoC: es8328: Fix copy-paste error in es8328_right_line_controls
ASoC: cs4349: Use PM ops 'cs4349_runtime_pm'
ASoC: wm8737: Fix copy-paste error in wm8737_snd_controls
net/rds: Add a few missing rds_stat_names entries
tools: bpftool: fix arguments for p_err() in do_event_pipe()
tools: bpftool: fix format strings and arguments for jsonw_printf()
drm: rcar-du: lvds: Fix bridge_to_rcar_lvds
bnxt_en: Fix handling FRAG_ERR when NVM_INSTALL_UPDATE cmd fails
signal: Allow cifs and drbd to receive their terminating signals
powerpc/64s/radix: Fix memory hot-unplug page table split
ASoC: sun4i-i2s: RX and TX counter registers are swapped
dmaengine: dw: platform: Switch to acpi_dma_controller_register()
rtc: rv3029: revert error handling patch to rv3029_eeprom_write()
mac80211: minstrel_ht: fix per-group max throughput rate initialization
i40e: reduce stack usage in i40e_set_fc
media: atmel: atmel-isi: fix timeout value for stop streaming
ARM: 8896/1: VDSO: Don't leak kernel addresses
rtc: pcf2127: bugfix: read rtc disables watchdog
mips: avoid explicit UB in assignment of mips_io_port_base
media: em28xx: Fix exception handling in em28xx_alloc_urbs()
iommu/mediatek: Fix iova_to_phys PA start for 4GB mode
ahci: Do not export local variable ahci_em_messages
rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up [ver #2]
Partially revert "kfifo: fix kfifo_alloc() and kfifo_init()"
hwmon: (lm75) Fix write operations for negative temperatures
net/sched: cbs: Set default link speed to 10 Mbps in cbs_set_port_rate
power: supply: Init device wakeup after device_add()
x86, perf: Fix the dependency of the x86 insn decoder selftest
staging: greybus: light: fix a couple double frees
irqdomain: Add the missing assignment of domain->fwnode for named fwnode
bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA
usb: typec: tps6598x: Fix build error without CONFIG_REGMAP_I2C
bcache: Fix an error code in bch_dump_read()
iio: dac: ad5380: fix incorrect assignment to val
netfilter: ctnetlink: honor IPS_OFFLOAD flag
ath9k: dynack: fix possible deadlock in ath_dynack_node_{de}init
wcn36xx: use dynamic allocation for large variables
tty: serial: fsl_lpuart: Use appropriate lpuart32_* I/O funcs
ARM: dts: aspeed-g5: Fixe gpio-ranges upper limit
xsk: avoid store-tearing when assigning queues
xsk: avoid store-tearing when assigning umem
led: triggers: Fix dereferencing of null pointer
net: sonic: return NETDEV_TX_OK if failed to map buffer
net: hns3: fix error VF index when setting VLAN offload
rtlwifi: Fix file release memory leak
ARM: dts: logicpd-som-lv: Fix i2c2 and i2c3 Pin mux
f2fs: fix wrong error injection path in inc_valid_block_count()
f2fs: fix error path of f2fs_convert_inline_page()
scsi: fnic: fix msix interrupt allocation
Btrfs: fix hang when loading existing inode cache off disk
Btrfs: fix inode cache waiters hanging on failure to start caching thread
Btrfs: fix inode cache waiters hanging on path allocation failure
btrfs: use correct count in btrfs_file_write_iter()
ixgbe: sync the first fragment unconditionally
hwmon: (shtc1) fix shtc1 and shtw1 id mask
net: sonic: replace dev_kfree_skb in sonic_send_packet
pinctrl: iproc-gpio: Fix incorrect pinconf configurations
gpio/aspeed: Fix incorrect number of banks
ath10k: adjust skb length in ath10k_sdio_mbox_rx_packet
RDMA/cma: Fix false error message
net/rds: Fix 'ib_evt_handler_call' element in 'rds_ib_stat_names'
um: Fix off by one error in IRQ enumeration
bnxt_en: Increase timeout for HWRM_DBG_COREDUMP_XX commands
f2fs: fix to avoid accessing uninitialized field of inode page in is_alive()
mailbox: qcom-apcs: fix max_register value
clk: actions: Fix factor clk struct member access
powerpc/mm/mce: Keep irqs disabled during lockless page table walk
bpf: fix BTF limits
crypto: hisilicon - Matching the dma address for dma_pool_free()
iommu/amd: Wait for completion of IOTLB flush in attach_device
net: aquantia: Fix aq_vec_isr_legacy() return value
cxgb4: Signedness bug in init_one()
net: hisilicon: Fix signedness bug in hix5hd2_dev_probe()
net: broadcom/bcmsysport: Fix signedness in bcm_sysport_probe()
net: netsec: Fix signedness bug in netsec_probe()
net: socionext: Fix a signedness bug in ave_probe()
net: stmmac: dwmac-meson8b: Fix signedness bug in probe
net: axienet: fix a signedness bug in probe
of: mdio: Fix a signedness bug in of_phy_get_and_connect()
net: nixge: Fix a signedness bug in nixge_probe()
net: ethernet: stmmac: Fix signedness bug in ipq806x_gmac_of_parse()
net: sched: cbs: Avoid division by zero when calculating the port rate
nvme: retain split access workaround for capability reads
net: stmmac: gmac4+: Not all Unicast addresses may be available
rxrpc: Fix trace-after-put looking at the put connection record
mac80211: accept deauth frames in IBSS mode
llc: fix another potential sk_buff leak in llc_ui_sendmsg()
llc: fix sk_buff refcounting in llc_conn_state_process()
ip6erspan: remove the incorrect mtu limit for ip6erspan
net: stmmac: fix length of PTP clock's name string
net: stmmac: fix disabling flexible PPS output
sctp: add chunks to sk_backlog when the newsk sk_socket is not set
s390/qeth: Fix error handling during VNICC initialization
s390/qeth: Fix initialization of vnicc cmd masks during set online
act_mirred: Fix mirred_init_module error handling
net: avoid possible false sharing in sk_leave_memory_pressure()
net: add {READ|WRITE}_ONCE() annotations on ->rskq_accept_head
tcp: annotate lockless access to tcp_memory_pressure
net/smc: receive returns without data
net/smc: receive pending data after RCV_SHUTDOWN
drm/msm/dsi: Implement reset correctly
vhost/test: stop device before reset
dmaengine: imx-sdma: fix size check for sdma script_number
firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices
arm64: hibernate: check pgd table allocation
net: netem: fix error path for corrupted GSO frames
net: netem: correct the parent's backlog when corrupted packet was dropped
xsk: Fix registration of Rx-only sockets
bpf, offload: Unlock on error in bpf_offload_dev_create()
afs: Fix missing timeout reset
net: qca_spi: Move reset_count to struct qcaspi
hv_netvsc: Fix offset usage in netvsc_send_table()
hv_netvsc: Fix send_table offset in case of a host bug
afs: Fix large file support
drm: panel-lvds: Potential Oops in probe error handling
hwrng: omap3-rom - Fix missing clock by probing with device tree
dpaa_eth: perform DMA unmapping before read
dpaa_eth: avoid timestamp read on error paths
MIPS: Loongson: Fix return value of loongson_hwmon_init
hv_netvsc: flag software created hash value
net: neigh: use long type to store jiffies delta
packet: fix data-race in fanout_flow_is_huge()
i2c: stm32f7: report dma error during probe
mmc: sdio: fix wl1251 vendor id
mmc: core: fix wl1251 sdio quirks
affs: fix a memory leak in affs_remount
afs: Remove set but not used variables 'before', 'after'
dmaengine: ti: edma: fix missed failure handling
drm/radeon: fix bad DMA from INTERRUPT_CNTL2
arm64: dts: juno: Fix UART frequency
samples/bpf: Fix broken xdp_rxq_info due to map order assumptions
usb: dwc3: Allow building USB_DWC3_QCOM without EXTCON
IB/iser: Fix dma_nents type definition
serial: stm32: fix clearing interrupt error flags
arm64: dts: meson-gxm-khadas-vim2: fix uart_A bluetooth node
m68k: Call timer_interrupt() with interrupts disabled
Linux 4.19.99
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ieabeab79ea5c8cb4b6b1552702fa5d6100cea5db
[ Upstream commit 0c0ef9ea6f3f0d5979dc7b094b0a184c1a94716b ]
Commit 0ed266d7ae ("clk: ti: omap3: cleanup unnecessary clock aliases")
removed old omap3 clock framework aliases but caused omap3-rom-rng to
stop working with clock not found error.
Based on discussions on the mailing list it was requested by Tero Kristo
that it would be best to fix this issue by probing omap3-rom-rng using
device tree to provide a proper clk property. The other option would be
to add back the missing clock alias, but that does not help moving things
forward with removing old legacy platform_data.
Let's also add a proper device tree binding and keep it together with
the fix.
Cc: devicetree@vger.kernel.org
Cc: Aaro Koskinen <aaro.koskinen@iki.fi>
Cc: Adam Ford <aford173@gmail.com>
Cc: Pali Rohár <pali.rohar@gmail.com>
Cc: Rob Herring <robh+dt@kernel.org>
Cc: Sebastian Reichel <sre@kernel.org>
Cc: Tero Kristo <t-kristo@ti.com>
Fixes: 0ed266d7ae ("clk: ti: omap3: cleanup unnecessary clock aliases")
Reported-by: Aaro Koskinen <aaro.koskinen@iki.fi>
Signed-off-by: Tony Lindgren <tony@atomide.com>
Acked-by: Rob Herring <robh@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 984798de671a927ac73da31096a150df42e6aaf3 ]
BCM63XX (MIPS) does not use device tree, so there cannot be any
of_device_id, causing the driver to fail on probe:
[ 0.904564] bcm2835-rng: probe of bcm63xx-rng failed with error -22
Fix this by checking for match data only if we are probing from device
tree.
Fixes: 8705f24f7b ("hwrng: bcm2835 - Enable BCM2835 RNG to work on BCM63xx platforms")
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 42c7c6ef1e6fa5fc0425120f06f045190b1dda2d ]
devm_kasprintf() may return NULL if internal allocation failed so this
assignment is not safe. Moved the error exit path and added the !NULL
which then allows the devres manager to take care of cleanup.
Signed-off-by: Nicholas Mc Guire <hofrat@osadl.org>
Fixes: cd2315d471 ("ipmi: kcs_bmc: don't change device name")
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Reviewed-by: Haiyue Wang <haiyue.wang@linux.intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
commit 4aa7afb0ee20a97fbf0c5bab3df028d5fb85fdab upstream.
In the impelementation of __ipmi_bmc_register() the allocated memory for
bmc should be released in case ida_simple_get() fails.
Fixes: 68e7e50f19 ("ipmi: Don't use BMC product/dev ids in the BMC name")
Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com>
Message-Id: <20191021200649.1511-1-navid.emamdoost@gmail.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4La9gACgkQONu9yGCS
aT6hlA//TDpj9rdEwkaKyg/Ge4TCOJSOiwlp2/5lg2Sroiuizz527hVybGOOYAHl
gMA2Syt73PWStyfgl5B3AimcBvPADX8h/b1KiSoIdHFkq5rPFyneB6aEj+5jSK1V
63UnnTV0T49wt0Jvs6nN0FxI4ZCXbfjzaSVz4BGIflz6h9UUkPAu91CJTKtPmrAp
pliH20cMOykxyS/KfKa6zDcpIfU0k+DxL5U0Y5F1YRDKc1iPg8e6I3cNLgwKSja6
21BgdoTyZdvbC85HxSY7V6Dswp4YQPBY3y8crp8npZ9apbYV7eNU3L1+WVQvxpFg
kahhyjalqwqkKq+cTEsIFj7cjPksSlH/qytTS+lnN3BScXbFPp8GdzIazhQNSCv3
S/7T51CcvNoVcs9Qeu+nwyvx+H1LH4MYO4C7RYWZhPnMcA+/MxvT5WXNKfjf2ekM
N5h8xNATllzDuDkX+zVwW8i80SCyhVqQIKbXLn8ugGYW3G5TNdy8Ysh0kdrq26Y+
LAELsbQhK/Kt8WF+XNBpb9LLbeUGn1GTwhnbEuD7IKI+bVxnmsGk8QUu3h+a9xFh
lI7bsj8Ku9T+59/9xqAnoStEto+0tdTPB9Cx1jNdWlLiVdkewiDKiUbloFpDFS1n
L3SvqB68DC/IznQcK970g3aIx9zbkb2KZRdj2Fu7apaY5D9q85I=
=W+5k
-----END PGP SIGNATURE-----
Merge 4.19.92 into android-4.19
Changes in 4.19.92
af_packet: set defaule value for tmo
fjes: fix missed check in fjes_acpi_add
mod_devicetable: fix PHY module format
net: dst: Force 4-byte alignment of dst_metrics
net: gemini: Fix memory leak in gmac_setup_txqs
net: hisilicon: Fix a BUG trigered by wrong bytes_compl
net: nfc: nci: fix a possible sleep-in-atomic-context bug in nci_uart_tty_receive()
net: qlogic: Fix error paths in ql_alloc_large_buffers()
net: usb: lan78xx: Fix suspend/resume PHY register access error
qede: Disable hardware gro when xdp prog is installed
qede: Fix multicast mac configuration
sctp: fully initialize v4 addr in some functions
selftests: forwarding: Delete IPv6 address at the end
btrfs: don't double lock the subvol_sem for rename exchange
btrfs: do not call synchronize_srcu() in inode_tree_del
Btrfs: fix missing data checksums after replaying a log tree
btrfs: send: remove WARN_ON for readonly mount
btrfs: abort transaction after failed inode updates in create_subvol
btrfs: skip log replay on orphaned roots
btrfs: do not leak reloc root if we fail to read the fs root
btrfs: handle ENOENT in btrfs_uuid_tree_iterate
Btrfs: fix removal logic of the tree mod log that leads to use-after-free issues
ALSA: pcm: Avoid possible info leaks from PCM stream buffers
ALSA: hda/ca0132 - Keep power on during processing DSP response
ALSA: hda/ca0132 - Avoid endless loop
ALSA: hda/ca0132 - Fix work handling in delayed HP detection
drm: mst: Fix query_payload ack reply struct
drm/panel: Add missing drm_panel_init() in panel drivers
drm/bridge: analogix-anx78xx: silence -EPROBE_DEFER warnings
iio: light: bh1750: Resolve compiler warning and make code more readable
drm/amdgpu: grab the id mgr lock while accessing passid_mapping
spi: Add call to spi_slave_abort() function when spidev driver is released
staging: rtl8192u: fix multiple memory leaks on error path
staging: rtl8188eu: fix possible null dereference
rtlwifi: prevent memory leak in rtl_usb_probe
libertas: fix a potential NULL pointer dereference
ath10k: fix backtrace on coredump
IB/iser: bound protection_sg size by data_sg size
media: am437x-vpfe: Setting STD to current value is not an error
media: i2c: ov2659: fix s_stream return value
media: ov6650: Fix crop rectangle alignment not passed back
media: i2c: ov2659: Fix missing 720p register config
media: ov6650: Fix stored frame format not in sync with hardware
media: ov6650: Fix stored crop rectangle not in sync with hardware
tools/power/cpupower: Fix initializer override in hsw_ext_cstates
media: venus: core: Fix msm8996 frequency table
ath10k: fix offchannel tx failure when no ath10k_mac_tx_frm_has_freq
pinctrl: devicetree: Avoid taking direct reference to device name string
drm/amdkfd: fix a potential NULL pointer dereference (v2)
selftests/bpf: Correct path to include msg + path
media: venus: Fix occasionally failures to suspend
usb: renesas_usbhs: add suspend event support in gadget mode
hwrng: omap3-rom - Call clk_disable_unprepare() on exit only if not idled
regulator: max8907: Fix the usage of uninitialized variable in max8907_regulator_probe()
media: flexcop-usb: fix NULL-ptr deref in flexcop_usb_transfer_init()
media: cec-funcs.h: add status_req checks
drm/bridge: dw-hdmi: Refuse DDC/CI transfers on the internal I2C controller
samples: pktgen: fix proc_cmd command result check logic
block: Fix writeback throttling W=1 compiler warnings
mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring
drm/drm_vblank: Change EINVAL by the correct errno
media: cx88: Fix some error handling path in 'cx8800_initdev()'
media: ti-vpe: vpe: Fix Motion Vector vpdma stride
media: ti-vpe: vpe: fix a v4l2-compliance warning about invalid pixel format
media: ti-vpe: vpe: fix a v4l2-compliance failure about frame sequence number
media: ti-vpe: vpe: Make sure YUYV is set as default format
media: ti-vpe: vpe: fix a v4l2-compliance failure causing a kernel panic
media: ti-vpe: vpe: ensure buffers are cleaned up properly in abort cases
media: ti-vpe: vpe: fix a v4l2-compliance failure about invalid sizeimage
syscalls/x86: Use the correct function type in SYSCALL_DEFINE0
drm/amd/display: Fix dongle_caps containing stale information.
extcon: sm5502: Reset registers during initialization
x86/mm: Use the correct function type for native_set_fixmap()
ath10k: Correct error handling of dma_map_single()
drm/bridge: dw-hdmi: Restore audio when setting a mode
perf test: Report failure for mmap events
perf report: Add warning when libunwind not compiled in
usb: usbfs: Suppress problematic bind and unbind uevents.
iio: adc: max1027: Reset the device at probe time
Bluetooth: missed cpu_to_le16 conversion in hci_init4_req
Bluetooth: Workaround directed advertising bug in Broadcom controllers
Bluetooth: hci_core: fix init for HCI_USER_CHANNEL
bpf/stackmap: Fix deadlock with rq_lock in bpf_get_stack()
x86/mce: Lower throttling MCE messages' priority to warning
perf tests: Disable bp_signal testing for arm64
drm/gma500: fix memory disclosures due to uninitialized bytes
rtl8xxxu: fix RTL8723BU connection failure issue after warm reboot
ipmi: Don't allow device module unload when in use
x86/ioapic: Prevent inconsistent state when moving an interrupt
media: smiapp: Register sensor after enabling runtime PM on the device
md/bitmap: avoid race window between md_bitmap_resize and bitmap_file_clear_bit
arm64: psci: Reduce the waiting time for cpu_psci_cpu_kill()
i40e: initialize ITRN registers with correct values
net: phy: dp83867: enable robust auto-mdix
drm/tegra: sor: Use correct SOR index on Tegra210
spi: sprd: adi: Add missing lock protection when rebooting
ACPI: button: Add DMI quirk for Medion Akoya E2215T
RDMA/qedr: Fix memory leak in user qp and mr
gpu: host1x: Allocate gather copy for host1x
net: dsa: LAN9303: select REGMAP when LAN9303 enable
phy: qcom-usb-hs: Fix extcon double register after power cycle
s390/time: ensure get_clock_monotonic() returns monotonic values
s390/mm: add mm_pxd_folded() checks to pxd_free()
net: hns3: add struct netdev_queue debug info for TX timeout
libata: Ensure ata_port probe has completed before detach
loop: fix no-unmap write-zeroes request behavior
pinctrl: sh-pfc: sh7734: Fix duplicate TCLK1_B
iio: dln2-adc: fix iio_triggered_buffer_postenable() position
libbpf: Fix error handling in bpf_map__reuse_fd()
Bluetooth: Fix advertising duplicated flags
pinctrl: amd: fix __iomem annotation in amd_gpio_irq_handler()
ixgbe: protect TX timestamping from API misuse
media: rcar_drif: fix a memory disclosure
media: v4l2-core: fix touch support in v4l_g_fmt
nvmem: imx-ocotp: reset error status on probe
rfkill: allocate static minor
bnx2x: Fix PF-VF communication over multi-cos queues.
spi: img-spfi: fix potential double release
ALSA: timer: Limit max amount of slave instances
rtlwifi: fix memory leak in rtl92c_set_fw_rsvdpagepkt()
perf probe: Fix to find range-only function instance
perf probe: Fix to list probe event with correct line number
perf jevents: Fix resource leak in process_mapfile() and main()
perf probe: Walk function lines in lexical blocks
perf probe: Fix to probe an inline function which has no entry pc
perf probe: Fix to show ranges of variables in functions without entry_pc
perf probe: Fix to show inlined function callsite without entry_pc
libsubcmd: Use -O0 with DEBUG=1
perf probe: Fix to probe a function which has no entry pc
perf tools: Splice events onto evlist even on error
drm/amdgpu: disallow direct upload save restore list from gfx driver
drm/amdgpu: fix potential double drop fence reference
xen/gntdev: Use select for DMA_SHARED_BUFFER
perf parse: If pmu configuration fails free terms
perf probe: Skip overlapped location on searching variables
perf probe: Return a better scope DIE if there is no best scope
perf probe: Fix to show calling lines of inlined functions
perf probe: Skip end-of-sequence and non statement lines
perf probe: Filter out instances except for inlined subroutine and subprogram
ath10k: fix get invalid tx rate for Mesh metric
fsi: core: Fix small accesses and unaligned offsets via sysfs
media: pvrusb2: Fix oops on tear-down when radio support is not present
soundwire: intel: fix PDI/stream mapping for Bulk
crypto: atmel - Fix authenc support when it is set to m
ice: delay less
media: si470x-i2c: add missed operations in remove
EDAC/ghes: Fix grain calculation
spi: pxa2xx: Add missed security checks
ASoC: rt5677: Mark reg RT5677_PWR_ANLG2 as volatile
iio: dac: ad5446: Add support for new AD5600 DAC
ASoC: Intel: kbl_rt5663_rt5514_max98927: Add dmic format constraint
s390/disassembler: don't hide instruction addresses
nvme: Discard workaround for non-conformant devices
parport: load lowlevel driver if ports not found
bcache: fix static checker warning in bcache_device_free()
cpufreq: Register drivers only after CPU devices have been registered
x86/crash: Add a forward declaration of struct kimage
tracing: use kvcalloc for tgid_map array allocation
tracing/kprobe: Check whether the non-suffixed symbol is notrace
bcache: fix deadlock in bcache_allocator
iwlwifi: mvm: fix unaligned read of rx_pkt_status
ASoC: wm8904: fix regcache handling
spi: tegra20-slink: add missed clk_unprepare
tun: fix data-race in gro_normal_list()
crypto: virtio - deal with unsupported input sizes
mmc: tmio: Add MMC_CAP_ERASE to allow erase/discard/trim requests
btrfs: don't prematurely free work in end_workqueue_fn()
btrfs: don't prematurely free work in run_ordered_work()
ASoC: wm2200: add missed operations in remove and probe failure
spi: st-ssc4: add missed pm_runtime_disable
ASoC: wm5100: add missed pm_runtime_disable
ASoC: Intel: bytcr_rt5640: Update quirk for Acer Switch 10 SW5-012 2-in-1
x86/insn: Add some Intel instructions to the opcode map
brcmfmac: remove monitor interface when detaching
iwlwifi: check kasprintf() return value
fbtft: Make sure string is NULL terminated
net: ethernet: ti: ale: clean ale tbl on init and intf restart
crypto: sun4i-ss - Fix 64-bit size_t warnings
crypto: sun4i-ss - Fix 64-bit size_t warnings on sun4i-ss-hash.c
mac80211: consider QoS Null frames for STA_NULLFUNC_ACKED
crypto: vmx - Avoid weird build failures
libtraceevent: Fix memory leakage in copy_filter_type
mips: fix build when "48 bits virtual memory" is enabled
drm/amdgpu: fix bad DMA from INTERRUPT_CNTL2
net: phy: initialise phydev speed and duplex sanely
btrfs: don't prematurely free work in reada_start_machine_worker()
btrfs: don't prematurely free work in scrub_missing_raid56_worker()
Revert "mmc: sdhci: Fix incorrect switch to HS mode"
mmc: mediatek: fix CMD_TA to 2 for MT8173 HS200/HS400 mode
can: kvaser_usb: kvaser_usb_leaf: Fix some info-leaks to USB devices
usb: xhci: Fix build warning seen with CONFIG_PM=n
drm/amdgpu: fix uninitialized variable pasid_mapping_needed
s390/ftrace: fix endless recursion in function_graph tracer
btrfs: return error pointer from alloc_test_extent_buffer
usbip: Fix receive error in vhci-hcd when using scatter-gather
usbip: Fix error path of vhci_recv_ret_submit()
cpufreq: Avoid leaving stale IRQ work items during CPU offline
USB: EHCI: Do not return -EPIPE when hub is disconnected
intel_th: pci: Add Comet Lake PCH-V support
intel_th: pci: Add Elkhart Lake SOC support
platform/x86: hp-wmi: Make buffer for HPWMI_FEATURE2_QUERY 128 bytes
staging: comedi: gsc_hpdi: check dma_alloc_coherent() return value
ext4: fix ext4_empty_dir() for directories with holes
ext4: check for directory entries too close to block end
ext4: unlock on error in ext4_expand_extra_isize()
KVM: arm64: Ensure 'params' is initialised when looking up sys register
x86/MCE/AMD: Do not use rdmsr_safe_on_cpu() in smca_configure()
x86/MCE/AMD: Allow Reserved types to be overwritten in smca_banks[]
powerpc/vcpu: Assume dedicated processors as non-preempt
powerpc/irq: fix stack overflow verification
mmc: sdhci-msm: Correct the offset and value for DDR_CONFIG register
mmc: sdhci-of-esdhc: Revert "mmc: sdhci-of-esdhc: add erratum A-009204 support"
mmc: sdhci: Update the tuning failed messages to pr_debug level
mmc: sdhci-of-esdhc: fix P2020 errata handling
mmc: sdhci: Workaround broken command queuing on Intel GLK
mmc: sdhci: Add a quirk for broken command queuing
nbd: fix shutdown and recv work deadlock v2
perf probe: Fix to show function entry line as probe-able
Linux 4.19.92
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ic4c7f9c713549ebb3319cd0275e88678bfa0e53d
[ Upstream commit cbb79863fc3175ed5ac506465948b02a893a8235 ]
If something has the IPMI driver open, don't allow the device
module to be unloaded. Before it would unload and the user would
get errors on use.
This change is made on user request, and it makes it consistent
with the I2C driver, which has the same behavior.
It does change things a little bit with respect to kernel users.
If the ACPI or IPMI watchdog (or any other kernel user) has
created a user, then the device module cannot be unloaded. Before
it could be unloaded,
This does not affect hot-plug. If the device goes away (it's on
something removable that is removed or is hot-removed via sysfs)
then it still behaves as it did before.
Reported-by: tony camuso <tcamuso@redhat.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Tested-by: tony camuso <tcamuso@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit eaecce12f5f0d2c35d278e41e1bc4522393861ab ]
When unloading omap3-rom-rng, we'll get the following:
WARNING: CPU: 0 PID: 100 at drivers/clk/clk.c:948 clk_core_disable
This is because the clock may be already disabled by omap3_rom_rng_idle().
Let's fix the issue by checking for rng_idle on exit.
Cc: Aaro Koskinen <aaro.koskinen@iki.fi>
Cc: Adam Ford <aford173@gmail.com>
Cc: Pali Rohár <pali.rohar@gmail.com>
Cc: Sebastian Reichel <sre@kernel.org>
Cc: Tero Kristo <t-kristo@ti.com>
Fixes: 1c6b7c2108 ("hwrng: OMAP3 ROM Random Number Generator support")
Signed-off-by: Tony Lindgren <tony@atomide.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl35M30ACgkQONu9yGCS
aT7MxQ/+P2k2knFpbzGfqn7Ug4fyrWJ8T0cvmcQYLxcddJdM+tQWuFfXR6rhg2U6
cCEkIAKVxihEA51PT6LYiynIMQ1UDAEYENfwYK4inVX2HbMsqDC4D0qnAkABzH27
sLXwhKOOGB/z1F7oKjjsX/cCwP3V2E0PL1P7owHZis6tB24pZrMEss24x/4+dDm9
zBDDxpR++mJypRvG3fA8oP5dhZZJNacIvLW+48wrxZWkIcVNnRV+QnyHZe68af1R
SH4+I12AAeEDyEsQI8yX8PmGAnj1RZrzRQhibxooyBH4642RbX2qCYJkutPjI5rG
pUl4970MdSHYMyEUwxh77b0jSO/9w7k02yatyp0DVA0PQ7p0lLBFZ96GEG9ytXJm
Csuc6HEXSSTvuX8pf/KAf18L6kgnUhlxywkDcrcAVLQofMDhODul3fJALmGSVJXW
jbp6AFoqT84I8Gm+je+vyuQciLnuH5C9wwxrOrWZzr+hLzZk60iG+OpRohn/g+Bx
PjDjvnump0JGjF89hfNc+v9F+ihz7GBwOxspGrgb27ViRIhcxf0GuYFxyJtEuDiW
6+gYNzWUaVC4RR1l1jXGWtGUPBsNV50sxFHK/Hx09UMIu/uJPMtF+TW9QDhJT1jr
kL1kKeCsRV54nWjiWKwTTI2I37xJCPuidW5hvLqf2+ZHYTfQzsE=
=Op5F
-----END PGP SIGNATURE-----
Merge 4.19.90 into android-4.19
Changes in 4.19.90
usb: gadget: configfs: Fix missing spin_lock_init()
usb: gadget: pch_udc: fix use after free
scsi: qla2xxx: Fix driver unload hang
media: venus: remove invalid compat_ioctl32 handler
USB: uas: honor flag to avoid CAPACITY16
USB: uas: heed CAPACITY_HEURISTICS
USB: documentation: flags on usb-storage versus UAS
usb: Allow USB device to be warm reset in suspended state
staging: rtl8188eu: fix interface sanity check
staging: rtl8712: fix interface sanity check
staging: gigaset: fix general protection fault on probe
staging: gigaset: fix illegal free on probe errors
staging: gigaset: add endpoint-type sanity check
usb: xhci: only set D3hot for pci device
xhci: Fix memory leak in xhci_add_in_port()
xhci: Increase STS_HALT timeout in xhci_suspend()
xhci: handle some XHCI_TRUST_TX_LENGTH quirks cases as default behaviour.
ARM: dts: pandora-common: define wl1251 as child node of mmc3
iio: adis16480: Add debugfs_reg_access entry
iio: humidity: hdc100x: fix IIO_HUMIDITYRELATIVE channel reporting
iio: imu: inv_mpu6050: fix temperature reporting using bad unit
USB: atm: ueagle-atm: add missing endpoint check
USB: idmouse: fix interface sanity checks
USB: serial: io_edgeport: fix epic endpoint lookup
usb: roles: fix a potential use after free
USB: adutux: fix interface sanity check
usb: core: urb: fix URB structure initialization function
usb: mon: Fix a deadlock in usbmon between mmap and read
tpm: add check after commands attribs tab allocation
mtd: spear_smi: Fix Write Burst mode
virtio-balloon: fix managed page counts when migrating pages between zones
usb: dwc3: pci: add ID for the Intel Comet Lake -H variant
usb: dwc3: gadget: Fix logical condition
usb: dwc3: ep0: Clear started flag on completion
phy: renesas: rcar-gen3-usb2: Fix sysfs interface of "role"
btrfs: check page->mapping when loading free space cache
btrfs: use refcount_inc_not_zero in kill_all_nodes
Btrfs: fix metadata space leak on fixup worker failure to set range as delalloc
Btrfs: fix negative subv_writers counter and data space leak after buffered write
btrfs: Avoid getting stuck during cyclic writebacks
btrfs: Remove btrfs_bio::flags member
Btrfs: send, skip backreference walking for extents with many references
btrfs: record all roots for rename exchange on a subvol
rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address
rtlwifi: rtl8192de: Fix missing callback that tests for hw release of buffer
rtlwifi: rtl8192de: Fix missing enable interrupt flag
lib: raid6: fix awk build warnings
ovl: fix corner case of non-unique st_dev;st_ino
ovl: relax WARN_ON() on rename to self
hwrng: omap - Fix RNG wait loop timeout
dm writecache: handle REQ_FUA
dm zoned: reduce overhead of backing device checks
workqueue: Fix spurious sanity check failures in destroy_workqueue()
workqueue: Fix pwq ref leak in rescuer_thread()
ASoC: rt5645: Fixed buddy jack support.
ASoC: rt5645: Fixed typo for buddy jack support.
ASoC: Jack: Fix NULL pointer dereference in snd_soc_jack_report
md: improve handling of bio with REQ_PREFLUSH in md_flush_request()
blk-mq: avoid sysfs buffer overflow with too many CPU cores
cgroup: pids: use atomic64_t for pids->limit
ar5523: check NULL before memcpy() in ar5523_cmd()
s390/mm: properly clear _PAGE_NOEXEC bit when it is not supported
media: bdisp: fix memleak on release
media: radio: wl1273: fix interrupt masking on release
media: cec.h: CEC_OP_REC_FLAG_ values were swapped
cpuidle: Do not unset the driver if it is there already
erofs: zero out when listxattr is called with no xattr
intel_th: Fix a double put_device() in error path
intel_th: pci: Add Ice Lake CPU support
intel_th: pci: Add Tiger Lake CPU support
PM / devfreq: Lock devfreq in trans_stat_show
cpufreq: powernv: fix stack bloat and hard limit on number of CPUs
ACPI / hotplug / PCI: Allocate resources directly under the non-hotplug bridge
ACPI: OSL: only free map once in osl.c
ACPI: bus: Fix NULL pointer check in acpi_bus_get_private_data()
ACPI: PM: Avoid attaching ACPI PM domain to certain devices
pinctrl: armada-37xx: Fix irq mask access in armada_37xx_irq_set_type()
pinctrl: samsung: Add of_node_put() before return in error path
pinctrl: samsung: Fix device node refcount leaks in Exynos wakeup controller init
pinctrl: samsung: Fix device node refcount leaks in S3C24xx wakeup controller init
pinctrl: samsung: Fix device node refcount leaks in init code
pinctrl: samsung: Fix device node refcount leaks in S3C64xx wakeup controller init
mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of pandora_wl1251_init_card
ARM: dts: omap3-tao3530: Fix incorrect MMC card detection GPIO polarity
ppdev: fix PPGETTIME/PPSETTIME ioctls
powerpc: Allow 64bit VDSO __kernel_sync_dicache to work across ranges >4GB
powerpc/xive: Prevent page fault issues in the machine crash handler
powerpc: Allow flush_icache_range to work across ranges >4GB
powerpc/xive: Skip ioremap() of ESB pages for LSI interrupts
video/hdmi: Fix AVI bar unpack
quota: Check that quota is not dirty before release
ext2: check err when partial != NULL
quota: fix livelock in dquot_writeback_dquots
ext4: Fix credit estimate for final inode freeing
reiserfs: fix extended attributes on the root directory
block: fix single range discard merge
scsi: zfcp: trace channel log even for FCP command responses
scsi: qla2xxx: Fix DMA unmap leak
scsi: qla2xxx: Fix hang in fcport delete path
scsi: qla2xxx: Fix session lookup in qlt_abort_work()
scsi: qla2xxx: Fix qla24xx_process_bidir_cmd()
scsi: qla2xxx: Always check the qla2x00_wait_for_hba_online() return value
scsi: qla2xxx: Fix message indicating vectors used by driver
scsi: qla2xxx: Fix SRB leak on switch command timeout
xhci: make sure interrupts are restored to correct state
usb: typec: fix use after free in typec_register_port()
omap: pdata-quirks: remove openpandora quirks for mmc3 and wl1251
scsi: lpfc: Cap NPIV vports to 256
scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE
scsi: lpfc: Correct topology type reporting on G7 adapters
drbd: Change drbd_request_detach_interruptible's return type to int
e100: Fix passing zero to 'PTR_ERR' warning in e100_load_ucode_wait
pvcalls-front: don't return error when the ring is full
sch_cake: Correctly update parent qlen when splitting GSO packets
net/smc: do not wait under send_lock
net: hns3: clear pci private data when unload hns3 driver
net: hns3: change hnae3_register_ae_dev() to int
net: hns3: Check variable is valid before assigning it to another
scsi: hisi_sas: send primitive NOTIFY to SSP situation only
scsi: hisi_sas: Reject setting programmed minimum linkrate > 1.5G
x86/MCE/AMD: Turn off MC4_MISC thresholding on all family 0x15 models
x86/MCE/AMD: Carve out the MC4_MISC thresholding quirk
power: supply: cpcap-battery: Fix signed counter sample register
mlxsw: spectrum_router: Refresh nexthop neighbour when it becomes dead
media: vimc: fix component match compare
ath10k: fix fw crash by moving chip reset after napi disabled
regulator: 88pm800: fix warning same module names
powerpc: Avoid clang warnings around setjmp and longjmp
powerpc: Fix vDSO clock_getres()
ext4: work around deleting a file with i_nlink == 0 safely
firmware: qcom: scm: Ensure 'a0' status code is treated as signed
mm/shmem.c: cast the type of unmap_start to u64
rtc: disable uie before setting time and enable after
splice: only read in as much information as there is pipe buffer space
ext4: fix a bug in ext4_wait_for_tail_page_commit
mfd: rk808: Fix RK818 ID template
mm, thp, proc: report THP eligibility for each vma
s390/smp,vdso: fix ASCE handling
blk-mq: make sure that line break can be printed
workqueue: Fix missing kfree(rescuer) in destroy_workqueue()
perf callchain: Fix segfault in thread__resolve_callchain_sample()
gre: refetch erspan header from skb->data after pskb_may_pull()
firmware: arm_scmi: Avoid double free in error flow
sunrpc: fix crash when cache_head become valid before update
net/mlx5e: Fix SFF 8472 eeprom length
leds: trigger: netdev: fix handling on interface rename
PCI: rcar: Fix missing MACCTLR register setting in initialization sequence
gfs2: fix glock reference problem in gfs2_trans_remove_revoke
of: overlay: add_changeset_property() memory leak
kernel/module.c: wakeup processes in module_wq on module unload
cifs: Fix potential softlockups while refreshing DFS cache
gpiolib: acpi: Add Terra Pad 1061 to the run_edge_events_on_boot_blacklist
raid5: need to set STRIPE_HANDLE for batch head
scsi: qla2xxx: Change discovery state before PLOGI
iio: imu: mpu6050: add missing available scan masks
idr: Fix idr_get_next_ul race with idr_remove
scsi: zorro_esp: Limit DMA transfers to 65536 bytes (except on Fastlane)
of: unittest: fix memory leak in attach_node_and_children
Linux 4.19.90
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I790291e9f3d3c8dd3f53e4387de25ff272ad4f39
commit 998174042da229e2cf5841f574aba4a743e69650 upstream.
Going through the uses of timeval in the user space API,
I noticed two bugs in ppdev that were introduced in the y2038
conversion:
* The range check was accidentally moved from ppsettime to
ppgettime
* On sparc64, the microseconds are in the other half of the
64-bit word.
Fix both, and mark the fix for stable backports.
Cc: stable@vger.kernel.org
Fixes: 3b9ab374a1 ("ppdev: convert to y2038 safe")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Link: https://lore.kernel.org/r/20191108203435.112759-8-arnd@arndb.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit be867f987a4e1222114dd07a01838a17c26f3fff upstream.
Existing RNG data read timeout is 200us but it doesn't cover EIP76 RNG
data rate which takes approx. 700us to produce 16 bytes of output data
as per testing results. So configure the timeout as 1000us to also take
account of lack of udelay()'s reliability.
Fixes: 383212425c ("hwrng: omap - Add device variant for SafeXcel IP-76 found in Armada 8K")
Cc: <stable@vger.kernel.org>
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit f1689114acc5e89a196fec6d732dae3e48edb6ad upstream.
devm_kcalloc() can fail and return NULL so we need to check for that.
Cc: stable@vger.kernel.org
Fixes: 58472f5cd4 ("tpm: validate TPM 2.0 commands")
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl3zQ1wACgkQONu9yGCS
aT6ZDA/+JQyM+mgrU2t5mkq9lXCwL87Jiooy0kKT9b/2EWmW5Gdxp/On9PXfqtfs
uZ+v0A1g1H+582uwuqG1wB2jr3I2AhNnRNbvSypGtk1Kitx9HqVJD/wWRRVCULww
cr3uA/ZOX+deRjOVYP3dhFp7ycn6u5+GxgmFQTLmKAYN8uUqq4/dpWy01iB0nr2A
GcoLm9P96o8P/wIWaykqOvshDrocbFcBL4VuxLeZCbFsAMTiX+jJnyIL8W7gfBJl
M2626S/hESk5DvGcMN3zwOw/nTJlvySUtfqXSvPk0sT90UMx/YZ9QdpS9GkvRb9t
OA1G+iHguEU+Fq/DawUyxwk/kt3nA6cg0q7RSxHo7QP6SGo7OaHHS1myzGDhL8oc
LDKXO2iSSzvXJDlqrU45N+1YhpeiIHCxmDctbUIM9dP4u6wWmQIyYXLrcpupTsm9
StiDBguXFHWSBFhG0+MlTUU5cypVNoN+56wBAUTR6+qoDASTzGvjNbrBsQihODV0
RMFJF17Zvn+UoEohe860EMswUBsJ+F+VSZO5yGuZgsaC/2Ih6M1dxsiNU7RF02gX
fRis6huj1+642ZsEbd2tueYGUaDN1HpMsVkN3AAkD3pJF5lX7AJRwhvRyC8N1jhc
G90KMSk2pR/ItjmUpkKaAhAKhN+oKSzuCPpHj2iGotfWdd4slXQ=
=Ekyt
-----END PGP SIGNATURE-----
Merge 4.19.89 into android-4.19
Changes in 4.19.89
rsi: release skb if rsi_prepare_beacon fails
arm64: tegra: Fix 'active-low' warning for Jetson TX1 regulator
sparc64: implement ioremap_uc
lp: fix sparc64 LPSETTIMEOUT ioctl
usb: gadget: u_serial: add missing port entry locking
tty: serial: fsl_lpuart: use the sg count from dma_map_sg
tty: serial: msm_serial: Fix flow control
serial: pl011: Fix DMA ->flush_buffer()
serial: serial_core: Perform NULL checks for break_ctl ops
serial: ifx6x60: add missed pm_runtime_disable
autofs: fix a leak in autofs_expire_indirect()
RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN
iwlwifi: pcie: don't consider IV len in A-MSDU
exportfs_decode_fh(): negative pinned may become positive without the parent locked
audit_get_nd(): don't unlock parent too early
NFC: nxp-nci: Fix NULL pointer dereference after I2C communication error
xfrm: release device reference for invalid state
Input: cyttsp4_core - fix use after free bug
sched/core: Avoid spurious lock dependencies
perf/core: Consistently fail fork on allocation failures
ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed()
drm/sun4i: tcon: Set min division of TCON0_DCLK to 1.
selftests: kvm: fix build with glibc >= 2.30
rsxx: add missed destroy_workqueue calls in remove
net: ep93xx_eth: fix mismatch of request_mem_region in remove
i2c: core: fix use after free in of_i2c_notify
serial: core: Allow processing sysrq at port unlock time
cxgb4vf: fix memleak in mac_hlist initialization
iwlwifi: mvm: synchronize TID queue removal
iwlwifi: trans: Clear persistence bit when starting the FW
iwlwifi: mvm: Send non offchannel traffic via AP sta
ARM: 8813/1: Make aligned 2-byte getuser()/putuser() atomic on ARMv6+
audit: Embed key into chunk
netfilter: nf_tables: don't use position attribute on rule replacement
ARC: IOC: panic if kernel was started with previously enabled IOC
net/mlx5: Release resource on error flow
clk: sunxi-ng: a64: Fix gate bit of DSI DPHY
ice: Fix NVM mask defines
dlm: fix possible call to kfree() for non-initialized pointer
ARM: dts: exynos: Fix LDO13 min values on Odroid XU3/XU4/HC1
extcon: max8997: Fix lack of path setting in USB device mode
net: ethernet: ti: cpts: correct debug for expired txq skb
rtc: s3c-rtc: Avoid using broken ALMYEAR register
rtc: max77686: Fix the returned value in case of error in 'max77686_rtc_read_time()'
i40e: don't restart nway if autoneg not supported
virtchnl: Fix off by one error
clk: rockchip: fix rk3188 sclk_smc gate data
clk: rockchip: fix rk3188 sclk_mac_lbtest parameter ordering
ARM: dts: rockchip: Fix rk3288-rock2 vcc_flash name
dlm: fix missing idr_destroy for recover_idr
MIPS: SiByte: Enable ZONE_DMA32 for LittleSur
net: dsa: mv88e6xxx: Work around mv886e6161 SERDES missing MII_PHYSID2
scsi: zfcp: update kernel message for invalid FCP_CMND length, it's not the CDB
scsi: zfcp: drop default switch case which might paper over missing case
drivers: soc: Allow building the amlogic drivers without ARCH_MESON
bus: ti-sysc: Fix getting optional clocks in clock_roles
ARM: dts: imx6: RDU2: fix eGalax touchscreen node
crypto: ecc - check for invalid values in the key verification test
crypto: bcm - fix normal/non key hash algorithm failure
arm64: dts: zynqmp: Fix node names which contain "_"
pinctrl: qcom: ssbi-gpio: fix gpio-hog related boot issues
Staging: iio: adt7316: Fix i2c data reading, set the data field
firmware: raspberrypi: Fix firmware calls with large buffers
mm/vmstat.c: fix NUMA statistics updates
clk: rockchip: fix I2S1 clock gate register for rk3328
clk: rockchip: fix ID of 8ch clock of I2S1 for rk3328
sctp: count sk_wmem_alloc by skb truesize in sctp_packet_transmit
regulator: Fix return value of _set_load() stub
USB: serial: f81534: fix reading old/new IC config
xfs: extent shifting doesn't fully invalidate page cache
net-next/hinic:fix a bug in set mac address
net-next/hinic: fix a bug in rx data flow
ice: Fix return value from NAPI poll
ice: Fix possible NULL pointer de-reference
iomap: FUA is wrong for DIO O_DSYNC writes into unwritten extents
iomap: sub-block dio needs to zeroout beyond EOF
iomap: dio data corruption and spurious errors when pipes fill
iomap: readpages doesn't zero page tail beyond EOF
iw_cxgb4: only reconnect with MPAv1 if the peer aborts
MIPS: OCTEON: octeon-platform: fix typing
net/smc: use after free fix in smc_wr_tx_put_slot()
math-emu/soft-fp.h: (_FP_ROUND_ZERO) cast 0 to void to fix warning
nds32: Fix the items of hwcap_str ordering issue.
rtc: max8997: Fix the returned value in case of error in 'max8997_rtc_read_alarm()'
rtc: dt-binding: abx80x: fix resistance scale
ARM: dts: exynos: Use Samsung SoC specific compatible for DWC2 module
media: coda: fix memory corruption in case more than 32 instances are opened
media: pulse8-cec: return 0 when invalidating the logical address
media: cec: report Vendor ID after initialization
iwlwifi: fix cfg structs for 22000 with different RF modules
ravb: Clean up duplex handling
net/ipv6: re-do dad when interface has IFF_NOARP flag change
dmaengine: coh901318: Fix a double-lock bug
dmaengine: coh901318: Remove unused variable
dmaengine: dw-dmac: implement dma protection control setting
net: qualcomm: rmnet: move null check on dev before dereferecing it
selftests/powerpc: Allocate base registers
selftests/powerpc: Skip test instead of failing
usb: dwc3: debugfs: Properly print/set link state for HS
usb: dwc3: don't log probe deferrals; but do log other error codes
ACPI: fix acpi_find_child_device() invocation in acpi_preset_companion()
f2fs: fix to account preflush command for noflush_merge mode
f2fs: fix count of seg_freed to make sec_freed correct
f2fs: change segment to section in f2fs_ioc_gc_range
ARM: dts: rockchip: Fix the PMU interrupt number for rv1108
ARM: dts: rockchip: Assign the proper GPIO clocks for rv1108
f2fs: fix to allow node segment for GC by ioctl path
sparc: Fix JIT fused branch convergance.
sparc: Correct ctx->saw_frame_pointer logic.
nvme: Free ctrl device name on init failure
dma-mapping: fix return type of dma_set_max_seg_size()
slimbus: ngd: Fix build error on x86
altera-stapl: check for a null key before strcasecmp'ing it
serial: imx: fix error handling in console_setup
i2c: imx: don't print error message on probe defer
clk: meson: Fix GXL HDMI PLL fractional bits width
gpu: host1x: Fix syncpoint ID field size on Tegra186
lockd: fix decoding of TEST results
sctp: increase sk_wmem_alloc when head->truesize is increased
iommu/amd: Fix line-break in error log reporting
ASoC: rsnd: tidyup registering method for rsnd_kctrl_new()
ARM: dts: sun4i: Fix gpio-keys warning
ARM: dts: sun4i: Fix HDMI output DTC warning
ARM: dts: sun5i: a10s: Fix HDMI output DTC warning
ARM: dts: r8a779[01]: Disable unconnected LVDS encoders
ARM: dts: sun7i: Fix HDMI output DTC warning
ARM: dts: sun8i: a23/a33: Fix OPP DTC warnings
ARM: dts: sun8i: v3s: Change pinctrl nodes to avoid warning
dlm: NULL check before kmem_cache_destroy is not needed
ARM: debug: enable UART1 for socfpga Cyclone5
can: xilinx: fix return type of ndo_start_xmit function
nfsd: fix a warning in __cld_pipe_upcall()
bpf: btf: implement btf_name_valid_identifier()
bpf: btf: check name validity for various types
tools: bpftool: fix a bitfield pretty print issue
ASoC: au8540: use 64-bit arithmetic instead of 32-bit
ARM: OMAP1/2: fix SoC name printing
arm64: dts: meson-gxl-libretech-cc: fix GPIO lines names
arm64: dts: meson-gxbb-nanopi-k2: fix GPIO lines names
arm64: dts: meson-gxbb-odroidc2: fix GPIO lines names
arm64: dts: meson-gxl-khadas-vim: fix GPIO lines names
net/x25: fix called/calling length calculation in x25_parse_address_block
net/x25: fix null_x25_address handling
tools/bpf: make libbpf _GNU_SOURCE friendly
clk: mediatek: Drop __init from mtk_clk_register_cpumuxes()
clk: mediatek: Drop more __init markings for driver probe
soc: renesas: r8a77970-sysc: Correct names of A2DP/A2CN power domains
soc: renesas: r8a77980-sysc: Correct names of A2DP[01] power domains
soc: renesas: r8a77980-sysc: Correct A3VIP[012] power domain hierarchy
kbuild: disable dtc simple_bus_reg warnings by default
tcp: make tcp_space() aware of socket backlog
ARM: dts: mmp2: fix the gpio interrupt cell number
ARM: dts: realview-pbx: Fix duplicate regulator nodes
tcp: fix off-by-one bug on aborting window-probing socket
tcp: fix SNMP under-estimation on failed retransmission
tcp: fix SNMP TCP timeout under-estimation
modpost: skip ELF local symbols during section mismatch check
kbuild: fix single target build for external module
mtd: fix mtd_oobavail() incoherent returned value
ARM: dts: pxa: clean up USB controller nodes
clk: meson: meson8b: fix the offset of vid_pll_dco's N value
clk: sunxi-ng: h3/h5: Fix CSI_MCLK parent
clk: qcom: Fix MSM8998 resets
media: cxd2880-spi: fix probe when dvb_attach fails
ARM: dts: realview: Fix some more duplicate regulator nodes
dlm: fix invalid cluster name warning
net/mlx4_core: Fix return codes of unsupported operations
pstore/ram: Avoid NULL deref in ftrace merging failure path
powerpc/math-emu: Update macros from GCC
clk: renesas: r8a77990: Correct parent clock of DU
clk: renesas: r8a77995: Correct parent clock of DU
MIPS: OCTEON: cvmx_pko_mem_debug8: use oldest forward compatible definition
nfsd: Return EPERM, not EACCES, in some SETATTR cases
media: uvcvideo: Abstract streaming object lifetime
tty: serial: qcom_geni_serial: Fix softlock
ARM: dts: sun8i: h3: Fix the system-control register range
tty: Don't block on IO when ldisc change is pending
media: stkwebcam: Bugfix for wrong return values
firmware: qcom: scm: fix compilation error when disabled
clk: qcom: gcc-msm8998: Disable halt check of UFS clocks
sctp: frag_point sanity check
soc: renesas: r8a77990-sysc: Fix initialization order of 3DG-{A,B}
mlxsw: spectrum_router: Relax GRE decap matching check
IB/hfi1: Ignore LNI errors before DC8051 transitions to Polling state
IB/hfi1: Close VNIC sdma_progress sleep window
mlx4: Use snprintf instead of complicated strcpy
usb: mtu3: fix dbginfo in qmu_tx_zlp_error_handler
clk: renesas: rcar-gen3: Set state when registering SD clocks
ASoC: max9867: Fix power management
ARM: dts: sunxi: Fix PMU compatible strings
ARM: dts: am335x-pdu001: Fix polarity of card detection input
media: vimc: fix start stream when link is disabled
net: aquantia: fix RSS table and key sizes
sched/fair: Scale bandwidth quota and period without losing quota/period ratio precision
fuse: verify nlink
fuse: verify attributes
ALSA: hda/realtek - Enable internal speaker of ASUS UX431FLC
ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop
ALSA: hda/realtek - Dell headphone has noise on unmute for ALC236
ALSA: pcm: oss: Avoid potential buffer overflows
ALSA: hda - Add mute led support for HP ProBook 645 G4
Input: synaptics - switch another X1 Carbon 6 to RMI/SMbus
Input: synaptics-rmi4 - re-enable IRQs in f34v7_do_reflash
Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers
Input: goodix - add upside-down quirk for Teclast X89 tablet
coresight: etm4x: Fix input validation for sysfs.
Input: Fix memory leak in psxpad_spi_probe
x86/mm/32: Sync only to VMALLOC_END in vmalloc_sync_all()
x86/PCI: Avoid AMD FCH XHCI USB PME# from D0 defect
xfrm interface: fix memory leak on creation
xfrm interface: avoid corruption on changelink
xfrm interface: fix list corruption for x-netns
xfrm interface: fix management of phydev
CIFS: Fix NULL-pointer dereference in smb2_push_mandatory_locks
CIFS: Fix SMB2 oplock break processing
tty: vt: keyboard: reject invalid keycodes
can: slcan: Fix use-after-free Read in slcan_open
kernfs: fix ino wrap-around detection
jbd2: Fix possible overflow in jbd2_log_space_left()
drm/msm: fix memleak on release
drm/i810: Prevent underflow in ioctl
arm64: dts: exynos: Revert "Remove unneeded address space mapping for soc node"
KVM: arm/arm64: vgic: Don't rely on the wrong pending table
KVM: x86: do not modify masked bits of shared MSRs
KVM: x86: fix presentation of TSX feature in ARCH_CAPABILITIES
KVM: x86: Grab KVM's srcu lock when setting nested state
crypto: crypto4xx - fix double-free in crypto4xx_destroy_sdr
crypto: atmel-aes - Fix IV handling when req->nbytes < ivsize
crypto: af_alg - cast ki_complete ternary op to int
crypto: ccp - fix uninitialized list head
crypto: ecdh - fix big endian bug in ECC library
crypto: user - fix memory leak in crypto_report
spi: atmel: Fix CS high support
mwifiex: update set_mac_address logic
can: ucan: fix non-atomic allocation in completion handler
RDMA/qib: Validate ->show()/store() callbacks before calling them
iomap: Fix pipe page leakage during splicing
thermal: Fix deadlock in thermal thermal_zone_device_check
vcs: prevent write access to vcsu devices
binder: Fix race between mmap() and binder_alloc_print_pages()
binder: Handle start==NULL in binder_update_page_range()
ALSA: hda - Fix pending unsol events at shutdown
md/raid0: Fix an error message in raid0_make_request()
watchdog: aspeed: Fix clock behaviour for ast2600
perf script: Fix invalid LBR/binary mismatch error
splice: don't read more than available pipe space
iomap: partially revert 4721a601099 (simulated directio short read on EFAULT)
xfs: add missing error check in xfs_prepare_shift()
ASoC: rsnd: fixup MIX kctrl registration
KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)
net: qrtr: fix memort leak in qrtr_tun_write_iter
appletalk: Fix potential NULL pointer dereference in unregister_snap_client
appletalk: Set error code if register_snap_client failed
Linux 4.19.89
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ie3fa59adde9a7e9a6d4684de0e95de14a8b83d0b
commit 45a2d64696b11913bcf1087b041740edbade3e21 upstream.
The layout of struct timeval is different on sparc64 from
anything else, and the patch I did long ago failed to take
this into account.
Change it now to handle sparc64 user space correctly again.
Quite likely nobody cares about parallel ports on sparc64,
but there is no reason not to fix it.
Cc: stable@vger.kernel.org
Fixes: 9a45048408 ("lp: support 64-bit time_t user space")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Link: https://lore.kernel.org/r/20191108203435.112759-7-arnd@arndb.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl3owgEACgkQONu9yGCS
aT43zw//SS1As83XXuHr4mdWIVDjXo6RMJ6Ib7YbRi/uhBmQuUuGVFcqGxUIA9Kl
eSXu5Kt8TNmInzHq9AMYgegrELAEwPD2XfptALGDwiUHonQuiFaqOQn/bltJOm1L
PsG15A7+/gFhuhPJDp2ZfNBmZGdpXdIwD27oUDqF1XD64dMa/HPbFUVgxWn3HHkd
sm0J6Ez0eNA+BmLnHXYDiSaEYIiwvy1nN6XpyIfOyb2Tz6kPoe0vVWU00Cmy8KAU
EIWB+TBRunspgMsShL5Cl1MSFOxf9QOmgnZxcrODAQfb1TbLMACB1FGMjK4nLm+3
wPlSnC7L49ARl/pvmN5NOUrjHi8S8qq/Od9QW+UIckRI6KzOU832h99v4gFuHjSC
KFiLi5K9+uTIMgNOETmINBiKKUcUzYXYVajvm4tuAUq3HO8wy6jeALtt34OiJZQZ
DV8wyBdL9NDUFqBymFaMFA4Us/fGIREzvPgI0E0jth2ANuLFLtScrnStuWv8buwJ
JT3V9xCxHZtZ3Ctevx/Jp6OaQtnbSnWjMjrO0UDzZ6N7+g5UKmh9/R3xL6sBpFVU
Vu49J+qWU3VmbY3EIulel+yARNe7xS4ExK185JmNzpYFyOpXum14FHhhtQ6xNSeu
dRqyITI0KYP7jWtBDKCgVAWF5jC9gHP1ksrHSZMhyGrv1dC1XZM=
=KnJW
-----END PGP SIGNATURE-----
Merge 4.19.88 into android-4.19
Changes in 4.19.88
clk: meson: gxbb: let sar_adc_clk_div set the parent clock rate
clocksource/drivers/mediatek: Fix error handling
ASoC: msm8916-wcd-analog: Fix RX1 selection in RDAC2 MUX
ASoC: compress: fix unsigned integer overflow check
reset: Fix memory leak in reset_control_array_put()
clk: samsung: exynos5433: Fix error paths
ASoC: kirkwood: fix external clock probe defer
ASoC: kirkwood: fix device remove ordering
clk: samsung: exynos5420: Preserve PLL configuration during suspend/resume
pinctrl: cherryview: Allocate IRQ chip dynamic
ARM: dts: imx6qdl-sabreauto: Fix storm of accelerometer interrupts
reset: fix reset_control_ops kerneldoc comment
clk: at91: avoid sleeping early
clk: sunxi: Fix operator precedence in sunxi_divs_clk_setup
clk: sunxi-ng: a80: fix the zero'ing of bits 16 and 18
ARM: dts: sun8i-a83t-tbs-a711: Fix WiFi resume from suspend
samples/bpf: fix build by setting HAVE_ATTR_TEST to zero
powerpc/bpf: Fix tail call implementation
idr: Fix integer overflow in idr_for_each_entry
idr: Fix idr_alloc_u32 on 32-bit systems
x86/resctrl: Prevent NULL pointer dereference when reading mondata
clk: ti: dra7-atl-clock: Remove ti_clk_add_alias call
clk: ti: clkctrl: Fix failed to enable error with double udelay timeout
net: fec: add missed clk_disable_unprepare in remove
bridge: ebtables: don't crash when using dnat target in output chains
can: peak_usb: report bus recovery as well
can: c_can: D_CAN: c_can_chip_config(): perform a sofware reset on open
can: rx-offload: can_rx_offload_queue_tail(): fix error handling, avoid skb mem leak
can: rx-offload: can_rx_offload_offload_one(): do not increase the skb_queue beyond skb_queue_len_max
can: rx-offload: can_rx_offload_offload_one(): increment rx_fifo_errors on queue overflow or OOM
can: rx-offload: can_rx_offload_offload_one(): use ERR_PTR() to propagate error value in case of errors
can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error
can: rx-offload: can_rx_offload_irq_offload_fifo(): continue on error
can: flexcan: increase error counters if skb enqueueing via can_rx_offload_queue_sorted() fails
can: mcp251x: mcp251x_restart_work_handler(): Fix potential force_quit race condition
watchdog: meson: Fix the wrong value of left time
ASoC: stm32: sai: add restriction on mmap support
scripts/gdb: fix debugging modules compiled with hot/cold partitioning
net: bcmgenet: use RGMII loopback for MAC reset
net: bcmgenet: reapply manual settings to the PHY
net: mscc: ocelot: fix __ocelot_rmw_ix prototype
ceph: return -EINVAL if given fsc mount option on kernel w/o support
net/fq_impl: Switch to kvmalloc() for memory allocation
mac80211: fix station inactive_time shortly after boot
block: drbd: remove a stray unlock in __drbd_send_protocol()
pwm: bcm-iproc: Prevent unloading the driver module while in use
scsi: target/tcmu: Fix queue_cmd_ring() declaration
scsi: lpfc: Fix kernel Oops due to null pring pointers
scsi: lpfc: Fix dif and first burst use in write commands
ARM: dts: Fix up SQ201 flash access
tracing: Lock event_mutex before synth_event_mutex
ARM: debug-imx: only define DEBUG_IMX_UART_PORT if needed
ARM: dts: imx51: Fix memory node duplication
ARM: dts: imx53: Fix memory node duplication
ARM: dts: imx31: Fix memory node duplication
ARM: dts: imx35: Fix memory node duplication
ARM: dts: imx7: Fix memory node duplication
ARM: dts: imx6ul: Fix memory node duplication
ARM: dts: imx6sx: Fix memory node duplication
ARM: dts: imx6sl: Fix memory node duplication
ARM: dts: imx50: Fix memory node duplication
ARM: dts: imx23: Fix memory node duplication
ARM: dts: imx1: Fix memory node duplication
ARM: dts: imx27: Fix memory node duplication
ARM: dts: imx25: Fix memory node duplication
ARM: dts: imx53-voipac-dmm-668: Fix memory node duplication
parisc: Fix serio address output
parisc: Fix HP SDC hpa address output
ARM: dts: Fix hsi gdd range for omap4
arm64: mm: Prevent mismatched 52-bit VA support
arm64: smp: Handle errors reported by the firmware
bus: ti-sysc: Check for no-reset and no-idle flags at the child level
platform/x86: mlx-platform: Fix LED configuration
ARM: OMAP1: fix USB configuration for device-only setups
RDMA/hns: Fix the bug while use multi-hop of pbl
arm64: preempt: Fix big-endian when checking preempt count in assembly
RDMA/vmw_pvrdma: Use atomic memory allocation in create AH
PM / AVS: SmartReflex: NULL check before some freeing functions is not needed
xfs: zero length symlinks are not valid
ARM: ks8695: fix section mismatch warning
ACPI / LPSS: Ignore acpi_device_fix_up_power() return value
scsi: lpfc: Enable Management features for IF_TYPE=6
scsi: qla2xxx: Fix NPIV handling for FC-NVMe
scsi: qla2xxx: Fix for FC-NVMe discovery for NPIV port
nvme: provide fallback for discard alloc failure
s390/zcrypt: make sysfs reset attribute trigger queue reset
crypto: user - support incremental algorithm dumps
arm64: dts: renesas: draak: Fix CVBS input
mwifiex: fix potential NULL dereference and use after free
mwifiex: debugfs: correct histogram spacing, formatting
brcmfmac: set F2 watermark to 256 for 4373
brcmfmac: set SDIO F1 MesBusyCtrl for CYW4373
rtl818x: fix potential use after free
bcache: do not check if debug dentry is ERR or NULL explicitly on remove
bcache: do not mark writeback_running too early
xfs: require both realtime inodes to mount
nvme: fix kernel paging oops
ubifs: Fix default compression selection in ubifs
ubi: Put MTD device after it is not used
ubi: Do not drop UBI device reference before using
microblaze: adjust the help to the real behavior
microblaze: move "... is ready" messages to arch/microblaze/Makefile
microblaze: fix multiple bugs in arch/microblaze/boot/Makefile
iwlwifi: move iwl_nvm_check_version() into dvm
iwlwifi: mvm: force TCM re-evaluation on TCM resume
iwlwifi: pcie: fix erroneous print
iwlwifi: pcie: set cmd_len in the correct place
gpio: pca953x: Fix AI overflow on PCAL6524
gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB
kvm: vmx: Set IA32_TSC_AUX for legacy mode guests
Revert "KVM: nVMX: reset cache/shadows when switching loaded VMCS"
Revert "KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode()"
crypto/chelsio/chtls: listen fails with multiadapt
VSOCK: bind to random port for VMADDR_PORT_ANY
mmc: meson-gx: make sure the descriptor is stopped on errors
mtd: rawnand: sunxi: Write pageprog related opcodes to WCMD_SET
usb: ehci-omap: Fix deferred probe for phy handling
btrfs: Check for missing device before bio submission in btrfs_map_bio
btrfs: fix ncopies raid_attr for RAID56
btrfs: dev-replace: set result code of cancel by status of scrub
Btrfs: allow clear_extent_dirty() to receive a cached extent state record
btrfs: only track ref_heads in delayed_ref_updates
serial: sh-sci: Fix crash in rx_timer_fn() on PIO fallback
HID: intel-ish-hid: fixes incorrect error handling
gpio: raspberrypi-exp: decrease refcount on firmware dt node
serial: 8250: Rate limit serial port rx interrupts during input overruns
kprobes/x86/xen: blacklist non-attachable xen interrupt functions
xen/pciback: Check dev_data before using it
kprobes: Blacklist symbols in arch-defined prohibited area
kprobes/x86: Show x86-64 specific blacklisted symbols correctly
vfio-mdev/samples: Use u8 instead of char for handle functions
memory: omap-gpmc: Get the header of the enum
pinctrl: xway: fix gpio-hog related boot issues
net/mlx5: Continue driver initialization despite debugfs failure
netfilter: nf_nat_sip: fix RTP/RTCP source port translations
exofs_mount(): fix leaks on failure exits
bnxt_en: Return linux standard errors in bnxt_ethtool.c
bnxt_en: Save ring statistics before reset.
bnxt_en: query force speeds before disabling autoneg mode.
KVM: s390: unregister debug feature on failing arch init
pinctrl: sh-pfc: r8a77990: Fix MOD_SEL0 SEL_I2C1 field width
pinctrl: sh-pfc: sh7264: Fix PFCR3 and PFCR0 register configuration
pinctrl: sh-pfc: sh7734: Fix shifted values in IPSR10
HID: doc: fix wrong data structure reference for UHID_OUTPUT
dm flakey: Properly corrupt multi-page bios.
gfs2: take jdata unstuff into account in do_grow
dm raid: fix false -EBUSY when handling check/repair message
xfs: Align compat attrlist_by_handle with native implementation.
xfs: Fix bulkstat compat ioctls on x32 userspace.
IB/qib: Fix an error code in qib_sdma_verbs_send()
clocksource/drivers/fttmr010: Fix invalid interrupt register access
vxlan: Fix error path in __vxlan_dev_create()
powerpc/book3s/32: fix number of bats in p/v_block_mapped()
powerpc/xmon: fix dump_segments()
drivers/regulator: fix a missing check of return value
Bluetooth: hci_bcm: Handle specific unknown packets after firmware loading
serial: max310x: Fix tx_empty() callback
openrisc: Fix broken paths to arch/or32
RDMA/srp: Propagate ib_post_send() failures to the SCSI mid-layer
scsi: qla2xxx: deadlock by configfs_depend_item
scsi: csiostor: fix incorrect dma device in case of vport
brcmfmac: Fix access point mode
ath6kl: Only use match sets when firmware supports it
ath6kl: Fix off by one error in scan completion
powerpc/perf: Fix unit_sel/cache_sel checks
powerpc/32: Avoid unsupported flags with clang
powerpc/prom: fix early DEBUG messages
powerpc/mm: Make NULL pointer deferences explicit on bad page faults.
powerpc/44x/bamboo: Fix PCI range
vfio/spapr_tce: Get rid of possible infinite loop
powerpc/powernv/eeh/npu: Fix uninitialized variables in opal_pci_eeh_freeze_status
drbd: ignore "all zero" peer volume sizes in handshake
drbd: reject attach of unsuitable uuids even if connected
drbd: do not block when adjusting "disk-options" while IO is frozen
drbd: fix print_st_err()'s prototype to match the definition
IB/rxe: Make counters thread safe
bpf/cpumap: make sure frame_size for build_skb is aligned if headroom isn't
regulator: tps65910: fix a missing check of return value
powerpc/83xx: handle machine check caused by watchdog timer
powerpc/pseries: Fix node leak in update_lmb_associativity_index()
powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y
crypto: mxc-scc - fix build warnings on ARM64
pwm: clps711x: Fix period calculation
net/netlink_compat: Fix a missing check of nla_parse_nested
net/net_namespace: Check the return value of register_pernet_subsys()
f2fs: fix block address for __check_sit_bitmap
f2fs: fix to dirty inode synchronously
um: Include sys/uio.h to have writev()
um: Make GCOV depend on !KCOV
net: (cpts) fix a missing check of clk_prepare
net: stmicro: fix a missing check of clk_prepare
net: dsa: bcm_sf2: Propagate error value from mdio_write
atl1e: checking the status of atl1e_write_phy_reg
tipc: fix a missing check of genlmsg_put
net: marvell: fix a missing check of acpi_match_device
net/wan/fsl_ucc_hdlc: Avoid double free in ucc_hdlc_probe()
ocfs2: clear journal dirty flag after shutdown journal
vmscan: return NODE_RECLAIM_NOSCAN in node_reclaim() when CONFIG_NUMA is n
mm/page_alloc.c: free order-0 pages through PCP in page_frag_free()
mm/page_alloc.c: use a single function to free page
mm/page_alloc.c: deduplicate __memblock_free_early() and memblock_free()
tools/vm/page-types.c: fix "kpagecount returned fewer pages than expected" failures
netfilter: nf_tables: fix a missing check of nla_put_failure
xprtrdma: Prevent leak of rpcrdma_rep objects
infiniband: bnxt_re: qplib: Check the return value of send_message
infiniband/qedr: Potential null ptr dereference of qp
firmware: arm_sdei: fix wrong of_node_put() in init function
firmware: arm_sdei: Fix DT platform device creation
lib/genalloc.c: fix allocation of aligned buffer from non-aligned chunk
lib/genalloc.c: use vzalloc_node() to allocate the bitmap
fork: fix some -Wmissing-prototypes warnings
drivers/base/platform.c: kmemleak ignore a known leak
lib/genalloc.c: include vmalloc.h
mtd: Check add_mtd_device() ret code
tipc: fix memory leak in tipc_nl_compat_publ_dump
net/core/neighbour: tell kmemleak about hash tables
ata: ahci: mvebu: do Armada 38x configuration only on relevant SoCs
PCI/MSI: Return -ENOSPC from pci_alloc_irq_vectors_affinity()
net/core/neighbour: fix kmemleak minimal reference count for hash tables
serial: 8250: Fix serial8250 initialization crash
gpu: ipu-v3: pre: don't trigger update if buffer address doesn't change
sfc: suppress duplicate nvmem partition types in efx_ef10_mtd_probe
ip_tunnel: Make none-tunnel-dst tunnel port work with lwtunnel
decnet: fix DN_IFREQ_SIZE
net/smc: prevent races between smc_lgr_terminate() and smc_conn_free()
net/smc: don't wait for send buffer space when data was already sent
mm/hotplug: invalid PFNs from pfn_to_online_page()
xfs: end sync buffer I/O properly on shutdown error
net/smc: fix sender_free computation
blktrace: Show requests without sector
net/smc: fix byte_order for rx_curs_confirmed
tipc: fix skb may be leaky in tipc_link_input
ASoC: samsung: i2s: Fix prescaler setting for the secondary DAI
sfc: initialise found bitmap in efx_ef10_mtd_probe
geneve: change NET_UDP_TUNNEL dependency to select
net: fix possible overflow in __sk_mem_raise_allocated()
net: ip_gre: do not report erspan_ver for gre or gretap
net: ip6_gre: do not report erspan_ver for ip6gre or ip6gretap
sctp: don't compare hb_timer expire date before starting it
bpf: decrease usercnt if bpf_map_new_fd() fails in bpf_map_get_fd_by_id()
mmc: core: align max segment size with logical block size
net: dev: Use unsigned integer as an argument to left-shift
kvm: properly check debugfs dentry before using it
bpf: drop refcount if bpf_map_new_fd() fails in map_create()
net: hns3: Change fw error code NOT_EXEC to NOT_SUPPORTED
net: hns3: fix PFC not setting problem for DCB module
net: hns3: fix an issue for hclgevf_ae_get_hdev
net: hns3: fix an issue for hns3_update_new_int_gl
iommu/amd: Fix NULL dereference bug in match_hid_uid
apparmor: delete the dentry in aafs_remove() to avoid a leak
scsi: libsas: Support SATA PHY connection rate unmatch fixing during discovery
ACPI / APEI: Don't wait to serialise with oops messages when panic()ing
ACPI / APEI: Switch estatus pool to use vmalloc memory
scsi: hisi_sas: shutdown axi bus to avoid exception CQ returned
scsi: libsas: Check SMP PHY control function result
RDMA/hns: Fix the bug with updating rq head pointer when flush cqe
RDMA/hns: Bugfix for the scene without receiver queue
RDMA/hns: Fix the state of rereg mr
RDMA/hns: Use GFP_ATOMIC in hns_roce_v2_modify_qp
ASoC: rt5645: Headphone Jack sense inverts on the LattePanda board
powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property()
xdp: fix cpumap redirect SKB creation bug
mtd: Remove a debug trace in mtdpart.c
mm, gup: add missing refcount overflow checks on s390
clk: at91: fix update bit maps on CFG_MOR write
clk: at91: generated: set audio_pll_allowed in at91_clk_register_generated()
usb: dwc2: use a longer core rest timeout in dwc2_core_reset()
staging: rtl8192e: fix potential use after free
staging: rtl8723bs: Drop ACPI device ids
staging: rtl8723bs: Add 024c:0525 to the list of SDIO device-ids
USB: serial: ftdi_sio: add device IDs for U-Blox C099-F9P
mei: bus: prefix device names on bus with the bus name
mei: me: add comet point V device id
thunderbolt: Power cycle the router if NVM authentication fails
xfrm: Fix memleak on xfrm state destroy
media: v4l2-ctrl: fix flags for DO_WHITE_BALANCE
net: macb: fix error format in dev_err()
pwm: Clear chip_data in pwm_put()
media: atmel: atmel-isc: fix asd memory allocation
media: atmel: atmel-isc: fix INIT_WORK misplacement
macvlan: schedule bc_work even if error
net: psample: fix skb_over_panic
openvswitch: fix flow command message size
sctp: Fix memory leak in sctp_sf_do_5_2_4_dupcook
slip: Fix use-after-free Read in slip_open
openvswitch: drop unneeded BUG_ON() in ovs_flow_cmd_build_info()
openvswitch: remove another BUG_ON()
selftests: bpf: test_sockmap: handle file creation failures gracefully
tipc: fix link name length check
sctp: cache netns in sctp_ep_common
net: sched: fix `tc -s class show` no bstats on class with nolock subqueues
net: macb: add missed tasklet_kill
ext4: add more paranoia checking in ext4_expand_extra_isize handling
watchdog: sama5d4: fix WDD value to be always set to max
net: macb: Fix SUBNS increment and increase resolution
net: macb driver, check for SKBTX_HW_TSTAMP
mtd: rawnand: atmel: Fix spelling mistake in error message
mtd: rawnand: atmel: fix possible object reference leak
mtd: spi-nor: cast to u64 to avoid uint overflows
drm/atmel-hlcdc: revert shift by 8
mailbox: stm32_ipcc: add spinlock to fix channels concurrent access
tcp: exit if nothing to retransmit on RTO timeout
HID: core: check whether Usage Page item is after Usage ID items
crypto: stm32/hash - Fix hmac issue more than 256 bytes
media: stm32-dcmi: fix DMA corruption when stopping streaming
media: stm32-dcmi: fix check of pm_runtime_get_sync return value
hwrng: stm32 - fix unbalanced pm_runtime_enable
clk: stm32mp1: fix HSI divider flag
clk: stm32mp1: fix mcu divider table
clk: stm32mp1: add CLK_SET_RATE_NO_REPARENT to Kernel clocks
clk: stm32mp1: parent clocks update
mailbox: mailbox-test: fix null pointer if no mmio
pinctrl: stm32: fix memory leak issue
ASoC: stm32: i2s: fix dma configuration
ASoC: stm32: i2s: fix 16 bit format support
ASoC: stm32: i2s: fix IRQ clearing
ASoC: stm32: sai: add missing put_device()
dmaengine: stm32-dma: check whether length is aligned on FIFO threshold
platform/x86: hp-wmi: Fix ACPI errors caused by too small buffer
platform/x86: hp-wmi: Fix ACPI errors caused by passing 0 as input size
net: fec: fix clock count mis-match
Linux 4.19.88
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ifd3801a77cb551be72788031e7fcfc8a1d4fd197
commit af0d4442dd6813de6e77309063beb064fa8e89ae upstream.
No remove function implemented yet in the driver.
Without remove function, the pm_runtime implementation
complains when removing and probing again the driver.
Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl3jdysACgkQONu9yGCS
aT49mhAAxl50oRh0bSk/SikbVCn7kRaoRNlCBsPtvtvbDDIpyREIzMRmIbH2OZjS
ji1umUu8iMj+HXW72dWNqPo2K337UzcNRsUXWAdJH8Et+ao+xOUV1jps/Zr3D9ca
2Cw6iTn2QFhKQythMlCxb30sf+kN4cAU1XY3M8xEWXB+4nAqc/aFW7mRAP1jusRb
1DAW+xqPiwCbaag1v5OzumAOGBhpmTcX8sfEYM+3DKcPgGL1jPyYeWlXA26nih8/
LQR6r2tAb454pipV0uApJ2u7V5nNxprcrfUNDmAfap2q/eF1w5pBbZoS5sqpf1eZ
2ycZ36w0ThE7lJKvNrfjq13Su+bGtpENxHlwesNPbsvz0F4xoEkelYSCE1gJBaHX
CZvq1Dhrk5DBvkCCElV8+CJxxuhMUZwzOwrz2iBLdPnpCpSgj8uNPLXMJno6D9fH
PZMCcBFf4WnCUBc06fB7qG+Z7y0TeAuLsNQmK3zYQoEc1gz4Yk5aFo7NgTyajqbD
YKINVP2Wj11TDBssolIA58EYcc2J38As54wuOvYtwy+k/mVkvZVhCPOtI+h3UYm4
lX2ROCHTzt+Av5qFlM8aSBcIlm1qihzSHEdnyqX2EZvUGC4C5Mc5/Eml3QJxAnVh
SzUfLZGzzfntpnWn2cJZ/EA/p6hXujG5k95LEwtAnxxYBFpLTKc=
=d8kA
-----END PGP SIGNATURE-----
Merge 4.19.87 into android-4.19
Changes in 4.19.87
mlxsw: spectrum_router: Fix determining underlay for a GRE tunnel
net/mlx4_en: fix mlx4 ethtool -N insertion
net/mlx4_en: Fix wrong limitation for number of TX rings
net: rtnetlink: prevent underflows in do_setvfinfo()
net/sched: act_pedit: fix WARN() in the traffic path
net: sched: ensure opts_len <= IP_TUNNEL_OPTS_MAX in act_tunnel_key
sfc: Only cancel the PPS workqueue if it exists
net/mlx5e: Fix set vf link state error flow
net/mlxfw: Verify FSM error code translation doesn't exceed array size
net/mlx5: Fix auto group size calculation
vhost/vsock: split packets to send using multiple buffers
gpio: max77620: Fixup debounce delays
tools: gpio: Correctly add make dependencies for gpio_utils
nbd:fix memory leak in nbd_get_socket()
virtio_console: allocate inbufs in add_port() only if it is needed
Revert "fs: ocfs2: fix possible null-pointer dereferences in ocfs2_xa_prepare_entry()"
mm/ksm.c: don't WARN if page is still mapped in remove_stable_node()
drm/amd/powerplay: issue no PPSMC_MSG_GetCurrPkgPwr on unsupported ASICs
drm/i915/pmu: "Frequency" is reported as accumulated cycles
drm/i915/userptr: Try to acquire the page lock around set_page_dirty()
mwifiex: Fix NL80211_TX_POWER_LIMITED
ALSA: isight: fix leak of reference to firewire unit in error path of .probe callback
crypto: testmgr - fix sizeof() on COMP_BUF_SIZE
printk: lock/unlock console only for new logbuf entries
printk: fix integer overflow in setup_log_buf()
pinctrl: madera: Fix uninitialized variable bug in madera_mux_set_mux
PCI: cadence: Write MSI data with 32bits
gfs2: Fix marking bitmaps non-full
pty: fix compat ioctls
synclink_gt(): fix compat_ioctl()
powerpc: Fix signedness bug in update_flash_db()
powerpc/boot: Fix opal console in boot wrapper
powerpc/boot: Disable vector instructions
powerpc/eeh: Fix null deref for devices removed during EEH
powerpc/eeh: Fix use of EEH_PE_KEEP on wrong field
EDAC, thunderx: Fix memory leak in thunderx_l2c_threaded_isr()
mt76: do not store aggregation sequence number for null-data frames
mt76x0: phy: fix restore phase in mt76x0_phy_recalibrate_after_assoc
brcmsmac: AP mode: update beacon when TIM changes
ath10k: set probe request oui during driver start
ath10k: allocate small size dma memory in ath10k_pci_diag_write_mem
skd: fixup usage of legacy IO API
cdrom: don't attempt to fiddle with cdo->capability
spi: sh-msiof: fix deferred probing
mmc: mediatek: fill the actual clock for mmc debugfs
mmc: mediatek: fix cannot receive new request when msdc_cmd_is_ready fail
PCI: mediatek: Fix class type for MT7622 to PCI_CLASS_BRIDGE_PCI
btrfs: defrag: use btrfs_mod_outstanding_extents in cluster_pages_for_defrag
btrfs: handle error of get_old_root
gsmi: Fix bug in append_to_eventlog sysfs handler
misc: mic: fix a DMA pool free failure
w1: IAD Register is yet readable trough iad sys file. Fix snprintf (%u for unsigned, count for max size).
m68k: fix command-line parsing when passed from u-boot
scsi: hisi_sas: Feed back linkrate(max/min) when re-attached
scsi: hisi_sas: Fix the race between IO completion and timeout for SMP/internal IO
scsi: hisi_sas: Free slot later in slot_complete_vx_hw()
RDMA/bnxt_re: Avoid NULL check after accessing the pointer
RDMA/bnxt_re: Fix qp async event reporting
RDMA/bnxt_re: Avoid resource leak in case the NQ registration fails
pinctrl: sunxi: Fix a memory leak in 'sunxi_pinctrl_build_state()'
pwm: lpss: Only set update bit if we are actually changing the settings
amiflop: clean up on errors during setup
qed: Align local and global PTT to propagate through the APIs.
scsi: ips: fix missing break in switch
nfp: bpf: protect against mis-initializing atomic counters
KVM: nVMX: reset cache/shadows when switching loaded VMCS
KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode()
KVM/x86: Fix invvpid and invept register operand size in 64-bit mode
clk: tegra: Fixes for MBIST work around
scsi: isci: Use proper enumerated type in atapi_d2h_reg_frame_handler
scsi: isci: Change sci_controller_start_task's return type to sci_status
scsi: bfa: Avoid implicit enum conversion in bfad_im_post_vendor_event
scsi: iscsi_tcp: Explicitly cast param in iscsi_sw_tcp_host_get_param
crypto: ccree - avoid implicit enum conversion
nvmet: avoid integer overflow in the discard code
nvmet-fcloop: suppress a compiler warning
nvme-pci: fix hot removal during error handling
PCI: mediatek: Fixup MSI enablement logic by enabling MSI before clocks
clk: mmp2: fix the clock id for sdh2_clk and sdh3_clk
clk: at91: audio-pll: fix audio pmc type
ASoC: tegra_sgtl5000: fix device_node refcounting
scsi: dc395x: fix dma API usage in srb_done
scsi: dc395x: fix DMA API usage in sg_update_list
scsi: zorro_esp: Limit DMA transfers to 65535 bytes
net: dsa: mv88e6xxx: Fix 88E6141/6341 2500mbps SERDES speed
net: fix warning in af_unix
net: ena: Fix Kconfig dependency on X86
xfs: fix use-after-free race in xfs_buf_rele
xfs: clear ail delwri queued bufs on unmount of shutdown fs
kprobes, x86/ptrace.h: Make regs_get_kernel_stack_nth() not fault on bad stack
ACPI / scan: Create platform device for INT33FE ACPI nodes
PM / Domains: Deal with multiple states but no governor in genpd
ALSA: i2c/cs8427: Fix int to char conversion
macintosh/windfarm_smu_sat: Fix debug output
PCI: vmd: Detach resources after stopping root bus
USB: misc: appledisplay: fix backlight update_status return code
usbip: tools: fix atoi() on non-null terminated string
sctp: use sk_wmem_queued to check for writable space
dm raid: avoid bitmap with raid4/5/6 journal device
selftests/bpf: fix file resource leak in load_kallsyms
SUNRPC: Fix a compile warning for cmpxchg64()
sunrpc: safely reallow resvport min/max inversion
atm: zatm: Fix empty body Clang warnings
s390/perf: Return error when debug_register fails
swiotlb: do not panic on mapping failures
spi: omap2-mcspi: Set FIFO DMA trigger level to word length
x86/intel_rdt: Prevent pseudo-locking from using stale pointers
sparc: Fix parport build warnings.
scsi: hisi_sas: Fix NULL pointer dereference
powerpc/pseries: Export raw per-CPU VPA data via debugfs
powerpc/mm/radix: Fix off-by-one in split mapping logic
powerpc/mm/radix: Fix overuse of small pages in splitting logic
powerpc/mm/radix: Fix small page at boundary when splitting
powerpc/64s/radix: Fix radix__flush_tlb_collapsed_pmd double flushing pmd
selftests/bpf: fix return value comparison for tests in test_libbpf.sh
tools: bpftool: fix completion for "bpftool map update"
ceph: fix dentry leak in ceph_readdir_prepopulate
ceph: only allow punch hole mode in fallocate
rtc: s35390a: Change buf's type to u8 in s35390a_init
RISC-V: Avoid corrupting the upper 32-bit of phys_addr_t in ioremap
thermal: armada: fix a test in probe()
f2fs: fix to spread clear_cold_data()
f2fs: spread f2fs_set_inode_flags()
mISDN: Fix type of switch control variable in ctrl_teimanager
qlcnic: fix a return in qlcnic_dcb_get_capability()
net: ethernet: ti: cpsw: unsync mcast entries while switch promisc mode
mfd: arizona: Correct calling of runtime_put_sync
mfd: mc13xxx-core: Fix PMIC shutdown when reading ADC values
mfd: intel_soc_pmic_bxtwc: Chain power button IRQs as well
mfd: max8997: Enale irq-wakeup unconditionally
net: socionext: Stop PHY before resetting netsec
fs/cifs: fix uninitialised variable warnings
spi: uniphier: fix incorrect property items
selftests/ftrace: Fix to test kprobe $comm arg only if available
selftests: watchdog: fix message when /dev/watchdog open fails
selftests: watchdog: Fix error message.
selftests: kvm: Fix -Wformat warnings
selftests: fix warning: "_GNU_SOURCE" redefined
thermal: rcar_thermal: fix duplicate IRQ request
thermal: rcar_thermal: Prevent hardware access during system suspend
net: ethernet: cadence: fix socket buffer corruption problem
bpf: devmap: fix wrong interface selection in notifier_call
bpf, btf: fix a missing check bug in btf_parse
powerpc/process: Fix flush_all_to_thread for SPE
sparc64: Rework xchg() definition to avoid warnings.
arm64: lib: use C string functions with KASAN enabled
fs/ocfs2/dlm/dlmdebug.c: fix a sleep-in-atomic-context bug in dlm_print_one_mle()
mm/page-writeback.c: fix range_cyclic writeback vs writepages deadlock
tools/testing/selftests/vm/gup_benchmark.c: fix 'write' flag usage
mm: thp: fix MADV_DONTNEED vs migrate_misplaced_transhuge_page race condition
macsec: update operstate when lower device changes
macsec: let the administrator set UP state even if lowerdev is down
block: fix the DISCARD request merge
i2c: uniphier-f: make driver robust against concurrency
i2c: uniphier-f: fix occasional timeout error
i2c: uniphier-f: fix race condition when IRQ is cleared
um: Make line/tty semantics use true write IRQ
vfs: avoid problematic remapping requests into partial EOF block
ipv4/igmp: fix v1/v2 switchback timeout based on rfc3376, 8.12
powerpc/xmon: Relax frame size for clang
selftests/powerpc/ptrace: Fix out-of-tree build
selftests/powerpc/signal: Fix out-of-tree build
selftests/powerpc/switch_endian: Fix out-of-tree build
selftests/powerpc/cache_shape: Fix out-of-tree build
block: call rq_qos_exit() after queue is frozen
mm/gup_benchmark.c: prevent integer overflow in ioctl
linux/bitmap.h: handle constant zero-size bitmaps correctly
linux/bitmap.h: fix type of nbits in bitmap_shift_right()
lib/bitmap.c: fix remaining space computation in bitmap_print_to_pagebuf
hfsplus: fix BUG on bnode parent update
hfs: fix BUG on bnode parent update
hfsplus: prevent btree data loss on ENOSPC
hfs: prevent btree data loss on ENOSPC
hfsplus: fix return value of hfsplus_get_block()
hfs: fix return value of hfs_get_block()
hfsplus: update timestamps on truncate()
hfs: update timestamp on truncate()
fs/hfs/extent.c: fix array out of bounds read of array extent
kernel/panic.c: do not append newline to the stack protector panic string
mm/memory_hotplug: make add_memory() take the device_hotplug_lock
mm/memory_hotplug: fix online/offline_pages called w.o. mem_hotplug_lock
powerpc/powernv: hold device_hotplug_lock when calling device_online()
igb: shorten maximum PHC timecounter update interval
fm10k: ensure completer aborts are marked as non-fatal after a resume
net: hns3: bugfix for buffer not free problem during resetting
net: hns3: bugfix for reporting unknown vector0 interrupt repeatly problem
net: hns3: bugfix for is_valid_csq_clean_head()
net: hns3: bugfix for hclge_mdio_write and hclge_mdio_read
ntb_netdev: fix sleep time mismatch
ntb: intel: fix return value for ndev_vec_mask()
irq/matrix: Fix memory overallocation
nvme-pci: fix conflicting p2p resource adds
arm64: makefile fix build of .i file in external module case
tools/power turbosat: fix AMD APIC-id output
mm: handle no memcg case in memcg_kmem_charge() properly
ocfs2: without quota support, avoid calling quota recovery
ocfs2: don't use iocb when EIOCBQUEUED returns
ocfs2: don't put and assigning null to bh allocated outside
ocfs2: fix clusters leak in ocfs2_defrag_extent()
net: do not abort bulk send on BQL status
sched/topology: Fix off by one bug
sched/fair: Don't increase sd->balance_interval on newidle balance
openvswitch: fix linking without CONFIG_NF_CONNTRACK_LABELS
ARM: dts: imx6sx-sdb: Fix enet phy regulator
clk: sunxi-ng: enable so-said LDOs for A64 SoC's pll-mipi clock
soc: bcm: brcmstb: Fix re-entry point with a THUMB2_KERNEL
audit: print empty EXECVE args
sock_diag: fix autoloading of the raw_diag module
net: bpfilter: fix iptables failure if bpfilter_umh is disabled
nds32: Fix bug in bitfield.h
media: ov13858: Check for possible null pointer
btrfs: avoid link error with CONFIG_NO_AUTO_INLINE
wil6210: fix debugfs memory access alignment
wil6210: fix L2 RX status handling
wil6210: fix RGF_CAF_ICR address for Talyn-MB
wil6210: fix locking in wmi_call
ath10k: snoc: fix unbalanced clock error handling
wlcore: Fix the return value in case of error in 'wlcore_vendor_cmd_smart_config_start()'
rtl8xxxu: Fix missing break in switch
brcmsmac: never log "tid x is not agg'able" by default
wireless: airo: potential buffer overflow in sprintf()
rtlwifi: rtl8192de: Fix misleading REG_MCUFWDL information
net: dsa: bcm_sf2: Turn on PHY to allow successful registration
scsi: mpt3sas: Fix Sync cache command failure during driver unload
scsi: mpt3sas: Don't modify EEDPTagMode field setting on SAS3.5 HBA devices
scsi: mpt3sas: Fix driver modifying persistent data in Manufacturing page11
scsi: megaraid_sas: Fix msleep granularity
scsi: megaraid_sas: Fix goto labels in error handling
scsi: lpfc: fcoe: Fix link down issue after 1000+ link bounces
scsi: lpfc: Fix odd recovery in duplicate FLOGIs in point-to-point
scsi: lpfc: Correct loss of fc4 type on remote port address change
usb: typec: tcpm: charge current handling for sink during hard reset
dlm: fix invalid free
dlm: don't leak kernel pointer to userspace
vrf: mark skb for multicast or link-local as enslaved to VRF
clk: tegra20: Turn EMC clock gate into divider
ACPICA: Use %d for signed int print formatting instead of %u
net: bcmgenet: return correct value 'ret' from bcmgenet_power_down
of: unittest: allow base devicetree to have symbol metadata
of: unittest: initialize args before calling of_*parse_*()
tools: bpftool: pass an argument to silence open_obj_pinned()
cfg80211: Prevent regulatory restore during STA disconnect in concurrent interfaces
pinctrl: qcom: spmi-gpio: fix gpio-hog related boot issues
pinctrl: bcm2835: Use define directive for BCM2835_PINCONF_PARAM_PULL
pinctrl: lpc18xx: Use define directive for PIN_CONFIG_GPIO_PIN_INT
pinctrl: zynq: Use define directive for PIN_CONFIG_IO_STANDARD
PCI: keystone: Use quirk to limit MRRS for K2G
nvme-pci: fix surprise removal
spi: omap2-mcspi: Fix DMA and FIFO event trigger size mismatch
i2c: uniphier-f: fix timeout error after reading 8 bytes
mm/memory_hotplug: Do not unlock when fails to take the device_hotplug_lock
ipv6: Fix handling of LLA with VRF and sockets bound to VRF
cfg80211: call disconnect_wk when AP stops
mm/page_io.c: do not free shared swap slots
Bluetooth: Fix invalid-free in bcsp_close()
KVM: MMU: Do not treat ZONE_DEVICE pages as being reserved
ath10k: Fix a NULL-ptr-deref bug in ath10k_usb_alloc_urb_from_pipe
ath9k_hw: fix uninitialized variable data
md/raid10: prevent access of uninitialized resync_pages offset
mm/memory_hotplug: don't access uninitialized memmaps in shrink_zone_span()
net: phy: dp83867: fix speed 10 in sgmii mode
net: phy: dp83867: increase SGMII autoneg timer duration
ocfs2: remove ocfs2_is_o2cb_active()
ARM: 8904/1: skip nomap memblocks while finding the lowmem/highmem boundary
ARC: perf: Accommodate big-endian CPU
x86/insn: Fix awk regexp warnings
x86/speculation: Fix incorrect MDS/TAA mitigation status
x86/speculation: Fix redundant MDS mitigation message
nbd: prevent memory leak
y2038: futex: Move compat implementation into futex.c
futex: Prevent robust futex exit race
ALSA: usb-audio: Fix NULL dereference at parsing BADD
nfc: port100: handle command failure cleanly
media: vivid: Set vid_cap_streaming and vid_out_streaming to true
media: vivid: Fix wrong locking that causes race conditions on streaming stop
media: usbvision: Fix races among open, close, and disconnect
cpufreq: Add NULL checks to show() and store() methods of cpufreq
media: uvcvideo: Fix error path in control parsing failure
media: b2c2-flexcop-usb: add sanity checking
media: cxusb: detect cxusb_ctrl_msg error in query
media: imon: invalid dereference in imon_touch_event
virtio_ring: fix return code on DMA mapping fails
USBIP: add config dependency for SGL_ALLOC
usbip: tools: fix fd leakage in the function of read_attr_usbip_status
usbip: Fix uninitialized symbol 'nents' in stub_recv_cmd_submit()
usb-serial: cp201x: support Mark-10 digital force gauge
USB: chaoskey: fix error case of a timeout
appledisplay: fix error handling in the scheduled work
USB: serial: mos7840: add USB ID to support Moxa UPort 2210
USB: serial: mos7720: fix remote wakeup
USB: serial: mos7840: fix remote wakeup
USB: serial: option: add support for DW5821e with eSIM support
USB: serial: option: add support for Foxconn T77W968 LTE modules
staging: comedi: usbduxfast: usbduxfast_ai_cmdtest rounding error
powerpc/64s: support nospectre_v2 cmdline option
powerpc/book3s64: Fix link stack flush on context switch
KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel
PM / devfreq: Fix kernel oops on governor module load
Linux 4.19.87
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Id8c8d4cd92227f8f46c48c05440e09da957fa687
commit d791cfcbf98191122af70b053a21075cb450d119 upstream.
When we hot unplug a virtserialport and then try to hot plug again,
it fails:
(qemu) chardev-add socket,id=serial0,path=/tmp/serial0,server,nowait
(qemu) device_add virtserialport,bus=virtio-serial0.0,nr=2,\
chardev=serial0,id=serial0,name=serial0
(qemu) device_del serial0
(qemu) device_add virtserialport,bus=virtio-serial0.0,nr=2,\
chardev=serial0,id=serial0,name=serial0
kernel error:
virtio-ports vport2p2: Error allocating inbufs
qemu error:
virtio-serial-bus: Guest failure in adding port 2 for device \
virtio-serial0.0
This happens because buffers for the in_vq are allocated when the port is
added but are not released when the port is unplugged.
They are only released when virtconsole is removed (see a7a69ec0d8)
To avoid the problem and to be symmetric, we could allocate all the buffers
in init_vqs() as they are released in remove_vqs(), but it sounds like
a waste of memory.
Rather than that, this patch changes add_port() logic to ignore ENOSPC
error in fill_queue(), which means queue has already been filled.
Fixes: a7a69ec0d8 ("virtio_console: free buffers after reset")
Cc: mst@redhat.com
Cc: stable@vger.kernel.org
Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl3VfEoACgkQONu9yGCS
aT7vHRAAv3fZQ5+Rn0zn0cgYsgG5OGbtHL01aJB99g2Dgf/VmB3OrB2rx+ZF7WVw
Uakab5XZp6rLSxG4LNQy7jjIuxADdDab5xWTlhqpEHVydsFC9IOktT91DW2luf8Y
Xyr8q7sQIS7eV67NkUnUSqri1IdsRNB5qeWmhC0l6+PSuQrk+WF0y5B4TtrjF5Er
GjYTq9RTJh7/luFKUSmxN8+TIwo4uY15b3oqX75LMPObzbH+c5iqp5QiHJh/BQ7/
awf7kxlMay0V/hPRmGomHxX70TgHTF2er0b+HyJwf1OX0zgKycsztWZT+p7qN+DT
yjPWwYJ3kGs/7GwZL7HNhk8p/3aDf9HFHFvbVSty63wgZ8dfo4EuXZ9YfWa+lfI8
Kn4wKeynUvrvNLH9iYug/XuEPjXysQeSlBaL4pZTPTWtipu1MP0OpR05l8UzO2cO
lqWgf0Y7wsunZBeyCLkWd9TCO7gd1s7csdkJAy37rG7mCjN3p83NeMznLlj+H4I8
MHlcAWdlxlWWitKohi0kr/VYiHmhBVsOZu4rQmuCBWuo++HrWwn7XaGBzYsP8Eku
7ZNaS5oJFAjBzKnQxp8i3mgE8ifODuokgPISImyyRWidedfoHcv6Kr+pdEoQ+gjk
nL5xwqKAMsh/vMyxVmetzytULHtvBqJelquzQcfnanyEvBoS46Q=
=EUxi
-----END PGP SIGNATURE-----
Merge 4.19.85 into android-4.19
Changes in 4.19.85
KVM: x86: introduce is_pae_paging
MIPS: BCM63XX: fix switch core reset on BCM6368
scsi: core: Handle drivers which set sg_tablesize to zero
ax88172a: fix information leak on short answers
ipmr: Fix skb headroom in ipmr_get_route().
net: gemini: add missed free_netdev
net: usb: qmi_wwan: add support for Foxconn T77W968 LTE modules
slip: Fix memory leak in slip_open error path
ALSA: usb-audio: Fix missing error check at mixer resolution test
ALSA: usb-audio: not submit urb for stopped endpoint
ALSA: usb-audio: Fix incorrect NULL check in create_yamaha_midi_quirk()
ALSA: usb-audio: Fix incorrect size check for processing/extension units
Btrfs: fix log context list corruption after rename exchange operation
Input: ff-memless - kill timer in destroy()
Input: synaptics-rmi4 - fix video buffer size
Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver
Input: synaptics-rmi4 - do not consume more data than we have (F11, F12)
Input: synaptics-rmi4 - clear IRQ enables for F54
Input: synaptics-rmi4 - destroy F54 poller workqueue when removing
IB/hfi1: Ensure full Gen3 speed in a Gen4 system
IB/hfi1: Use a common pad buffer for 9B and 16B packets
i2c: acpi: Force bus speed to 400KHz if a Silead touchscreen is present
ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable
ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either
net: ethernet: dwmac-sun8i: Use the correct function in exit path
iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros
mm: mempolicy: fix the wrong return value and potential pages leak of mbind
mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm()
mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup()
mmc: sdhci-of-at91: fix quirk2 overwrite
iio: adc: max9611: explicitly cast gain_selectors
tee: optee: take DT status property into account
ath10k: fix kernel panic by moving pci flush after napi_disable
iio: dac: mcp4922: fix error handling in mcp4922_write_raw
clk: sunxi-ng: h6: fix PWM gate/reset offset
soundwire: Initialize completion for defer messages
soundwire: intel: Fix uninitialized adev deref
arm64: dts: allwinner: a64: Orange Pi Win: Fix SD card node
arm64: dts: allwinner: a64: Olinuxino: fix DRAM voltage
arm64: dts: allwinner: a64: NanoPi-A64: Fix DCDC1 voltage
ALSA: pcm: signedness bug in snd_pcm_plug_alloc()
soc/tegra: pmc: Fix pad voltage configuration for Tegra186
arm64: dts: tegra210-p2180: Correct sdmmc4 vqmmc-supply
y2038: make do_gettimeofday() and get_seconds() inline
ARM: dts: rcar: Correct SATA device sizes to 2 MiB
ARM: dts: at91/trivial: Fix USART1 definition for at91sam9g45
rtc: sysfs: fix NULL check in rtc_add_groups()
rtc: rv8803: fix the rv8803 id in the OF table
remoteproc/davinci: Use %zx for formating size_t
extcon: cht-wc: Return from default case to avoid warnings
cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set
ALSA: seq: Do error checks at creating system ports
ath10k: skip resetting rx filter for WCN3990
ath9k: fix tx99 with monitor mode interface
wil6210: drop Rx multicast packets that are looped-back to STA
wil6210: set edma variables only for Talyn-MB devices
wil6210: prevent usage of tx ring 0 for eDMA
wil6210: fix invalid memory access for rx_buff_mgmt debugfs
ath10k: limit available channels via DT ieee80211-freq-limit
ice: Update request resource command to latest specification
ice: Prevent control queue operations during reset
gfs2: Don't set GFS2_RDF_UPTODATE when the lvb is updated
ice: Fix and update driver version string
ASoC: dapm: Don't fail creating new DAPM control on NULL pinctrl
ASoC: dpcm: Properly initialise hw->rate_max
ASoC: meson: axg-fifo: report interrupt request failure
ASoC: AMD: Change MCLK to 48Mhz
pinctrl: ingenic: Probe driver at subsys_initcall
MIPS: BCM47XX: Enable USB power on Netgear WNDR3400v3
ARM: dts: exynos: Use i2c-gpio for HDMI-DDC on Arndale
ARM: dts: exynos: Fix HDMI-HPD line handling on Arndale
ARM: dts: exynos: Fix sound in Snow-rev5 Chromebook
liquidio: fix race condition in instruction completion processing
arm64: dts: stratix10: i2c clock running out of spec
ARM: dts: exynos: Fix regulators configuration on Peach Pi/Pit Chromebooks
i40evf: Validate the number of queues a PF sends
i40e: use correct length for strncpy
i40evf: set IFF_UNICAST_FLT flag for the VF
i40e: Check and correct speed values for link on open
i40evf: Don't enable vlan stripping when rx offload is turned on
i40e: hold the rtnl lock on clearing interrupt scheme
i40evf: cancel workqueue sync for adminq when a VF is removed
i40e: Prevent deleting MAC address from VF when set by PF
IB/rxe: avoid back-to-back retries
IB/rxe: fixes for rdma read retry
iwlwifi: drop packets with bad status in CD
iwlwifi: don't WARN on trying to dump dead firmware
iwlwifi: mvm: avoid sending too many BARs
media: vicodec: fix out-of-range values when decoding
media: i2c: Fix pm_runtime_get_if_in_use() usage in sensor drivers
media: ov772x: Disable clk on error path
ARM: dts: pxa: fix the rtc controller
ARM: dts: pxa: fix power i2c base address
rtl8187: Fix warning generated when strncpy() destination length matches the sixe argument
mwifiex: do no submit URB in suspended state
mwifex: free rx_cmd skb in suspended state
brcmfmac: fix wrong strnchr usage
mt76: Fix comparisons with invalid hardware key index
soc: imx: gpc: fix PDN delay
ASoC: rsnd: ssi: Fix issue in dma data address assignment
net: hns3: Fix for multicast failure
net: hns3: Fix error of checking used vlan id
net: hns3: Fix for loopback selftest failed problem
net: hns3: Change the dst mac addr of loopback packet
net/mlx5: Fix atomic_mode enum values
net: phy: mscc: read 'vsc8531,vddmac' as an u32
net: phy: mscc: read 'vsc8531, edge-slowdown' as an u32
ARM: dts: meson8: fix the clock controller register size
ARM: dts: meson8b: fix the clock controller register size
mtd: rawnand: marvell: use regmap_update_bits() for syscon access
mtd: rawnand: fsl_ifc: check result of SRAM initialization
mtd: rawnand: fsl_ifc: fixup SRAM init for newer ctrl versions
mtd: rawnand: qcom: don't include dma-direct.h
IB/mlx5: Change TX affinity assignment in RoCE LAG mode
qxl: fix null-pointer crash during suspend
mac80211: fix saving a few HE values
cfg80211: validate wmm rule when setting
f2fs: avoid wrong decrypted data from disk
net: lan78xx: Bail out if lan78xx_get_endpoints fails
rtnetlink: move type calculation out of loop
ASoC: sgtl5000: avoid division by zero if lo_vag is zero
ath10k: avoid possible memory access violation
ARM: dts: exynos: Disable pull control for S5M8767 PMIC
ath10k: wmi: disable softirq's while calling ieee80211_rx
i2c: mediatek: Use DMA safe buffers for i2c transactions
IB/mlx5: Don't hold spin lock while checking device state
IB/ipoib: Ensure that MTU isn't less than minimum permitted
RDMA/core: Rate limit MAD error messages
RDMA/core: Follow correct unregister order between sysfs and cgroup
mips: txx9: fix iounmap related issue
udf: Fix crash during mount
ASoC: dapm: Avoid uninitialised variable warning
ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation
ata: Disable AHCI ALPM feature for Ampere Computing eMAG SATA
of: make PowerMac cache node search conditional on CONFIG_PPC_PMAC
ARM: dts: omap3-gta04: give spi_lcd node a label so that we can overwrite in other DTS files
ARM: dts: omap3-gta04: fixes for tvout / venc
ARM: dts: omap3-gta04: tvout: enable as display1 alias
ARM: dts: omap3-gta04: fix touchscreen tsc2007
ARM: dts: omap3-gta04: make NAND partitions compatible with recent U-Boot
ARM: dts: omap3-gta04: keep vpll2 always on
f2fs: submit bio after shutdown
failover: Fix error return code in net_failover_create
sched/debug: Explicitly cast sched_feat() to bool
sched/debug: Use symbolic names for task state constants
firmware: arm_scmi: use strlcpy to ensure NULL-terminated strings
arm64: dts: rockchip: Fix VCC5V0_HOST_EN on rk3399-sapphire
ARM: dts: exynos: Disable pull control for PMIC IRQ line on Artik5 board
usb: mtu3: disable vbus rise/fall interrupts of ltssm
dmaengine: dma-jz4780: Don't depend on MACH_JZ4780
dmaengine: dma-jz4780: Further residue status fix
EDAC, sb_edac: Return early on ADDRV bit and address type test
rtc: mt6397: fix possible race condition
rtc: pl030: fix possible race condition
ath9k: add back support for using active monitor interfaces for tx99
dmaengine: at_xdmac: remove a stray bottom half unlock
RDMA/hns: Fix an error code in hns_roce_v2_init_eq_table()
IB/hfi1: Missing return value in error path for user sdma
signal: Always ignore SIGKILL and SIGSTOP sent to the global init
signal: Properly deliver SIGILL from uprobes
signal: Properly deliver SIGSEGV from x86 uprobes
f2fs: fix memory leak of write_io in fill_super()
f2fs: fix memory leak of percpu counter in fill_super()
f2fs: fix setattr project check upon fssetxattr ioctl
scsi: qla2xxx: Use correct qpair for ABTS/CMD
scsi: qla2xxx: Fix iIDMA error
scsi: qla2xxx: Defer chip reset until target mode is enabled
scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0
scsi: qla2xxx: Fix deadlock between ATIO and HW lock
scsi: qla2xxx: Increase abort timeout value
scsi: qla2xxx: Check for Register disconnect
scsi: qla2xxx: Fix port speed display on chip reset
scsi: qla2xxx: Fix dropped srb resource.
scsi: qla2xxx: Fix duplicate switch's Nport ID entries
scsi: lpfc: Fix GFT_ID and PRLI logic for RSCN
scsi: lpfc: Correct invalid EQ doorbell write on if_type=6
scsi: lpfc: Fix errors in log messages.
scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir()
ARM: imx6: register pm_power_off handler if "fsl,pmic-stby-poweroff" is set
scsi: pm80xx: Corrected dma_unmap_sg() parameter
scsi: pm80xx: Fixed system hang issue during kexec boot
kprobes: Don't call BUG_ON() if there is a kprobe in use on free list
net: aquantia: fix hw_atl_utils_fw_upload_dwords
Drivers: hv: vmbus: Fix synic per-cpu context initialization
nvmem: core: return error code instead of NULL from nvmem_device_get
media: dt-bindings: adv748x: Fix decimal unit addresses
ALSA: hda: Fix implicit definition of pci_iomap() on SH
media: fix: media: pci: meye: validate offset to avoid arbitrary access
media: dvb: fix compat ioctl translation
net: bcmgenet: Fix speed selection for reverse MII
arm64: dts: meson: libretech: update board model
arm64: dts: meson-axg: use the proper compatible for ethmac
ALSA: intel8x0m: Register irq handler after register initializations
arm64: dts: renesas: salvator-common: adv748x: Override secondary addresses
arm64: dts: renesas: r8a77965: Attach the SYS-DMAC to the IPMMU
arm64: dts: renesas: r8a77965: Fix HS-USB compatible
arm64: dts: renesas: r8a77965: Fix clock/reset for usb2_phy1
pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map()
llc: avoid blocking in llc_sap_close()
ARM: dts: qcom: ipq4019: fix cpu0's qcom,saw2 reg value
soc: qcom: geni: Don't ignore clk_round_rate() errors in geni_se_clk_tbl_get()
soc: qcom: geni: geni_se_clk_freq_match() should always accept multiples
soc: qcom: wcnss_ctrl: Avoid string overflow
soc: qcom: apr: Avoid string overflow
drivers: qcom: rpmh-rsc: clear wait_for_compl after use
arm64: dts: broadcom: Fix I2C and SPI bus warnings
ARM: dts: bcm: Fix SPI bus warnings
ARM: dts: aspeed: Fix I2C bus warnings
powerpc/vdso: Correct call frame information
ARM: dts: socfpga: Fix I2C bus unit-address error
ARM: dts: sunxi: Fix I2C bus warnings
pinctrl: at91: don't use the same irqchip with multiple gpiochips
ARM: dts: sun9i: Fix I2C bus warnings
android: binder: no outgoing transaction when thread todo has transaction
cxgb4: Fix endianness issue in t4_fwcache()
arm64: fix for bad_mode() handler to always result in panic
block, bfq: inject other-queue I/O into seeky idle queues on NCQ flash
blok, bfq: do not plug I/O if all queues are weight-raised
arm64: dts: meson: Fix erroneous SPI bus warnings
power: supply: ab8500_fg: silence uninitialized variable warnings
power: reset: at91-poweroff: do not procede if at91_shdwc is allocated
power: supply: max8998-charger: Fix platform data retrieval
component: fix loop condition to call unbind() if bind() fails
kernfs: Fix range checks in kernfs_get_target_path
ip_gre: fix parsing gre header in ipgre_err
scsi: ufshcd: Fix NULL pointer dereference for in ufshcd_init
ARM: dts: rockchip: Fix erroneous SPI bus dtc warnings on rk3036
arm64: dts: rockchip: Fix I2C bus unit-address error on rk3399-puma-haikou
ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask
netfilter: nf_tables: avoid BUG_ON usage
ath9k: Fix a locking bug in ath9k_add_interface()
s390/qeth: uninstall IRQ handler on device removal
s390/qeth: invoke softirqs after napi_schedule()
media: vsp1: Fix vsp1_regs.h license header
media: vsp1: Fix YCbCr planar formats pitch calculation
media: ov2680: don't register the v4l2 subdevice before checking chip ID
PCI/ACPI: Correct error message for ASPM disabling
net: socionext: Fix two sleep-in-atomic-context bugs in ave_rxfifo_reset()
PCI: mediatek: Fix unchecked return value
ARM: dts: xilinx: Fix I2C and SPI bus warnings
serial: uartps: Fix suspend functionality
serial: samsung: Enable baud clock for UART reset procedure in resume
serial: mxs-auart: Fix potential infinite loop
tty: serial: qcom_geni_serial: Fix serial when not used as console
arm64: dts: ti: k3-am65: Change #address-cells and #size-cells of interconnect to 2
samples/bpf: fix a compilation failure
spi/bcm63xx-hsspi: keep pll clk enabled
spi: mediatek: Don't modify spi_transfer when transfer.
ASoC: rt5682: Fix the boost volume at the begining of playback
ipmi_si_pci: fix NULL device in ipmi_si error message
ipmi_si: fix potential integer overflow on large shift
ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address
ipmi: fix return value of ipmi_set_my_LUN
net: hns3: fix return type of ndo_start_xmit function
net: cavium: fix return type of ndo_start_xmit function
net: ibm: fix return type of ndo_start_xmit function
powerpc/iommu: Avoid derefence before pointer check
selftests/powerpc: Do not fail with reschedule
powerpc/64s/hash: Fix stab_rr off by one initialization
powerpc/pseries/memory-hotplug: Only update DT once per memory DLPAR request
powerpc/pseries: Disable CPU hotplug across migrations
powerpc: Fix duplicate const clang warning in user access code
RDMA/i40iw: Fix incorrect iterator type
ARM: dts: atmel: Fix I2C and SPI bus warnings
OPP: Protect dev_list with opp_table lock
of/unittest: Fix I2C bus unit-address error
libfdt: Ensure INT_MAX is defined in libfdt_env.h
power: supply: twl4030_charger: fix charging current out-of-bounds
power: supply: twl4030_charger: disable eoc interrupt on linear charge
net: mvpp2: fix the number of queues per cpu for PPv2.2
net: marvell: fix return type of ndo_start_xmit function
net: toshiba: fix return type of ndo_start_xmit function
net: xilinx: fix return type of ndo_start_xmit function
net: broadcom: fix return type of ndo_start_xmit function
net: amd: fix return type of ndo_start_xmit function
net: sun: fix return type of ndo_start_xmit function
net: hns3: Fix for setting speed for phy failed problem
net: hns3: Fix cmdq registers initialization issue for vf
net: hns3: Clear client pointer when initialize client failed or unintialize finished
net: hns3: Fix client initialize state issue when roce client initialize failed
net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg()
nfp: provide a better warning when ring allocation fails
usb: chipidea: imx: enable OTG overcurrent in case USB subsystem is already started
usb: chipidea: Fix otg event handler
usb: usbtmc: Fix ioctl USBTMC_IOCTL_ABORT_BULK_OUT
s390/zcrypt: enable AP bus scan without a valid default domain
s390/vdso: avoid 64-bit vdso mapping for compat tasks
s390/vdso: correct CFI annotations of vDSO functions
brcmfmac: increase buffer for obtaining firmware capabilities
brcmsmac: Use kvmalloc() for ucode allocations
mlxsw: spectrum: Init shaper for TCs 8..15
PCI: portdrv: Initialize service drivers directly
ARM: dts: am335x-evm: fix number of cpsw
ARM: dts: ti: Fix SPI and I2C bus warnings
f2fs: avoid infinite loop in f2fs_alloc_nid
f2fs: fix to recover inode's uid/gid during POR
ARM: dts: ux500: Correct SCU unit address
ARM: dts: ux500: Fix LCDA clock line muxing
ARM: dts: ste: Fix SPI controller node names
spi: pic32: Use proper enum in dmaengine_prep_slave_rg
crypto: chacha20 - Fix chacha20_block() keystream alignment (again)
cpufeature: avoid warning when compiling with clang
crypto: arm/crc32 - avoid warning when compiling with Clang
ARM: dts: marvell: Fix SPI and I2C bus warnings
x86/mce-inject: Reset injection struct after injection
ARM: dts: stm32: enable display on stm32mp157c-ev1 board
ARM: dts: clearfog: fix sdhci supply property name
ARM: dts: stm32: Fix SPI controller node names
bnx2x: Ignore bandwidth attention in single function mode
PCI/AER: Take reference on error devices
PCI/AER: Don't read upstream ports below fatal errors
PCI/ERR: Use slot reset if available
samples/bpf: fix compilation failure
net: phy: mdio-bcm-unimac: Allow configuring MDIO clock divider
net: micrel: fix return type of ndo_start_xmit function
net: freescale: fix return type of ndo_start_xmit function
x86/CPU: Use correct macros for Cyrix calls
x86/CPU: Change query logic so CPUID is enabled before testing
EDAC: Correct DIMM capacity unit symbol
MIPS: kexec: Relax memory restriction
arm64: dts: rockchip: Fix microSD in rk3399 sapphire board
mlxsw: Make MLXSW_SP1_FWREV_MINOR a hard requirement
media: imx: work around false-positive warning, again
media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init()
media: au0828: Fix incorrect error messages
media: davinci: Fix implicit enum conversion warning
ARM: dts: rockchip: explicitly set vcc_sd0 pin to gpio on rk3188-radxarock
usb: gadget: uvc: configfs: Drop leaked references to config items
usb: gadget: uvc: configfs: Prevent format changes after linking header
usb: gadget: uvc: configfs: Sort frame intervals upon writing
ARM: dts: exynos: Correct audio subsystem parent clock on Peach Chromebooks
i2c: aspeed: fix invalid clock parameters for very large divisors
gpiolib: Fix gpio_direction_* for single direction GPIOs
ARM: at91: pm: call put_device instead of of_node_put in at91_pm_config_ws
phy: brcm-sata: allow PHY_BRCM_SATA driver to be built for DSL SoCs
phy: renesas: rcar-gen3-usb2: fix vbus_ctrl for role sysfs
phy: phy-twl4030-usb: fix denied runtime access
ARM: dts: imx6ull: update vdd_soc voltage for 900MHz operating point
usb: gadget: uvc: Factor out video USB request queueing
usb: gadget: uvc: Only halt video streaming endpoint in bulk mode
coresight: Use ERR_CAST instead of ERR_PTR
coresight: Fix handling of sinks
coresight: perf: Fix per cpu path management
coresight: perf: Disable trace path upon source error
coresight: tmc-etr: Handle driver mode specific ETR buffers
coresight: etm4x: Configure EL2 exception level when kernel is running in HYP
coresight: tmc: Fix byte-address alignment for RRP
coresight: dynamic-replicator: Handle multiple connections
slimbus: ngd: register ngd driver only once.
slimbus: ngd: return proper error code instead of zero
silmbus: ngd: register controller after power up.
misc: kgdbts: Fix restrict error
misc: genwqe: should return proper error value.
vmbus: keep pointer to ring buffer page
vfio/pci: Fix potential memory leak in vfio_msi_cap_len
vfio/pci: Mask buggy SR-IOV VF INTx support
iw_cxgb4: Use proper enumerated type in c4iw_bar2_addrs
scsi: libsas: always unregister the old device if going to discover new
f2fs: fix remount problem of option io_bits
phy: lantiq: Fix compile warning
arm64: dts: fsl: Fix I2C and SPI bus warnings
ARM: dts: imx51-zii-rdu1: Fix the rtc compatible string
arm64: tegra: I2C on Tegra194 is not compatible with Tegra114
ARM: dts: tegra30: fix xcvr-setup-use-fuses
ARM: dts: tegra20: restore address order
ARM: tegra: apalis_t30: fix mmc1 cmd pull-up
ARM: tegra: apalis_t30: fix mcp2515 can controller interrupt polarity
ARM: tegra: colibri_t30: fix mcp2515 can controller interrupt polarity
ARM: dts: paz00: fix wakeup gpio keycode
net: smsc: fix return type of ndo_start_xmit function
net: faraday: fix return type of ndo_start_xmit function
PCI/ERR: Run error recovery callbacks for all affected devices
f2fs: update i_size after DIO completion
f2fs: fix to recover inode's project id during POR
f2fs: mark inode dirty explicitly in recover_inode()
RDMA: Fix dependencies for rdma_user_mmap_io
EDAC: Raise the maximum number of memory controllers
ARM: dts: realview: Fix SPI controller node names
firmware: dell_rbu: Make payload memory uncachable
Bluetooth: hci_serdev: clear HCI_UART_PROTO_READY to avoid closing proto races
Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS
Bluetooth: btrsi: fix bt tx timeout issue
x86/hyperv: Suppress "PCI: Fatal: No config space access function found"
crypto: s5p-sss: Fix race in error handling
crypto: s5p-sss: Fix Fix argument list alignment
crypto: fix a memory leak in rsa-kcs1pad's encryption mode
iwlwifi: dbg: don't crash if the firmware crashes in the middle of a debug dump
iwlwifi: fix non_shared_ant for 22000 devices
iwlwifi: pcie: read correct prph address for newer devices
iwlwifi: api: annotate compressed BA notif array sizes
iwlwifi: pcie: gen2: build A-MSDU only for GSO
iwlwifi: pcie: fit reclaim msg to MAX_MSG_LEN
iwlwifi: mvm: use correct FIFO length
iwlwifi: mvm: Allow TKIP for AP mode
scsi: NCR5380: Clear all unissued commands on host reset
scsi: NCR5380: Have NCR5380_select() return a bool
scsi: NCR5380: Withhold disconnect privilege for REQUEST SENSE
scsi: NCR5380: Use DRIVER_SENSE to indicate valid sense data
scsi: NCR5380: Check for invalid reselection target
scsi: NCR5380: Don't clear busy flag when abort fails
scsi: NCR5380: Don't call dsprintk() following reselection interrupt
scsi: NCR5380: Handle BUS FREE during reselection
scsi: NCR5380: Check for bus reset
arm64: dts: amd: Fix SPI bus warnings
arm64: dts: lg: Fix SPI controller node names
ARM: dts: lpc32xx: Fix SPI controller node names
rtc: isl1208: avoid possible sysfs race
rtc: tx4939: fixup nvmem name and register size
rtc: armada38x: fix possible race condition
netfilter: masquerade: don't flush all conntracks if only one address deleted on device
usb: xhci-mtk: fix ISOC error when interval is zero
usb: usbtmc: uninitialized symbol 'actual' in usbtmc_ioctl_clear
fuse: use READ_ONCE on congestion_threshold and max_background
IB/iser: Fix possible NULL deref at iser_inv_desc()
media: ov2680: fix null dereference at power on
s390/vdso: correct vdso mapping for compat tasks
net: phy: mdio-bcm-unimac: mark PM functions as __maybe_unused
memfd: Use radix_tree_deref_slot_protected to avoid the warning.
slcan: Fix memory leak in error path
Linux 4.19.85
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I0857e66ee2cdd412cd736548a1395bf764a8ab0a
[ Upstream commit a5e9f557098e54af44ade5d501379be18435bfbf ]
In commit 9f480faec5 ("crypto: chacha20 - Fix keystream alignment for
chacha20_block()"), I had missed that chacha20_block() can be called
directly on the buffer passed to get_random_bytes(), which can have any
alignment. So, while my commit didn't break anything, it didn't fully
solve the alignment problems.
Revert my solution and just update chacha20_block() to use
put_unaligned_le32(), so the output buffer need not be aligned.
This is simpler, and on many CPUs it's the same speed.
But, I kept the 'tmp' buffers in extract_crng_user() and
_get_random_bytes() 4-byte aligned, since that alignment is actually
needed for _crng_backtrack_protect() too.
Reported-by: Stephan Müller <smueller@chronox.de>
Cc: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 060e8fb53fe3455568982d10ab8c3dd605565049 ]
Fixes gcc '-Wunused-but-set-variable' warning:
drivers/char/ipmi/ipmi_msghandler.c: In function 'ipmi_set_my_LUN':
drivers/char/ipmi/ipmi_msghandler.c:1335:13: warning:
variable 'rv' set but not used [-Wunused-but-set-variable]
int index, rv = 0;
'rv' should be the correct return value.
Fixes: 048f7c3e35 ("ipmi: Properly release srcu locks on error conditions")
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 1574608f5f4204440d6d9f52b971aba967664764 ]
Looking at logs from systems all over the place, it looks like tons
of broken systems exist that set the base address to zero. I can
only guess that is some sort of non-standard idea to mark the
interface as not being present. It can't be zero, anyway, so just
complain and ignore it.
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 97a103e6b584442cd848887ed8d47be2410b7e09 ]
Shifting unsigned char b by an int type can lead to sign-extension
overflow. For example, if b is 0xff and the shift is 24, then top
bit is sign-extended so the final value passed to writeq has all
the upper 32 bits set. Fix this by casting b to a 64 bit unsigned
before the shift.
Detected by CoverityScan, CID#1465246 ("Unintended sign extension")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 01508d9ebf4fc863f2fc4561c390bf4b7c3301a6 ]
I noticed that 4.17.0 logs the follwing during ipmi_si setup:
ipmi_si 0000:01:04.6: probing via PCI
(NULL device *): Could not setup I/O space
ipmi_si 0000:01:04.6: [mem 0xf5ef0000-0xf5ef00ff] regsize 1 spacing 1 irq 21
Fix the "NULL device *) by moving io.dev assignment before its potential
use by ipmi_pci_probe_regspacing().
Result:
ipmi_si 0000:01:04.6: probing via PCI
ipmi_si 0000:01:04.6: Could not setup I/O space
ipmi_si 0000:01:04.6: [mem 0xf5ef0000-0xf5ef00ff] regsize 1 spacing 1 irq 21
Signed-off-by: Meelis Roos <mroos@linux.ee>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl2bbnkACgkQONu9yGCS
aT6bng/+Jvj4gXLq2w+KmeN1SRbNu2ee+GjQsgQR6JZ3/dY5+rzPhuL37Op0fQd6
UwnLhY4TL3PUiRCE8pNaVYI8nDfpxRkohYP+SMtGyoQKmoiy3W/SWe3CgEwniLwg
k9TsuqxUsIUeEdSr6Bjbry0IU4VoZ3MP0cmMc1SrFUqJzFoGoUMHsHmQJvDPiy1f
l7oZUgYrXArcnPhCda6peD9AJUfuIRKAM4BW47WN6Z9moqAAAa60eXN/u/hHp+Qc
w55AZTSxel7CMbLDMnZ6/xWDgY/FHTLjkmhdIl9H6Qi8SbrJwq23zXnBO5xVameQ
4MaLIgrp7M5sohAVFdqAVZYyZrkX91ssVujYwc+I6O1TYdja1Usj2TzdyL/MPqzY
FLM9s3P0C3xKLdlg5gq9BxxnohIIhNmBy069NGsmfFd9jP2o6vFUEjiVxSY7Hp3r
GpZP1ETAfMNHCG3jN3o5EkwyLoQHegFWfLpCIEF++k9gjo2CP00+Lf16RVrSsG47
ILobFW5Wy4RXFyd7M8PrjSyuAtuzkUTzxg6P+6zuEtPwwvZPtadd97dGbA90pKvv
eB1UPHu8/emMhW/8fwDBbpeQbIh0pHtX2yQq/LTItEHGr+YjRTIyH3Z/fST5itre
ZDofsls4A+70TQ5/XOgjlDjco93iUs8KULDzQqvTFIuUIlvk3hQ=
=7fm2
-----END PGP SIGNATURE-----
Merge 4.19.78 into android-4.19
Changes in 4.19.78
tpm: use tpm_try_get_ops() in tpm-sysfs.c.
tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations
drm/bridge: tc358767: Increase AUX transfer length limit
drm/panel: simple: fix AUO g185han01 horizontal blanking
video: ssd1307fb: Start page range at page_offset
drm/stm: attach gem fence to atomic state
drm/panel: check failure cases in the probe func
drm/rockchip: Check for fast link training before enabling psr
drm/radeon: Fix EEH during kexec
gpu: drm: radeon: Fix a possible null-pointer dereference in radeon_connector_set_property()
PCI: rpaphp: Avoid a sometimes-uninitialized warning
ipmi_si: Only schedule continuously in the thread in maintenance mode
clk: qoriq: Fix -Wunused-const-variable
clk: sunxi-ng: v3s: add missing clock slices for MMC2 module clocks
drm/amd/display: fix issue where 252-255 values are clipped
drm/amd/display: reprogram VM config when system resume
powerpc/powernv/ioda2: Allocate TCE table levels on demand for default DMA window
clk: actions: Don't reference clk_init_data after registration
clk: sirf: Don't reference clk_init_data after registration
clk: sprd: Don't reference clk_init_data after registration
clk: zx296718: Don't reference clk_init_data after registration
powerpc/xmon: Check for HV mode when dumping XIVE info from OPAL
powerpc/rtas: use device model APIs and serialization during LPM
powerpc/futex: Fix warning: 'oldval' may be used uninitialized in this function
powerpc/pseries/mobility: use cond_resched when updating device tree
pinctrl: tegra: Fix write barrier placement in pmx_writel
powerpc/eeh: Clear stale EEH_DEV_NO_HANDLER flag
vfio_pci: Restore original state on release
drm/nouveau/volt: Fix for some cards having 0 maximum voltage
pinctrl: amd: disable spurious-firing GPIO IRQs
clk: renesas: mstp: Set GENPD_FLAG_ALWAYS_ON for clock domain
clk: renesas: cpg-mssr: Set GENPD_FLAG_ALWAYS_ON for clock domain
drm/amd/display: support spdif
drm/amdgpu/si: fix ASIC tests
powerpc/64s/exception: machine check use correct cfar for late handler
pstore: fs superblock limits
clk: qcom: gcc-sdm845: Use floor ops for sdcc clks
powerpc/pseries: correctly track irq state in default idle
pinctrl: meson-gxbb: Fix wrong pinning definition for uart_c
arm64: fix unreachable code issue with cmpxchg
clk: at91: select parent if main oscillator or bypass is enabled
powerpc: dump kernel log before carrying out fadump or kdump
mbox: qcom: add APCS child device for QCS404
clk: sprd: add missing kfree
scsi: core: Reduce memory required for SCSI logging
dma-buf/sw_sync: Synchronize signal vs syncpt free
ext4: fix potential use after free after remounting with noblock_validity
MIPS: Ingenic: Disable broken BTB lookup optimization.
MIPS: tlbex: Explicitly cast _PAGE_NO_EXEC to a boolean
i2c-cht-wc: Fix lockdep warning
mfd: intel-lpss: Remove D3cold delay
PCI: tegra: Fix OF node reference leak
HID: wacom: Fix several minor compiler warnings
livepatch: Nullify obj->mod in klp_module_coming()'s error path
ARM: 8898/1: mm: Don't treat faults reported from cache maintenance as writes
soundwire: intel: fix channel number reported by hardware
ARM: 8875/1: Kconfig: default to AEABI w/ Clang
rtc: snvs: fix possible race condition
rtc: pcf85363/pcf85263: fix regmap error in set_time
HID: apple: Fix stuck function keys when using FN
PCI: rockchip: Propagate errors for optional regulators
PCI: histb: Propagate errors for optional regulators
PCI: imx6: Propagate errors for optional regulators
PCI: exynos: Propagate errors for optional PHYs
security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb()
ARM: 8903/1: ensure that usable memory in bank 0 starts from a PMD-aligned address
fat: work around race with userspace's read via blockdev while mounting
pktcdvd: remove warning on attempting to register non-passthrough dev
hypfs: Fix error number left in struct pointer member
crypto: hisilicon - Fix double free in sec_free_hw_sgl()
kbuild: clean compressed initramfs image
ocfs2: wait for recovering done after direct unlock request
kmemleak: increase DEBUG_KMEMLEAK_EARLY_LOG_SIZE default to 16K
arm64: consider stack randomization for mmap base only when necessary
mips: properly account for stack randomization and stack guard gap
arm: properly account for stack randomization and stack guard gap
arm: use STACK_TOP when computing mmap base address
block: mq-deadline: Fix queue restart handling
bpf: fix use after free in prog symbol exposure
cxgb4:Fix out-of-bounds MSI-X info array access
erspan: remove the incorrect mtu limit for erspan
hso: fix NULL-deref on tty open
ipv6: drop incoming packets having a v4mapped source address
ipv6: Handle missing host route in __ipv6_ifa_notify
net: ipv4: avoid mixed n_redirects and rate_tokens usage
net: qlogic: Fix memory leak in ql_alloc_large_buffers
net: Unpublish sk from sk_reuseport_cb before call_rcu
nfc: fix memory leak in llcp_sock_bind()
qmi_wwan: add support for Cinterion CLS8 devices
rxrpc: Fix rxrpc_recvmsg tracepoint
sch_dsmark: fix potential NULL deref in dsmark_init()
udp: fix gso_segs calculations
vsock: Fix a lockdep warning in __vsock_release()
net: dsa: rtl8366: Check VLAN ID and not ports
udp: only do GSO if # of segs > 1
net/rds: Fix error handling in rds_ib_add_one()
xen-netfront: do not use ~0U as error return value for xennet_fill_frags()
tipc: fix unlimited bundling of small messages
sch_cbq: validate TCA_CBQ_WRROPT to avoid crash
soundwire: Kconfig: fix help format
soundwire: fix regmap dependencies and align with other serial links
Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set
smack: use GFP_NOFS while holding inode_smack::smk_lock
NFC: fix attrs checks in netlink interface
kexec: bail out upon SIGKILL when allocating memory.
9p/cache.c: Fix memory leak in v9fs_cache_session_get_cookie
Linux 4.19.78
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I02db9c4a0cc1f784e6ac1523599fcbed747a6375
[ Upstream commit 340ff31ab00bca5c15915e70ad9ada3030c98cf8 ]
ipmi_thread() uses back-to-back schedule() to poll for command
completion which, on some machines, can push up CPU consumption and
heavily tax the scheduler locks leading to noticeable overall
performance degradation.
This was originally added so firmware updates through IPMI would
complete in a timely manner. But we can't kill the scheduler
locks for that one use case.
Instead, only run schedule() continuously in maintenance mode,
where firmware updates should run.
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
commit 2677ca98ae377517930c183248221f69f771c921 upstream
Use tpm_try_get_ops() in tpm-sysfs.c so that we can consider moving
other decorations (locking, localities, power management for example)
inside it. This direction can be of course taken only after other call
sites for tpm_transmit() have been treated in the same way.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Tested-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com>
Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Tested-by: Alexander Steffen <Alexander.Steffen@infineon.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl2YehoACgkQONu9yGCS
aT536hAA0w6XF1ogPi23xS5BQ386c3BjWaOJddu0PFkR9utguuZaDG5AKjnkHtm2
foxKeCGyChCc1h6qFD2wLavsQMephzLWXkMw1/uXfwAPXGWY1hquD46zrFO0IYOc
dsmKh5V8ZT70lmPTBHCDVowp1xUczNFhuNRHz1KzVQ3lsKMAhsRiy6vpsXWzIeOM
VCrayI4jxTVZvoA9Odm9fTXpau0Qb9k4pqGGU84dz/xWfGzrz/AOmp+kWuZRGepS
fQi+46HK3idmGGNBVGkJYkDdpkefdrYdjlVHkkoAZHlaB+QaOrre0trNArK+knRu
jJIl8R/M50yYbkn97vVIpwoh19rV0BI7KUFKO4C4NCByOOV+9vjJ5g1FuZ7c3pmj
XKZiBmFBJVqbI1uwgqEn+/Tv6DyEz4gUzo5GHOe2i/Bh2nSguHZzO+Yhat1U+J+Y
3QVfrIS10jICWBAqm147FepGtNxbCPP3plyqbJdrMwgM6GOMd83v+rY/5okB2YK4
SHhzuevQoxujjeoOgHKjIqTiCIaJMt5ZvlCFqODg8NgpjTNDAbCA/UUQWs7MlrqX
6uwH2QLwk3h+bEXUfGzsbsk5isTDpHr1ch6SI9T675JHRZCE461RoR82XpjLOyHD
90tBJk9pfKlLqSEyiaWPPpXErhoS5WCVKM5yuT/rSS/i2Ve4VH4=
=Q+c9
-----END PGP SIGNATURE-----
Merge 4.19.77 into android-4.19
Changes in 4.19.77
arcnet: provide a buffer big enough to actually receive packets
cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize
macsec: drop skb sk before calling gro_cells_receive
net/phy: fix DP83865 10 Mbps HDX loopback disable function
net: qrtr: Stop rx_worker before freeing node
net/sched: act_sample: don't push mac header on ip6gre ingress
net_sched: add max len check for TCA_KIND
nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs
openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC
ppp: Fix memory leak in ppp_write
sch_netem: fix a divide by zero in tabledist()
skge: fix checksum byte order
usbnet: ignore endpoints with invalid wMaxPacketSize
usbnet: sanity checking of packet sizes and device mtu
net: sched: fix possible crash in tcf_action_destroy()
tcp: better handle TCP_USER_TIMEOUT in SYN_SENT state
net/mlx5: Add device ID of upcoming BlueField-2
mISDN: enforce CAP_NET_RAW for raw sockets
appletalk: enforce CAP_NET_RAW for raw sockets
ax25: enforce CAP_NET_RAW for raw sockets
ieee802154: enforce CAP_NET_RAW for raw sockets
nfc: enforce CAP_NET_RAW for raw sockets
nfp: flower: prevent memory leak in nfp_flower_spawn_phy_reprs
ALSA: hda: Flush interrupts on disabling
regulator: lm363x: Fix off-by-one n_voltages for lm3632 ldo_vpos/ldo_vneg
ASoC: tlv320aic31xx: suppress error message for EPROBE_DEFER
ASoC: sgtl5000: Fix of unmute outputs on probe
ASoC: sgtl5000: Fix charge pump source assignment
firmware: qcom_scm: Use proper types for dma mappings
dmaengine: bcm2835: Print error in case setting DMA mask fails
leds: leds-lp5562 allow firmware files up to the maximum length
media: dib0700: fix link error for dibx000_i2c_set_speed
media: mtk-cir: lower de-glitch counter for rc-mm protocol
media: exynos4-is: fix leaked of_node references
media: hdpvr: Add device num check and handling
media: i2c: ov5640: Check for devm_gpiod_get_optional() error
time/tick-broadcast: Fix tick_broadcast_offline() lockdep complaint
sched/fair: Fix imbalance due to CPU affinity
sched/core: Fix CPU controller for !RT_GROUP_SCHED
x86/apic: Make apic_pending_intr_clear() more robust
sched/deadline: Fix bandwidth accounting at all levels after offline migration
x86/reboot: Always use NMI fallback when shutdown via reboot vector IPI fails
x86/apic: Soft disable APIC before initializing it
ALSA: hda - Show the fatal CORB/RIRB error more clearly
ALSA: i2c: ak4xxx-adda: Fix a possible null pointer dereference in build_adc_controls()
EDAC/mc: Fix grain_bits calculation
media: iguanair: add sanity checks
base: soc: Export soc_device_register/unregister APIs
ALSA: usb-audio: Skip bSynchAddress endpoint check if it is invalid
ia64:unwind: fix double free for mod->arch.init_unw_table
EDAC/altera: Use the proper type for the IRQ status bits
ASoC: rsnd: don't call clk_get_rate() under atomic context
arm64/prefetch: fix a -Wtype-limits warning
md/raid1: end bio when the device faulty
md: don't call spare_active in md_reap_sync_thread if all member devices can't work
md: don't set In_sync if array is frozen
media: media/platform: fsl-viu.c: fix build for MICROBLAZE
ACPI / processor: don't print errors for processorIDs == 0xff
loop: Add LOOP_SET_DIRECT_IO to compat ioctl
EDAC, pnd2: Fix ioremap() size in dnv_rd_reg()
efi: cper: print AER info of PCIe fatal error
firmware: arm_scmi: Check if platform has released shmem before using
sched/fair: Use rq_lock/unlock in online_fair_sched_group
idle: Prevent late-arriving interrupts from disrupting offline
media: gspca: zero usb_buf on error
perf config: Honour $PERF_CONFIG env var to specify alternate .perfconfig
perf test vfs_getname: Disable ~/.perfconfig to get default output
media: mtk-mdp: fix reference count on old device tree
media: fdp1: Reduce FCP not found message level to debug
media: em28xx: modules workqueue not inited for 2nd device
media: rc: imon: Allow iMON RC protocol for ffdc 7e device
dmaengine: iop-adma: use correct printk format strings
perf record: Support aarch64 random socket_id assignment
media: vsp1: fix memory leak of dl on error return path
media: i2c: ov5645: Fix power sequence
media: omap3isp: Don't set streaming state on random subdevs
media: imx: mipi csi-2: Don't fail if initial state times-out
net: lpc-enet: fix printk format strings
m68k: Prevent some compiler warnings in Coldfire builds
ARM: dts: imx7d: cl-som-imx7: make ethernet work again
ARM: dts: imx7-colibri: disable HS400
media: radio/si470x: kill urb on error
media: hdpvr: add terminating 0 at end of string
ASoC: uniphier: Fix double reset assersion when transitioning to suspend state
tools headers: Fixup bitsperlong per arch includes
ASoC: sun4i-i2s: Don't use the oversample to calculate BCLK
led: triggers: Fix a memory leak bug
nbd: add missing config put
media: mceusb: fix (eliminate) TX IR signal length limit
media: dvb-frontends: use ida for pll number
posix-cpu-timers: Sanitize bogus WARNONS
media: dvb-core: fix a memory leak bug
libperf: Fix alignment trap with xyarray contents in 'perf stat'
EDAC/amd64: Recognize DRAM device type ECC capability
EDAC/amd64: Decode syndrome before translating address
PM / devfreq: passive: Use non-devm notifiers
PM / devfreq: exynos-bus: Correct clock enable sequence
media: cec-notifier: clear cec_adap in cec_notifier_unregister
media: saa7146: add cleanup in hexium_attach()
media: cpia2_usb: fix memory leaks
media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate()
perf trace beauty ioctl: Fix off-by-one error in cmd->string table
media: ov9650: add a sanity check
ASoC: es8316: fix headphone mixer volume table
ACPI / CPPC: do not require the _PSD method
sched/cpufreq: Align trace event behavior of fast switching
x86/apic/vector: Warn when vector space exhaustion breaks affinity
arm64: kpti: ensure patched kernel text is fetched from PoU
x86/mm/pti: Do not invoke PTI functions when PTI is disabled
ASoC: fsl_ssi: Fix clock control issue in master mode
x86/mm/pti: Handle unaligned address gracefully in pti_clone_pagetable()
nvmet: fix data units read and written counters in SMART log
nvme-multipath: fix ana log nsid lookup when nsid is not found
ALSA: firewire-motu: add support for MOTU 4pre
iommu/amd: Silence warnings under memory pressure
libata/ahci: Drop PCS quirk for Denverton and beyond
iommu/iova: Avoid false sharing on fq_timer_on
libtraceevent: Change users plugin directory
ARM: dts: exynos: Mark LDO10 as always-on on Peach Pit/Pi Chromebooks
ACPI: custom_method: fix memory leaks
ACPI / PCI: fix acpi_pci_irq_enable() memory leak
closures: fix a race on wakeup from closure_sync
hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap'
md/raid1: fail run raid1 array when active disk less than one
dmaengine: ti: edma: Do not reset reserved paRAM slots
kprobes: Prohibit probing on BUG() and WARN() address
s390/crypto: xts-aes-s390 fix extra run-time crypto self tests finding
x86/cpu: Add Tiger Lake to Intel family
platform/x86: intel_pmc_core: Do not ioremap RAM
ASoC: dmaengine: Make the pcm->name equal to pcm->id if the name is not set
raid5: don't set STRIPE_HANDLE to stripe which is in batch list
mmc: core: Clarify sdio_irq_pending flag for MMC_CAP2_SDIO_IRQ_NOTHREAD
mmc: sdhci: Fix incorrect switch to HS mode
mmc: core: Add helper function to indicate if SDIO IRQs is enabled
mmc: dw_mmc: Re-store SDIO IRQs mask at system resume
raid5: don't increment read_errors on EILSEQ return
libertas: Add missing sentinel at end of if_usb.c fw_table
e1000e: add workaround for possible stalled packet
ALSA: hda - Drop unsol event handler for Intel HDMI codecs
drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2)
media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()
ALSA: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93
iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems
btrfs: extent-tree: Make sure we only allocate extents from block groups with the same type
media: omap3isp: Set device on omap3isp subdevs
PM / devfreq: passive: fix compiler warning
iwlwifi: fw: don't send GEO_TX_POWER_LIMIT command to FW version 36
ALSA: firewire-tascam: handle error code when getting current source of clock
ALSA: firewire-tascam: check intermediate state of clock status and retry
scsi: scsi_dh_rdac: zero cdb in send_mode_select()
scsi: qla2xxx: Fix Relogin to prevent modifying scan_state flag
printk: Do not lose last line in kmsg buffer dump
IB/mlx5: Free mpi in mp_slave mode
IB/hfi1: Define variables as unsigned long to fix KASAN warning
randstruct: Check member structs in is_pure_ops_struct()
Revert "ceph: use ceph_evict_inode to cleanup inode's resource"
ceph: use ceph_evict_inode to cleanup inode's resource
ALSA: hda/realtek - PCI quirk for Medion E4254
blk-mq: add callback of .cleanup_rq
scsi: implement .cleanup_rq callback
powerpc/imc: Dont create debugfs files for cpu-less nodes
fuse: fix missing unlock_page in fuse_writepage()
parisc: Disable HP HSC-PCI Cards to prevent kernel crash
KVM: x86: always stop emulation on page fault
KVM: x86: set ctxt->have_exception in x86_decode_insn()
KVM: x86: Manually calculate reserved bits when loading PDPTRS
media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table
media: don't drop front-end reference count for ->detach
binfmt_elf: Do not move brk for INTERP-less ET_EXEC
ASoC: Intel: NHLT: Fix debug print format
ASoC: Intel: Skylake: Use correct function to access iomem space
ASoC: Intel: Fix use of potentially uninitialized variable
ARM: samsung: Fix system restart on S3C6410
ARM: zynq: Use memcpy_toio instead of memcpy on smp bring-up
Revert "arm64: Remove unnecessary ISBs from set_{pte,pmd,pud}"
arm64: tlb: Ensure we execute an ISB following walk cache invalidation
arm64: dts: rockchip: limit clock rate of MMC controllers for RK3328
alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP
regulator: Defer init completion for a while after late_initcall
efifb: BGRT: Improve efifb_bgrt_sanity_check
gfs2: clear buf_in_tr when ending a transaction in sweep_bh_for_rgrps
memcg, oom: don't require __GFP_FS when invoking memcg OOM killer
memcg, kmem: do not fail __GFP_NOFAIL charges
i40e: check __I40E_VF_DISABLE bit in i40e_sync_filters_subtask
block: fix null pointer dereference in blk_mq_rq_timed_out()
smb3: allow disabling requesting leases
ovl: Fix dereferencing possible ERR_PTR()
ovl: filter of trusted xattr results in audit
btrfs: fix allocation of free space cache v1 bitmap pages
Btrfs: fix use-after-free when using the tree modification log
btrfs: Relinquish CPUs in btrfs_compare_trees
btrfs: qgroup: Fix the wrong target io_tree when freeing reserved data space
btrfs: qgroup: Fix reserved data space leak if we have multiple reserve calls
Btrfs: fix race setting up and completing qgroup rescan workers
md/raid6: Set R5_ReadError when there is read failure on parity disk
md: don't report active array_state until after revalidate_disk() completes.
md: only call set_in_sync() when it is expected to succeed.
cfg80211: Purge frame registrations on iftype change
/dev/mem: Bail out upon SIGKILL.
ext4: fix warning inside ext4_convert_unwritten_extents_endio
ext4: fix punch hole for inline_data file systems
quota: fix wrong condition in is_quota_modification()
hwrng: core - don't wait on add_early_randomness()
i2c: riic: Clear NACK in tend isr
CIFS: fix max ea value size
CIFS: Fix oplock handling for SMB 2.1+ protocols
md/raid0: avoid RAID0 data corruption due to layout confusion.
fuse: fix deadlock with aio poll and fuse_iqueue::waitq.lock
mm/compaction.c: clear total_{migrate,free}_scanned before scanning a new zone
drm/amd/display: Restore backlight brightness after system resume
Linux 4.19.77
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I2c74f09f497a4b45b244a7dd263c5116533dfccb
commit 78887832e76541f77169a24ac238fccb51059b63 upstream.
add_early_randomness() is called by hwrng_register() when the
hardware is added. If this hardware and its module are present
at boot, and if there is no data available the boot hangs until
data are available and can't be interrupted.
For instance, in the case of virtio-rng, in some cases the host can be
not able to provide enough entropy for all the guests.
We can have two easy ways to reproduce the problem but they rely on
misconfiguration of the hypervisor or the egd daemon:
- if virtio-rng device is configured to connect to the egd daemon of the
host but when the virtio-rng driver asks for data the daemon is not
connected,
- if virtio-rng device is configured to connect to the egd daemon of the
host but the egd daemon doesn't provide data.
The guest kernel will hang at boot until the virtio-rng driver provides
enough data.
To avoid that, call rng_get_data() in non-blocking mode (wait=0)
from add_early_randomness().
Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Fixes: d9e7972619 ("hwrng: add randomness to system from rng...")
Cc: <stable@vger.kernel.org>
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 8619e5bdeee8b2c685d686281f2d2a6017c4bc15 upstream.
syzbot found that a thread can stall for minutes inside read_mem() or
write_mem() after that thread was killed by SIGKILL [1]. Reading from
iomem areas of /dev/mem can be slow, depending on the hardware.
While reading 2GB at one read() is legal, delaying termination of killed
thread for minutes is bad. Thus, allow reading/writing /dev/mem and
/dev/kmem to be preemptible and killable.
[ 1335.912419][T20577] read_mem: sz=4096 count=2134565632
[ 1335.943194][T20577] read_mem: sz=4096 count=2134561536
[ 1335.978280][T20577] read_mem: sz=4096 count=2134557440
[ 1336.011147][T20577] read_mem: sz=4096 count=2134553344
[ 1336.041897][T20577] read_mem: sz=4096 count=2134549248
Theoretically, reading/writing /dev/mem and /dev/kmem can become
"interruptible". But this patch chose "killable". Future patch will make
them "interruptible" so that we can revert to "killable" if some program
regressed.
[1] https://syzkaller.appspot.com/bug?id=a0e3436829698d5824231251fad9d8e998f94f5e
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Cc: stable <stable@vger.kernel.org>
Reported-by: syzbot <syzbot+8ab2d0f39fb79fe6ca40@syzkaller.appspotmail.com>
Link: https://lore.kernel.org/r/1566825205-10703-1-git-send-email-penguin-kernel@I-love.SAKURA.ne.jp
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl1/KiEACgkQONu9yGCS
aT49JBAAy7b3wv1WXAtg9wsyS1JL4HbMXt3YjtokIX+UpkznoqII4B85QftPBbiD
9zDuTWPjhrqKv1GsMkFRCqBVp5wGVik1MIbjVuKdstFN5W8KQybpbYnSW4T52+wS
cs6oOPkLydAfWzKeq+ekEeU8yr5dua+Ui3huundZ49wseJWQP3fh9T+ToUx8V/cr
tsLiRRgI0djj7KQWVuM1j8YGKT/6qk/UL0HMVZyoIdLmsxpLap+LWe0+CRXn8rvs
eJJlVQTVtYf/ySoHkpnwR12VsjRYjx6pNkm/GrebMCkM7wF/4RMqxk7j9EU0PENH
VUdRrUd+j/YPp6QzjSFMK0+0eb7Gm3X0FEN0IGZshu1r/CDnoj/7hqnBmOlYIbhv
pdteYaLqWq7JjAHu7vF+S4aNQRGpAZb05LsbTJ39Eu3FbdVTLXsAuUveZ7Y4/y0X
ri2M3d/sF/cjc3C+V7Y7h422SM36jSAK6496VAoRyqqjX/3JyROhgfU9NAMzVr83
4uI904z9lH4TZGOd5YQgX2VuOtBcGwa7+g6fy97u1tp8UxSWFZRGDDLRysF/dIJO
Wi51UK0Q7EWnqBTe0TFF6TjE5tC7R3ZgzqEQ1MU4eLI5mqokg82DAK4Ub2Wk5Qch
CGs5/d16OOrLtG2RoaOGz9UdQR7IHUXLSqkKbaEdstc16MXNXns=
=cmGh
-----END PGP SIGNATURE-----
Merge 4.19.73 into android-4.19
Changes in 4.19.73
ALSA: hda - Fix potential endless loop at applying quirks
ALSA: hda/realtek - Fix overridden device-specific initialization
ALSA: hda/realtek - Add quirk for HP Pavilion 15
ALSA: hda/realtek - Enable internal speaker & headset mic of ASUS UX431FL
ALSA: hda/realtek - Fix the problem of two front mics on a ThinkCentre
sched/fair: Don't assign runtime for throttled cfs_rq
drm/vmwgfx: Fix double free in vmw_recv_msg()
vhost/test: fix build for vhost test
vhost/test: fix build for vhost test - again
powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction
batman-adv: fix uninit-value in batadv_netlink_get_ifindex()
batman-adv: Only read OGM tvlv_len after buffer len check
hv_sock: Fix hang when a connection is closed
Blk-iolatency: warn on negative inflight IO counter
blk-iolatency: fix STS_AGAIN handling
{nl,mac}80211: fix interface combinations on crypto controlled devices
timekeeping: Use proper ktime_add when adding nsecs in coarse offset
selftests: fib_rule_tests: use pre-defined DEV_ADDR
x86/ftrace: Fix warning and considate ftrace_jmp_replace() and ftrace_call_replace()
powerpc/64: mark start_here_multiplatform as __ref
media: stm32-dcmi: fix irq = 0 case
arm64: dts: rockchip: enable usb-host regulators at boot on rk3328-rock64
scripts/decode_stacktrace: match basepath using shell prefix operator, not regex
riscv: remove unused variable in ftrace
nvme-fc: use separate work queue to avoid warning
clk: s2mps11: Add used attribute to s2mps11_dt_match
remoteproc: qcom: q6v5: shore up resource probe handling
modules: always page-align module section allocations
kernel/module: Fix mem leak in module_add_modinfo_attrs
drm/i915: Re-apply "Perform link quality check, unconditionally during long pulse"
media: cec/v4l2: move V4L2 specific CEC functions to V4L2
media: cec: remove cec-edid.c
scsi: qla2xxx: Move log messages before issuing command to firmware
keys: Fix the use of the C++ keyword "private" in uapi/linux/keyctl.h
Drivers: hv: kvp: Fix two "this statement may fall through" warnings
x86, hibernate: Fix nosave_regions setup for hibernation
remoteproc: qcom: q6v5-mss: add SCM probe dependency
drm/amdgpu/gfx9: Update gfx9 golden settings.
drm/amdgpu: Update gc_9_0 golden settings.
KVM: x86: hyperv: enforce vp_index < KVM_MAX_VCPUS
KVM: x86: hyperv: consistently use 'hv_vcpu' for 'struct kvm_vcpu_hv' variables
KVM: x86: hyperv: keep track of mismatched VP indexes
KVM: hyperv: define VP assist page helpers
x86/kvm/lapic: preserve gfn_to_hva_cache len on cache reinit
drm/i915: Fix intel_dp_mst_best_encoder()
drm/i915: Rename PLANE_CTL_DECOMPRESSION_ENABLE
drm/i915/gen9+: Fix initial readout for Y tiled framebuffers
drm/atomic_helper: Disallow new modesets on unregistered connectors
Drivers: hv: kvp: Fix the indentation of some "break" statements
Drivers: hv: kvp: Fix the recent regression caused by incorrect clean-up
powerplay: Respect units on max dcfclk watermark
drm/amd/pp: Fix truncated clock value when set watermark
drm/amd/dm: Understand why attaching path/tile properties are needed
ARM: davinci: da8xx: define gpio interrupts as separate resources
ARM: davinci: dm365: define gpio interrupts as separate resources
ARM: davinci: dm646x: define gpio interrupts as separate resources
ARM: davinci: dm355: define gpio interrupts as separate resources
ARM: davinci: dm644x: define gpio interrupts as separate resources
s390/zcrypt: reinit ap queue state machine during device probe
media: vim2m: use workqueue
media: vim2m: use cancel_delayed_work_sync instead of flush_schedule_work
drm/i915: Restore sane defaults for KMS on GEM error load
drm/i915: Cleanup gt powerstate from gem
KVM: PPC: Book3S HV: Fix race between kvm_unmap_hva_range and MMU mode switch
Btrfs: clean up scrub is_dev_replace parameter
Btrfs: fix deadlock with memory reclaim during scrub
btrfs: Remove extent_io_ops::fill_delalloc
btrfs: Fix error handling in btrfs_cleanup_ordered_extents
scsi: megaraid_sas: Fix combined reply queue mode detection
scsi: megaraid_sas: Add check for reset adapter bit
scsi: megaraid_sas: Use 63-bit DMA addressing
powerpc/pkeys: Fix handling of pkey state across fork()
btrfs: volumes: Make sure no dev extent is beyond device boundary
btrfs: Use real device structure to verify dev extent
media: vim2m: only cancel work if it is for right context
ARC: show_regs: lockdep: re-enable preemption
ARC: mm: do_page_fault fixes#1: relinquish mmap_sem if signal arrives while handle_mm_fault
IB/uverbs: Fix OOPs upon device disassociation
crypto: ccree - fix resume race condition on init
crypto: ccree - add missing inline qualifier
drm/vblank: Allow dynamic per-crtc max_vblank_count
drm/i915/ilk: Fix warning when reading emon_status with no output
mfd: Kconfig: Fix I2C_DESIGNWARE_PLATFORM dependencies
tpm: Fix some name collisions with drivers/char/tpm.h
bcache: replace hard coded number with BUCKET_GC_GEN_MAX
bcache: treat stale && dirty keys as bad keys
KVM: VMX: Compare only a single byte for VMCS' "launched" in vCPU-run
iio: adc: exynos-adc: Add S5PV210 variant
dt-bindings: iio: adc: exynos-adc: Add S5PV210 variant
iio: adc: exynos-adc: Use proper number of channels for Exynos4x12
mt76: fix corrupted software generated tx CCMP PN
drm/nouveau: Don't WARN_ON VCPI allocation failures
iwlwifi: fix devices with PCI Device ID 0x34F0 and 11ac RF modules
iwlwifi: add new card for 9260 series
x86/kvmclock: set offset for kvm unstable clock
spi: spi-gpio: fix SPI_CS_HIGH capability
powerpc/kvm: Save and restore host AMR/IAMR/UAMOR
mmc: renesas_sdhi: Fix card initialization failure in high speed mode
btrfs: scrub: pass fs_info to scrub_setup_ctx
btrfs: scrub: move scrub_setup_ctx allocation out of device_list_mutex
btrfs: scrub: fix circular locking dependency warning
btrfs: init csum_list before possible free
PCI: qcom: Fix error handling in runtime PM support
PCI: qcom: Don't deassert reset GPIO during probe
drm: add __user attribute to ptr_to_compat()
CIFS: Fix error paths in writeback code
CIFS: Fix leaking locked VFS cache pages in writeback retry
drm/i915: Handle vm_mmap error during I915_GEM_MMAP ioctl with WC set
drm/i915: Sanity check mmap length against object size
usb: typec: tcpm: Try PD-2.0 if sink does not respond to 3.0 source-caps
arm64: dts: stratix10: add the sysmgr-syscon property from the gmac's
IB/mlx5: Reset access mask when looping inside page fault handler
kvm: mmu: Fix overflow on kvm mmu page limit calculation
x86/kvm: move kvm_load/put_guest_xcr0 into atomic context
KVM: x86: Always use 32-bit SMRAM save state for 32-bit kernels
cifs: Fix lease buffer length error
media: i2c: tda1997x: select V4L2_FWNODE
ext4: protect journal inode's blocks using block_validity
ARM: dts: qcom: ipq4019: fix PCI range
ARM: dts: qcom: ipq4019: Fix MSI IRQ type
ARM: dts: qcom: ipq4019: enlarge PCIe BAR range
dt-bindings: mmc: Add supports-cqe property
dt-bindings: mmc: Add disable-cqe-dcmd property.
PCI: Add macro for Switchtec quirk declarations
PCI: Reset Lenovo ThinkPad P50 nvgpu at boot if necessary
dm mpath: fix missing call of path selector type->end_io
blk-mq: free hw queue's resource in hctx's release handler
mmc: sdhci-pci: Add support for Intel CML
PCI: dwc: Use devm_pci_alloc_host_bridge() to simplify code
cifs: smbd: take an array of reqeusts when sending upper layer data
dm crypt: move detailed message into debug level
signal/arc: Use force_sig_fault where appropriate
ARC: mm: fix uninitialised signal code in do_page_fault
ARC: mm: SIGSEGV userspace trying to access kernel virtual memory
drm/amdkfd: Add missing Polaris10 ID
kvm: Check irqchip mode before assign irqfd
drm/amdgpu: fix ring test failure issue during s3 in vce 3.0 (V2)
drm/amdgpu/{uvd,vcn}: fetch ring's read_ptr after alloc
Btrfs: fix race between block group removal and block group allocation
cifs: add spinlock for the openFileList to cifsInodeInfo
clk: tegra: Fix maximum audio sync clock for Tegra124/210
clk: tegra210: Fix default rates for HDA clocks
IB/hfi1: Avoid hardlockup with flushlist_lock
apparmor: reset pos on failure to unpack for various functions
scsi: target/core: Use the SECTOR_SHIFT constant
scsi: target/iblock: Fix overrun in WRITE SAME emulation
staging: wilc1000: fix error path cleanup in wilc_wlan_initialize()
scsi: zfcp: fix request object use-after-free in send path causing wrong traces
cifs: Properly handle auto disabling of serverino option
ALSA: hda - Don't resume forcibly i915 HDMI/DP codec
ceph: use ceph_evict_inode to cleanup inode's resource
KVM: x86: optimize check for valid PAT value
KVM: VMX: Always signal #GP on WRMSR to MSR_IA32_CR_PAT with bad value
KVM: VMX: Fix handling of #MC that occurs during VM-Entry
KVM: VMX: check CPUID before allowing read/write of IA32_XSS
KVM: PPC: Use ccr field in pt_regs struct embedded in vcpu struct
KVM: PPC: Book3S HV: Fix CR0 setting in TM emulation
ARM: dts: gemini: Set DIR-685 SPI CS as active low
RDMA/srp: Document srp_parse_in() arguments
RDMA/srp: Accept again source addresses that do not have a port number
btrfs: correctly validate compression type
resource: Include resource end in walk_*() interfaces
resource: Fix find_next_iomem_res() iteration issue
resource: fix locking in find_next_iomem_res()
pstore: Fix double-free in pstore_mkfile() failure path
dm thin metadata: check if in fail_io mode when setting needs_check
drm/panel: Add support for Armadeus ST0700 Adapt
ALSA: hda - Fix intermittent CORB/RIRB stall on Intel chips
powerpc/mm: Limit rma_size to 1TB when running without HV mode
iommu/iova: Remove stale cached32_node
gpio: don't WARN() on NULL descs if gpiolib is disabled
i2c: at91: disable TXRDY interrupt after sending data
i2c: at91: fix clk_offset for sama5d2
mm/migrate.c: initialize pud_entry in migrate_vma()
iio: adc: gyroadc: fix uninitialized return code
NFSv4: Fix delegation state recovery
bcache: only clear BTREE_NODE_dirty bit when it is set
bcache: add comments for mutex_lock(&b->write_lock)
bcache: fix race in btree_flush_write()
drm/i915: Make sure cdclk is high enough for DP audio on VLV/CHV
virtio/s390: fix race on airq_areas[]
drm/atomic_helper: Allow DPMS On<->Off changes for unregistered connectors
ext4: don't perform block validity checks on the journal inode
ext4: fix block validity checks for journal inodes using indirect blocks
ext4: unsigned int compared against zero
PCI: Reset both NVIDIA GPU and HDA in ThinkPad P50 workaround
powerpc/tm: Remove msr_tm_active()
powerpc/tm: Fix restoring FP/VMX facility incorrectly on interrupts
vhost: make sure log_num < in_num
Linux 4.19.73
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I7bc57825aeb36759bb8e8726888da9af06392c09
Make the anon_inodes facility unconditional so that it can be used by core
VFS code.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
(cherry picked from commit dadd2299ab61fc2b55b95b7b3a8f674cdd3b69c9)
Bug: 135608568
Test: test program using syscall(__NR_sys_pidfd_open,..) and poll()
Change-Id: I46cba2efd3559bcf1a95a5dad6d8a4de211bafc9
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl1BJrAACgkQONu9yGCS
aT6MpRAAt2nuozm5Z/MshFAuGFzddAwPoYtkIPSy8BiPHYjf7x0+D5Ew4dz5OihS
ElfbA94hMOpvhhXlzBU3ZFJsWZIK78gzV6+LiHyb5R97Jdzj/zT4h40y0kxKw+pS
gghnZ6zx+pGSIXm/EsODW2gg98yTrmhBFpUhXpAGoC/71c1vxVlj3jHcuhd778YK
NRlj2tFWJGIBpmXrApo1Eg7qQRj4tzbOjthfgANWPq+EP68PgiOaxMDMMp7IUwju
KrXEFcXlk5aHvfaJ06FSBRBnn45XMyGXPYV/76HsaqkBNmg1r7o02dZKy/0S84Fn
YXoEFxHt6NFOJ52LiO95z7cQ0xeTSYygNCtYXJ70uyDMnrCPXCrKp7DRyka+vDPs
RCrcpB1QjcCb3xTL//SPkNWM3oZEW9CawpRFh9bmqbw/h7ZjaUEuwNIJnunISulu
2fvOjUmFWfUVIARiwKFVuIkXzgf3cSLYZTtiDFC5/yBpkGVNnXqyO7YtWZwnrMHq
L3DC3pOKuYXMa03KWGEzZoCZEXjtoRhRwCSgV7wbK5o90sZeRj/HC1zXEyDPPD/R
7A1rePTuwlAH3gHCJGhYkmYqULx62ZdvV6IC2N7xNxeTL1Y7OVNBT7ZUqexxY6WC
OG1vVxUKNJIvBLYmc6cmQATgR6XH5/B9H2p1YRBLuAQuqHk+jqo=
=ZQf3
-----END PGP SIGNATURE-----
Merge 4.19.63 into android-4.19
Changes in 4.19.63
hvsock: fix epollout hang from race condition
drm/panel: simple: Fix panel_simple_dsi_probe
iio: adc: stm32-dfsdm: manage the get_irq error case
iio: adc: stm32-dfsdm: missing error case during probe
staging: vt6656: use meaningful error code during buffer allocation
usb: core: hub: Disable hub-initiated U1/U2
tty: max310x: Fix invalid baudrate divisors calculator
pinctrl: rockchip: fix leaked of_node references
tty: serial: cpm_uart - fix init when SMC is relocated
drm/amd/display: Fill prescale_params->scale for RGB565
drm/amdgpu/sriov: Need to initialize the HDP_NONSURFACE_BAStE
drm/amd/display: Disable ABM before destroy ABM struct
drm/amdkfd: Fix a potential memory leak
drm/amdkfd: Fix sdma queue map issue
drm/edid: Fix a missing-check bug in drm_load_edid_firmware()
PCI: Return error if cannot probe VF
drm/bridge: tc358767: read display_props in get_modes()
drm/bridge: sii902x: pixel clock unit is 10kHz instead of 1kHz
gpu: host1x: Increase maximum DMA segment size
drm/crc-debugfs: User irqsafe spinlock in drm_crtc_add_crc_entry
drm/crc-debugfs: Also sprinkle irqrestore over early exits
memstick: Fix error cleanup path of memstick_init
tty/serial: digicolor: Fix digicolor-usart already registered warning
tty: serial: msm_serial: avoid system lockup condition
serial: 8250: Fix TX interrupt handling condition
drm/amd/display: Always allocate initial connector state state
drm/virtio: Add memory barriers for capset cache.
phy: renesas: rcar-gen2: Fix memory leak at error paths
drm/amd/display: fix compilation error
powerpc/pseries/mobility: prevent cpu hotplug during DT update
drm/rockchip: Properly adjust to a true clock in adjusted_mode
serial: imx: fix locking in set_termios()
tty: serial_core: Set port active bit in uart_port_activate
usb: gadget: Zero ffs_io_data
mmc: sdhci: sdhci-pci-o2micro: Check if controller supports 8-bit width
powerpc/pci/of: Fix OF flags parsing for 64bit BARs
drm/msm: Depopulate platform on probe failure
serial: mctrl_gpio: Check if GPIO property exisits before requesting it
PCI: sysfs: Ignore lockdep for remove attribute
i2c: stm32f7: fix the get_irq error cases
kbuild: Add -Werror=unknown-warning-option to CLANG_FLAGS
genksyms: Teach parser about 128-bit built-in types
PCI: xilinx-nwl: Fix Multi MSI data programming
iio: iio-utils: Fix possible incorrect mask calculation
powerpc/cacheflush: fix variable set but not used
powerpc/xmon: Fix disabling tracing while in xmon
recordmcount: Fix spurious mcount entries on powerpc
mfd: madera: Add missing of table registration
mfd: core: Set fwnode for created devices
mfd: arizona: Fix undefined behavior
mfd: hi655x-pmic: Fix missing return value check for devm_regmap_init_mmio_clk
mm/swap: fix release_pages() when releasing devmap pages
um: Silence lockdep complaint about mmap_sem
powerpc/4xx/uic: clear pending interrupt after irq type/pol change
RDMA/i40iw: Set queue pair state when being queried
serial: sh-sci: Terminate TX DMA during buffer flushing
serial: sh-sci: Fix TX DMA buffer flushing and workqueue races
IB/mlx5: Fixed reporting counters on 2nd port for Dual port RoCE
powerpc/mm: Handle page table allocation failures
IB/ipoib: Add child to parent list only if device initialized
arm64: assembler: Switch ESB-instruction with a vanilla nop if !ARM64_HAS_RAS
PCI: mobiveil: Fix PCI base address in MEM/IO outbound windows
PCI: mobiveil: Fix the Class Code field
kallsyms: exclude kasan local symbols on s390
PCI: mobiveil: Initialize Primary/Secondary/Subordinate bus numbers
PCI: mobiveil: Use the 1st inbound window for MEM inbound transactions
perf test mmap-thread-lookup: Initialize variable to suppress memory sanitizer warning
perf stat: Fix use-after-freed pointer detected by the smatch tool
perf top: Fix potential NULL pointer dereference detected by the smatch tool
perf session: Fix potential NULL pointer dereference found by the smatch tool
perf annotate: Fix dereferencing freed memory found by the smatch tool
perf hists browser: Fix potential NULL pointer dereference found by the smatch tool
RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM
PCI: dwc: pci-dra7xx: Fix compilation when !CONFIG_GPIOLIB
powerpc/boot: add {get, put}_unaligned_be32 to xz_config.h
block: init flush rq ref count to 1
f2fs: avoid out-of-range memory access
mailbox: handle failed named mailbox channel request
dlm: check if workqueues are NULL before flushing/destroying
powerpc/eeh: Handle hugepages in ioremap space
block/bio-integrity: fix a memory leak bug
sh: prevent warnings when using iounmap
mm/kmemleak.c: fix check for softirq context
9p: pass the correct prototype to read_cache_page
mm/gup.c: mark undo_dev_pagemap as __maybe_unused
mm/gup.c: remove some BUG_ONs from get_gate_page()
memcg, fsnotify: no oom-kill for remote memcg charging
mm/mmu_notifier: use hlist_add_head_rcu()
proc: use down_read_killable mmap_sem for /proc/pid/smaps_rollup
proc: use down_read_killable mmap_sem for /proc/pid/pagemap
proc: use down_read_killable mmap_sem for /proc/pid/clear_refs
proc: use down_read_killable mmap_sem for /proc/pid/map_files
cxgb4: reduce kernel stack usage in cudbg_collect_mem_region()
proc: use down_read_killable mmap_sem for /proc/pid/maps
locking/lockdep: Fix lock used or unused stats error
mm: use down_read_killable for locking mmap_sem in access_remote_vm
locking/lockdep: Hide unused 'class' variable
usb: wusbcore: fix unbalanced get/put cluster_id
usb: pci-quirks: Correct AMD PLL quirk detection
btrfs: inode: Don't compress if NODATASUM or NODATACOW set
x86/sysfb_efi: Add quirks for some devices with swapped width and height
x86/speculation/mds: Apply more accurate check on hypervisor platform
binder: prevent transactions to context manager from its own process.
fpga-manager: altera-ps-spi: Fix build error
mei: me: add mule creek canyon (EHL) device ids
hpet: Fix division by zero in hpet_time_div()
ALSA: ac97: Fix double free of ac97_codec_device
ALSA: line6: Fix wrong altsetting for LINE6_PODHD500_1
ALSA: hda - Add a conexant codec entry to let mute led work
powerpc/xive: Fix loop exit-condition in xive_find_target_in_mask()
powerpc/tm: Fix oops on sigreturn on systems without TM
libnvdimm/bus: Stop holding nvdimm_bus_list_mutex over __nd_ioctl()
access: avoid the RCU grace period for the temporary subjective credentials
Linux 4.19.63
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ic31529aa6fd283d16d6bfb182187a9402a4db44f
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlzxMDsACgkQONu9yGCS
aT6kjxAAvyKCDNGaQgBXGXe6xvBK7ad+mk+MU6WVycN+PIQzA8zVfR7RcGJgEP8t
65QrePyacMe5bmSgTnUKGz6DpwpWbCMamyftjoaPWIhxDFmQy7FB9ANOVoPDBw49
+jKT30ioBSI6LYQDU4xhxDO01HVEXmmLZquqYDfLoHOMLeXCivfTlM7PQPfxMZzn
fdeLtvfCnfMiftkXZjGqaWoUAnrlTmncQk9nXMcDgxrGy9pHJ6B1WWE5ygqr4Z5s
MaKfHotCSYD/eP8JsyIdJg+iMESv5Z0ZDCjbVslm81fCLeUD6atdnmpYxCphmT7Q
ifN23i4FJrXBX4xLpD9RYzavH3+hQzqb2pt02aBZRW0OLFK0qjYrkdayjwWGOIUI
zK9bgfHiiNKtoyvakQJ09uMhpO2thWeTMh8a6iBLTQ5Koi60adW1l5GrPuTTZYG7
V8xNB2cLsUktDsAr1I/kwrCMlE/oNFgy2La5zMzmELnFTUJRlMAoAGaa1DPcOFLt
QVdT8luJMu+1KTeMZPoK/7QQGszMDTAot4+Ys56KyPQ6zN/rGr2vm7kHYn41FyEp
KXpyeIm0/RKxUysz2Fyx+dL75e4ZhBof+amQ7Kotz6bF45o+ZwJ7THT6XKIOoln5
E7iI5RhQMZ2WuVIHLKa0QFBRn4RPpzie1lwOXWAAF6oqNgewXHw=
=fjPE
-----END PGP SIGNATURE-----
Merge 4.19.47 into android-4.19
Changes in 4.19.47
x86: Hide the int3_emulate_call/jmp functions from UML
ext4: do not delete unlinked inode from orphan list on failed truncate
ext4: wait for outstanding dio during truncate in nojournal mode
f2fs: Fix use of number of devices
KVM: x86: fix return value for reserved EFER
bio: fix improper use of smp_mb__before_atomic()
sbitmap: fix improper use of smp_mb__before_atomic()
Revert "scsi: sd: Keep disk read-only when re-reading partition"
crypto: vmx - CTR: always increment IV as quadword
mmc: sdhci-iproc: cygnus: Set NO_HISPD bit to fix HS50 data hold time problem
mmc: sdhci-iproc: Set NO_HISPD bit to fix HS50 data hold time problem
kvm: svm/avic: fix off-by-one in checking host APIC ID
libnvdimm/pmem: Bypass CONFIG_HARDENED_USERCOPY overhead
arm64/kernel: kaslr: reduce module randomization range to 2 GB
arm64/iommu: handle non-remapped addresses in ->mmap and ->get_sgtable
gfs2: Fix sign extension bug in gfs2_update_stats
btrfs: don't double unlock on error in btrfs_punch_hole
Btrfs: do not abort transaction at btrfs_update_root() after failure to COW path
Btrfs: avoid fallback to transaction commit during fsync of files with holes
Btrfs: fix race between ranged fsync and writeback of adjacent ranges
btrfs: sysfs: Fix error path kobject memory leak
btrfs: sysfs: don't leak memory when failing add fsid
udlfb: fix some inconsistent NULL checking
fbdev: fix divide error in fb_var_to_videomode
NFSv4.2 fix unnecessary retry in nfs4_copy_file_range
NFSv4.1 fix incorrect return value in copy_file_range
bpf: add bpf_jit_limit knob to restrict unpriv allocations
brcmfmac: assure SSID length from firmware is limited
brcmfmac: add subtype check for event handling in data path
arm64: errata: Add workaround for Cortex-A76 erratum #1463225
btrfs: honor path->skip_locking in backref code
ovl: relax WARN_ON() for overlapping layers use case
fbdev: fix WARNING in __alloc_pages_nodemask bug
media: cpia2: Fix use-after-free in cpia2_exit
media: serial_ir: Fix use-after-free in serial_ir_init_module
media: vb2: add waiting_in_dqbuf flag
media: vivid: use vfree() instead of kfree() for dev->bitmap_cap
ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit
bpf: devmap: fix use-after-free Read in __dev_map_entry_free
batman-adv: mcast: fix multicast tt/tvlv worker locking
at76c50x-usb: Don't register led_trigger if usb_register_driver failed
acct_on(): don't mess with freeze protection
Revert "btrfs: Honour FITRIM range constraints during free space trim"
gfs2: Fix lru_count going negative
cxgb4: Fix error path in cxgb4_init_module
NFS: make nfs_match_client killable
IB/hfi1: Fix WQ_MEM_RECLAIM warning
gfs2: Fix occasional glock use-after-free
mmc: core: Verify SD bus width
tools/bpf: fix perf build error with uClibc (seen on ARC)
selftests/bpf: set RLIMIT_MEMLOCK properly for test_libbpf_open.c
bpftool: exclude bash-completion/bpftool from .gitignore pattern
dmaengine: tegra210-dma: free dma controller in remove()
net: ena: gcc 8: fix compilation warning
hv_netvsc: fix race that may miss tx queue wakeup
Bluetooth: Ignore CC events not matching the last HCI command
pinctrl: zte: fix leaked of_node references
ASoC: Intel: kbl_da7219_max98357a: Map BTN_0 to KEY_PLAYPAUSE
usb: dwc2: gadget: Increase descriptors count for ISOC's
usb: dwc3: move synchronize_irq() out of the spinlock protected block
ASoC: hdmi-codec: unlock the device on startup errors
powerpc/perf: Return accordingly on invalid chip-id in
powerpc/boot: Fix missing check of lseek() return value
powerpc/perf: Fix loop exit condition in nest_imc_event_init
ASoC: imx: fix fiq dependencies
spi: pxa2xx: fix SCR (divisor) calculation
brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler()
ACPI / property: fix handling of data_nodes in acpi_get_next_subnode()
drm/nouveau/bar/nv50: ensure BAR is mapped
media: stm32-dcmi: return appropriate error codes during probe
ARM: vdso: Remove dependency with the arch_timer driver internals
arm64: Fix compiler warning from pte_unmap() with -Wunused-but-set-variable
powerpc/watchdog: Use hrtimers for per-CPU heartbeat
sched/cpufreq: Fix kobject memleak
scsi: qla2xxx: Fix a qla24xx_enable_msix() error path
scsi: qla2xxx: Fix abort handling in tcm_qla2xxx_write_pending()
scsi: qla2xxx: Avoid that lockdep complains about unsafe locking in tcm_qla2xxx_close_session()
scsi: qla2xxx: Fix hardirq-unsafe locking
x86/modules: Avoid breaking W^X while loading modules
Btrfs: fix data bytes_may_use underflow with fallocate due to failed quota reserve
btrfs: fix panic during relocation after ENOSPC before writeback happens
btrfs: Don't panic when we can't find a root key
iwlwifi: pcie: don't crash on invalid RX interrupt
rtc: 88pm860x: prevent use-after-free on device remove
rtc: stm32: manage the get_irq probe defer case
scsi: qedi: Abort ep termination if offload not scheduled
s390/kexec_file: Fix detection of text segment in ELF loader
sched/nohz: Run NOHZ idle load balancer on HK_FLAG_MISC CPUs
w1: fix the resume command API
s390: qeth: address type mismatch warning
dmaengine: pl330: _stop: clear interrupt status
mac80211/cfg80211: update bss channel on channel switch
libbpf: fix samples/bpf build failure due to undefined UINT32_MAX
slimbus: fix a potential NULL pointer dereference in of_qcom_slim_ngd_register
ASoC: fsl_sai: Update is_slave_mode with correct value
mwifiex: prevent an array overflow
rsi: Fix NULL pointer dereference in kmalloc
net: cw1200: fix a NULL pointer dereference
nvme: set 0 capacity if namespace block size exceeds PAGE_SIZE
nvme-rdma: fix a NULL deref when an admin connect times out
crypto: sun4i-ss - Fix invalid calculation of hash end
bcache: avoid potential memleak of list of journal_replay(s) in the CACHE_SYNC branch of run_cache_set
bcache: return error immediately in bch_journal_replay()
bcache: fix failure in journal relplay
bcache: add failure check to run_cache_set() for journal replay
bcache: avoid clang -Wunintialized warning
RDMA/cma: Consider scope_id while binding to ipv6 ll address
vfio-ccw: Do not call flush_workqueue while holding the spinlock
vfio-ccw: Release any channel program when releasing/removing vfio-ccw mdev
x86/build: Move _etext to actual end of .text
smpboot: Place the __percpu annotation correctly
x86/mm: Remove in_nmi() warning from 64-bit implementation of vmalloc_fault()
mm/uaccess: Use 'unsigned long' to placate UBSAN warnings on older GCC versions
Bluetooth: hci_qca: Give enough time to ROME controller to bootup.
HID: logitech-hidpp: use RAP instead of FAP to get the protocol version
pinctrl: pistachio: fix leaked of_node references
pinctrl: samsung: fix leaked of_node references
clk: rockchip: undo several noc and special clocks as critical on rk3288
perf/arm-cci: Remove broken race mitigation
dmaengine: at_xdmac: remove BUG_ON macro in tasklet
media: coda: clear error return value before picture run
media: ov6650: Move v4l2_clk_get() to ov6650_video_probe() helper
media: au0828: stop video streaming only when last user stops
media: ov2659: make S_FMT succeed even if requested format doesn't match
audit: fix a memory leak bug
media: stm32-dcmi: fix crash when subdev do not expose any formats
media: au0828: Fix NULL pointer dereference in au0828_analog_stream_enable()
media: pvrusb2: Prevent a buffer overflow
iio: adc: stm32-dfsdm: fix unmet direct dependencies detected
block: fix use-after-free on gendisk
powerpc/numa: improve control of topology updates
powerpc/64: Fix booting large kernels with STRICT_KERNEL_RWX
random: fix CRNG initialization when random.trust_cpu=1
random: add a spinlock_t to struct batched_entropy
cgroup: protect cgroup->nr_(dying_)descendants by css_set_lock
sched/core: Check quota and period overflow at usec to nsec conversion
sched/rt: Check integer overflow at usec to nsec conversion
sched/core: Handle overflow in cpu_shares_write_u64
staging: vc04_services: handle kzalloc failure
drm/msm: a5xx: fix possible object reference leak
irq_work: Do not raise an IPI when queueing work on the local CPU
thunderbolt: Take domain lock in switch sysfs attribute callbacks
s390/qeth: handle error from qeth_update_from_chp_desc()
USB: core: Don't unbind interfaces following device reset failure
x86/irq/64: Limit IST stack overflow check to #DB stack
drm: etnaviv: avoid DMA API warning when importing buffers
phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode
phy: mapphone-mdm6600: add gpiolib dependency
i40e: Able to add up to 16 MAC filters on an untrusted VF
i40e: don't allow changes to HW VLAN stripping on active port VLANs
ACPI/IORT: Reject platform device creation on NUMA node mapping failure
arm64: vdso: Fix clock_getres() for CLOCK_REALTIME
RDMA/cxgb4: Fix null pointer dereference on alloc_skb failure
perf/x86/msr: Add Icelake support
perf/x86/intel/rapl: Add Icelake support
perf/x86/intel/cstate: Add Icelake support
hwmon: (vt1211) Use request_muxed_region for Super-IO accesses
hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses
hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses
hwmon: (pc87427) Use request_muxed_region for Super-IO accesses
hwmon: (f71805f) Use request_muxed_region for Super-IO accesses
scsi: libsas: Do discovery on empty PHY to update PHY info
mmc: core: make pwrseq_emmc (partially) support sleepy GPIO controllers
mmc_spi: add a status check for spi_sync_locked
mmc: sdhci-of-esdhc: add erratum eSDHC5 support
mmc: sdhci-of-esdhc: add erratum A-009204 support
mmc: sdhci-of-esdhc: add erratum eSDHC-A001 and A-008358 support
drm/amdgpu: fix old fence check in amdgpu_fence_emit
PM / core: Propagate dev->power.wakeup_path when no callbacks
clk: rockchip: Fix video codec clocks on rk3288
extcon: arizona: Disable mic detect if running when driver is removed
clk: rockchip: Make rkpwm a critical clock on rk3288
s390: zcrypt: initialize variables before_use
x86/microcode: Fix the ancient deprecated microcode loading method
s390/mm: silence compiler warning when compiling without CONFIG_PGSTE
s390: cio: fix cio_irb declaration
selftests: cgroup: fix cleanup path in test_memcg_subtree_control()
qmi_wwan: Add quirk for Quectel dynamic config
cpufreq: ppc_cbe: fix possible object reference leak
cpufreq/pasemi: fix possible object reference leak
cpufreq: pmac32: fix possible object reference leak
cpufreq: kirkwood: fix possible object reference leak
block: sed-opal: fix IOC_OPAL_ENABLE_DISABLE_MBR
x86/build: Keep local relocations with ld.lld
drm/pl111: fix possible object reference leak
iio: ad_sigma_delta: Properly handle SPI bus locking vs CS assertion
iio: hmc5843: fix potential NULL pointer dereferences
iio: common: ssp_sensors: Initialize calculated_time in ssp_common_process_data
iio: adc: ti-ads7950: Fix improper use of mlock
selftests/bpf: ksym_search won't check symbols exists
rtlwifi: fix a potential NULL pointer dereference
mwifiex: Fix mem leak in mwifiex_tm_cmd
brcmfmac: fix missing checks for kmemdup
b43: shut up clang -Wuninitialized variable warning
brcmfmac: convert dev_init_lock mutex to completion
brcmfmac: fix WARNING during USB disconnect in case of unempty psq
brcmfmac: fix race during disconnect when USB completion is in progress
brcmfmac: fix Oops when bringing up interface during USB disconnect
rtc: xgene: fix possible race condition
rtlwifi: fix potential NULL pointer dereference
scsi: ufs: Fix regulator load and icc-level configuration
scsi: ufs: Avoid configuring regulator with undefined voltage range
drm/panel: otm8009a: Add delay at the end of initialization
arm64: cpu_ops: fix a leaked reference by adding missing of_node_put
wil6210: fix return code of wmi_mgmt_tx and wmi_mgmt_tx_ext
x86/uaccess, ftrace: Fix ftrace_likely_update() vs. SMAP
x86/uaccess, signal: Fix AC=1 bloat
x86/ia32: Fix ia32_restore_sigcontext() AC leak
x86/uaccess: Fix up the fixup
chardev: add additional check for minor range overlap
RDMA/hns: Fix bad endianess of port_pd variable
sh: sh7786: Add explicit I/O cast to sh7786_mm_sel()
HID: core: move Usage Page concatenation to Main item
ASoC: eukrea-tlv320: fix a leaked reference by adding missing of_node_put
ASoC: fsl_utils: fix a leaked reference by adding missing of_node_put
cxgb3/l2t: Fix undefined behaviour
HID: logitech-hidpp: change low battery level threshold from 31 to 30 percent
spi: tegra114: reset controller on probe
kobject: Don't trigger kobject_uevent(KOBJ_REMOVE) twice.
media: video-mux: fix null pointer dereferences
media: wl128x: prevent two potential buffer overflows
media: gspca: Kill URBs on USB device disconnect
efifb: Omit memory map check on legacy boot
thunderbolt: property: Fix a missing check of kzalloc
thunderbolt: Fix to check the return value of kmemdup
timekeeping: Force upper bound for setting CLOCK_REALTIME
scsi: qedf: Add missing return in qedf_post_io_req() in the fcport offload check
virtio_console: initialize vtermno value for ports
tty: ipwireless: fix missing checks for ioremap
overflow: Fix -Wtype-limits compilation warnings
x86/mce: Fix machine_check_poll() tests for error types
rcutorture: Fix cleanup path for invalid torture_type strings
x86/mce: Handle varying MCA bank counts
rcuperf: Fix cleanup path for invalid perf_type strings
usb: core: Add PM runtime calls to usb_hcd_platform_shutdown
scsi: qla4xxx: avoid freeing unallocated dma memory
scsi: lpfc: avoid uninitialized variable warning
selinux: avoid uninitialized variable warning
batman-adv: allow updating DAT entry timeouts on incoming ARP Replies
dmaengine: tegra210-adma: use devm_clk_*() helpers
hwrng: omap - Set default quality
thunderbolt: Fix to check return value of ida_simple_get
thunderbolt: Fix to check for kmemdup failure
drm/amd/display: fix releasing planes when exiting odm
thunderbolt: property: Fix a NULL pointer dereference
e1000e: Disable runtime PM on CNP+
tinydrm/mipi-dbi: Use dma-safe buffers for all SPI transfers
igb: Exclude device from suspend direct complete optimization
media: si2165: fix a missing check of return value
media: dvbsky: Avoid leaking dvb frontend
media: m88ds3103: serialize reset messages in m88ds3103_set_frontend
media: staging: davinci_vpfe: disallow building with COMPILE_TEST
drm/amd/display: Fix Divide by 0 in memory calculations
drm/amd/display: Set stream->mode_changed when connectors change
scsi: ufs: fix a missing check of devm_reset_control_get
media: vimc: stream: fix thread state before sleep
media: gspca: do not resubmit URBs when streaming has stopped
media: go7007: avoid clang frame overflow warning with KASAN
media: vimc: zero the media_device on probe
scsi: lpfc: Fix FDMI manufacturer attribute value
scsi: lpfc: Fix fc4type information for FDMI
media: saa7146: avoid high stack usage with clang
scsi: lpfc: Fix SLI3 commands being issued on SLI4 devices
spi : spi-topcliff-pch: Fix to handle empty DMA buffers
drm/omap: dsi: Fix PM for display blank with paired dss_pll calls
spi: rspi: Fix sequencer reset during initialization
spi: imx: stop buffer overflow in RX FIFO flush
spi: Fix zero length xfer bug
ASoC: davinci-mcasp: Fix clang warning without CONFIG_PM
drm/v3d: Handle errors from IRQ setup.
drm/drv: Hold ref on parent device during drm_device lifetime
drm: Wake up next in drm_read() chain if we are forced to putback the event
drm/sun4i: dsi: Change the start delay calculation
vfio-ccw: Prevent quiesce function going into an infinite loop
drm/sun4i: dsi: Enforce boundaries on the start delay
NFS: Fix a double unlock from nfs_match,get_client
Linux 4.19.47
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
[ Upstream commit 62f95ae805fa9e1e84d47d3219adddd97b2654b7 ]
Newer combinations of the glibc, kernel and openssh can result in long initial
startup times on OMAP devices:
[ 6.671425] systemd-rc-once[102]: Creating ED25519 key; this may take some time ...
[ 142.652491] systemd-rc-once[102]: Creating ED25519 key; done.
due to the blocking getrandom(2) system call:
[ 142.610335] random: crng init done
Set the quality level for the omap hwrng driver allowing the kernel to use the
hwrng as an entropy source at boot.
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 4b0a2c5ff7215206ea6135a405f17c5f6fca7d00 ]
For regular serial ports we do not initialize value of vtermno
variable. A garbage value is assigned for non console ports.
The value can be observed as a random integer with [1].
[1] vim /sys/kernel/debug/virtio-ports/vport*p*
This patch initialize the value of vtermno for console serial
ports to '1' and regular serial ports are initiaized to '0'.
Reported-by: siliu@redhat.com
Signed-off-by: Pankaj Gupta <pagupta@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit b7d5dc21072cda7124d13eae2aefb7343ef94197 ]
The per-CPU variable batched_entropy_uXX is protected by get_cpu_var().
This is just a preempt_disable() which ensures that the variable is only
from the local CPU. It does not protect against users on the same CPU
from another context. It is possible that a preemptible context reads
slot 0 and then an interrupt occurs and the same value is read again.
The above scenario is confirmed by lockdep if we add a spinlock:
| ================================
| WARNING: inconsistent lock state
| 5.1.0-rc3+ #42 Not tainted
| --------------------------------
| inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage.
| ksoftirqd/9/56 [HC0[0]:SC1[1]:HE0:SE0] takes:
| (____ptrval____) (batched_entropy_u32.lock){+.?.}, at: get_random_u32+0x3e/0xe0
| {SOFTIRQ-ON-W} state was registered at:
| _raw_spin_lock+0x2a/0x40
| get_random_u32+0x3e/0xe0
| new_slab+0x15c/0x7b0
| ___slab_alloc+0x492/0x620
| __slab_alloc.isra.73+0x53/0xa0
| kmem_cache_alloc_node+0xaf/0x2a0
| copy_process.part.41+0x1e1/0x2370
| _do_fork+0xdb/0x6d0
| kernel_thread+0x20/0x30
| kthreadd+0x1ba/0x220
| ret_from_fork+0x3a/0x50
…
| other info that might help us debug this:
| Possible unsafe locking scenario:
|
| CPU0
| ----
| lock(batched_entropy_u32.lock);
| <Interrupt>
| lock(batched_entropy_u32.lock);
|
| *** DEADLOCK ***
|
| stack backtrace:
| Call Trace:
…
| kmem_cache_alloc_trace+0x20e/0x270
| ipmi_alloc_recv_msg+0x16/0x40
…
| __do_softirq+0xec/0x48d
| run_ksoftirqd+0x37/0x60
| smpboot_thread_fn+0x191/0x290
| kthread+0xfe/0x130
| ret_from_fork+0x3a/0x50
Add a spinlock_t to the batched_entropy data structure and acquire the
lock while accessing it. Acquire the lock with disabled interrupts
because this function may be used from interrupt context.
Remove the batched_entropy_reset_lock lock. Now that we have a lock for
the data scructure, we can access it from a remote CPU.
Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit fe6f1a6a8eedc1aa538fee0baa612b6a59639cf8 ]
When the system boots with random.trust_cpu=1 it doesn't initialize the
per-NUMA CRNGs because it skips the rest of the CRNG startup code. This
means that the code from 1e7f583af6 ("random: make /dev/urandom scalable
for silly userspace programs") is not used when random.trust_cpu=1.
crash> dmesg | grep random:
[ 0.000000] random: get_random_bytes called from start_kernel+0x94/0x530 with crng_init=0
[ 0.314029] random: crng done (trusting CPU's manufacturer)
crash> print crng_node_pool
$6 = (struct crng_state **) 0x0
After adding the missing call to numa_crng_init() the per-NUMA CRNGs are
initialized again:
crash> dmesg | grep random:
[ 0.000000] random: get_random_bytes called from start_kernel+0x94/0x530 with crng_init=0
[ 0.314031] random: crng done (trusting CPU's manufacturer)
crash> print crng_node_pool
$1 = (struct crng_state **) 0xffff9a915f4014a0
The call to invalidate_batched_entropy() was also missing. This is
important for architectures like PPC and S390 which only have the
arch_get_random_seed_* functions.
Fixes: 39a8883a2b ("random: add a config option to trust the CPU's hwrng")
Signed-off-by: Jon DeVree <nuxi@vault24.org>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Sasha Levin <sashal@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlzk4CsACgkQONu9yGCS
aT5Xaw//UWopx4Yqbiv+4HBgW+2ijP4utxI4lBNYITD44jvkyVJnztUtVkWepu5r
Tkl/7zytXOpxbpuhS0xqpWwG7lL5eT4NCG08KSX4lYQVjIWX4YzVkw9gLe9V2AaK
IqTzaWtbuagARbnR3UC65TI4kjRGsr9ldY0AbbGGVTM6IwPquHN9Qd9TAzRwRohn
CxY94Bwp1RcN2sSPkD3nUCUGOSNh97BXyypeM7FyceOzOpyAdQCXoUPc84cPqdNC
4GBkd5Z1IL/7zX3HDjQeGS0KK6e1enslSmsbSSUVuHI90LCr3CZPJkFF8RFnPnff
2RA7bdhp8C1JPeLDimr+SNSLEl9yywoH6d4UQAnBwoLDjiFCEITVgjDtYzzd81+1
ES6lbUAs8v/LXkaCaExq6pNNd1prg6Mj9Fe6cz+G9V/YV1tLUsoAJHdFucu8Sp7w
rwz/PZ6waCf8VRO4aYFF9b+u7PQ/RFZWQYsz22P7PhAYg0CTajV1FWGk1AYi0+wQ
5YCmthbWhDo9U5lAFyQ0pVTXv/UNgEu6MfV1/jKtCk5AzsbE77orj1xusKckHq2e
QojgmELmHMlFFajI0h/ddDo7iwz/5OrPVs9D03RysiOciMzdTKPucPyC0Ah4yEBA
sJ0cQkaVtqO2Nu3E42lfQTpVIqBgi8NGav+kRwryB1YyKeaXLsM=
=HJ7O
-----END PGP SIGNATURE-----
Merge 4.19.45 into android-4.19
Changes in 4.19.45
locking/rwsem: Prevent decrement of reader count before increment
x86/speculation/mds: Revert CPU buffer clear on double fault exit
x86/speculation/mds: Improve CPU buffer clear documentation
objtool: Fix function fallthrough detection
arm64: dts: rockchip: Disable DCMDs on RK3399's eMMC controller.
ARM: dts: exynos: Fix interrupt for shared EINTs on Exynos5260
ARM: dts: exynos: Fix audio (microphone) routing on Odroid XU3
mmc: sdhci-of-arasan: Add DTS property to disable DCMDs.
ARM: exynos: Fix a leaked reference by adding missing of_node_put
power: supply: axp288_charger: Fix unchecked return value
power: supply: axp288_fuel_gauge: Add ACEPC T8 and T11 mini PCs to the blacklist
arm64: mmap: Ensure file offset is treated as unsigned
arm64: arch_timer: Ensure counter register reads occur with seqlock held
arm64: compat: Reduce address limit
arm64: Clear OSDLR_EL1 on CPU boot
arm64: Save and restore OSDLR_EL1 across suspend/resume
sched/x86: Save [ER]FLAGS on context switch
crypto: crypto4xx - fix ctr-aes missing output IV
crypto: crypto4xx - fix cfb and ofb "overran dst buffer" issues
crypto: salsa20 - don't access already-freed walk.iv
crypto: chacha20poly1305 - set cra_name correctly
crypto: ccp - Do not free psp_master when PLATFORM_INIT fails
crypto: vmx - fix copy-paste error in CTR mode
crypto: skcipher - don't WARN on unprocessed data after slow walk step
crypto: crct10dif-generic - fix use via crypto_shash_digest()
crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest()
crypto: arm64/gcm-aes-ce - fix no-NEON fallback code
crypto: gcm - fix incompatibility between "gcm" and "gcm_base"
crypto: rockchip - update IV buffer to contain the next IV
crypto: arm/aes-neonbs - don't access already-freed walk.iv
crypto: arm64/aes-neonbs - don't access already-freed walk.iv
mmc: core: Fix tag set memory leak
ALSA: line6: toneport: Fix broken usage of timer for delayed execution
ALSA: usb-audio: Fix a memory leak bug
ALSA: hda/hdmi - Read the pin sense from register when repolling
ALSA: hda/hdmi - Consider eld_valid when reporting jack event
ALSA: hda/realtek - EAPD turn on later
ALSA: hdea/realtek - Headset fixup for System76 Gazelle (gaze14)
ASoC: max98090: Fix restore of DAPM Muxes
ASoC: RT5677-SPI: Disable 16Bit SPI Transfers
ASoC: fsl_esai: Fix missing break in switch statement
ASoC: codec: hdac_hdmi add device_link to card device
bpf, arm64: remove prefetch insn in xadd mapping
crypto: ccree - remove special handling of chained sg
crypto: ccree - fix mem leak on error path
crypto: ccree - don't map MAC key on stack
crypto: ccree - use correct internal state sizes for export
crypto: ccree - don't map AEAD key and IV on stack
crypto: ccree - pm resume first enable the source clk
crypto: ccree - HOST_POWER_DOWN_EN should be the last CC access during suspend
crypto: ccree - add function to handle cryptocell tee fips error
crypto: ccree - handle tee fips error during power management resume
mm/mincore.c: make mincore() more conservative
mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses
mm/hugetlb.c: don't put_page in lock of hugetlb_lock
hugetlb: use same fault hash key for shared and private mappings
ocfs2: fix ocfs2 read inode data panic in ocfs2_iget
userfaultfd: use RCU to free the task struct when fork fails
ACPI: PM: Set enable_for_wake for wakeup GPEs during suspend-to-idle
mfd: da9063: Fix OTP control register names to match datasheets for DA9063/63L
mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values
mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write
tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0
tty/vt: fix write/write race in ioctl(KDSKBSENT) handler
jbd2: check superblock mapped prior to committing
ext4: make sanity check in mballoc more strict
ext4: ignore e_value_offs for xattrs with value-in-ea-inode
ext4: avoid drop reference to iloc.bh twice
ext4: fix use-after-free race with debug_want_extra_isize
ext4: actually request zeroing of inode table after grow
ext4: fix ext4_show_options for file systems w/o journal
btrfs: Check the first key and level for cached extent buffer
btrfs: Correctly free extent buffer in case btree_read_extent_buffer_pages fails
btrfs: Honour FITRIM range constraints during free space trim
Btrfs: send, flush dellaloc in order to avoid data loss
Btrfs: do not start a transaction during fiemap
Btrfs: do not start a transaction at iterate_extent_inodes()
bcache: fix a race between cache register and cacheset unregister
bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim()
ipmi:ssif: compare block number correctly for multi-part return messages
crypto: ccm - fix incompatibility between "ccm" and "ccm_base"
fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount
tty: Don't force RISCV SBI console as preferred console
ext4: zero out the unused memory region in the extent tree block
ext4: fix data corruption caused by overlapping unaligned and aligned IO
ext4: fix use-after-free in dx_release()
ext4: avoid panic during forced reboot due to aborted journal
ALSA: hda/realtek - Corrected fixup for System76 Gazelle (gaze14)
ALSA: hda/realtek - Fixup headphone noise via runtime suspend
ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug
jbd2: fix potential double free
KVM: x86: Skip EFER vs. guest CPUID checks for host-initiated writes
KVM: lapic: Busy wait for timer to expire when using hv_timer
kbuild: turn auto.conf.cmd into a mandatory include file
xen/pvh: set xen_domain_type to HVM in xen_pvh_init
libnvdimm/namespace: Fix label tracking error
iov_iter: optimize page_copy_sane()
pstore: Centralize init/exit routines
pstore: Allocate compression during late_initcall()
pstore: Refactor compression initialization
ext4: fix compile error when using BUFFER_TRACE
ext4: don't update s_rev_level if not required
Linux 4.19.45
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit 55be8658c7e2feb11a5b5b33ee031791dbd23a69 upstream.
According to ipmi spec, block number is a number that is incremented,
starting with 0, for each new block of message data returned using the
middle transaction.
Here, the 'blocknum' is data[0] which always starts from zero(0) and
'ssif_info->multi_pos' starts from 1.
So, we need to add +1 to blocknum while comparing with multi_pos.
Fixes: 7d6380cd40f79 ("ipmi:ssif: Fix handling of multi-part return messages").
Reported-by: Kiran Kolukuluru <kirank@ami.com>
Signed-off-by: Kamlakant Patel <kamlakantp@marvell.com>
Message-Id: <1556106615-18722-1-git-send-email-kamlakantp@marvell.com>
[Also added a debug log if the block numbers don't match.]
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Cc: stable@vger.kernel.org # 4.4
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlzdoMwACgkQONu9yGCS
aT5H9RAAkvsM0ryV/0BLcS7bAc2qXHz3shwcqMRHeqLSHCI728Ew3vbrenquQ9ou
I1I2gXVjVr3fT5IrNeEKC/RJg5EvUBD25dm3Iei9cTf8kqnnFaEqQFe+jIvVOMfR
zr//hEG3lOO5tLtyK1pnZxrW1uKl7B+1O64bVMpHSola+5teV51r/PxqYM5lNKYm
A0YhhcrTZ4f1ZY1nctgb3g5XousPHJAMhe8ACv6zO7I+eWwn410nUeAJL7WK8SvL
UqW0xgLAkKsYrriaDCPC9VeOVMUetCHeT9KbYQ8W9p+kb5bMQua4d/YJtCxulnqH
TAQosuCVSVoq+jQIZS+El4+teCQW/aAkHFGo+08e9ti+trEliz2u2PxiloZoGlxl
M4iIPwjkp7YJ9WHoVdNjObPiv5vt+2pWDEPhB7p++nsk5/2ArbShqWVDREj09SRp
RpOJ7UGl+Nckk8IppfQgRUOlVyMW6a+Fw7GX7dxnyh9U1g48w5ebNTVeUvKxQVCJ
a99U9qqGRgmEsgicnOXs4tRMYuU0gn3j0Qjhd9G2xYijh8ElMLgTJyv+2JiUIavC
nXmSVW3G54dR7N94aDfWm/z85w/uFmTmT4BiqNuc4/gHVyyk12Q9RbsV4T617xls
wiCkGoLKlpi9cp6abxB9H+oav9PdZd9ztwZMSB35k1AIgh6oeo0=
=v14F
-----END PGP SIGNATURE-----
Merge 4.19.44 into android-4.19
Changes in 4.19.44
bfq: update internal depth state when queue depth changes
platform/x86: sony-laptop: Fix unintentional fall-through
platform/x86: thinkpad_acpi: Disable Bluetooth for some machines
platform/x86: dell-laptop: fix rfkill functionality
hwmon: (pwm-fan) Disable PWM if fetching cooling data fails
kernfs: fix barrier usage in __kernfs_new_node()
virt: vbox: Sanity-check parameter types for hgcm-calls coming from userspace
USB: serial: fix unthrottle races
iio: adc: xilinx: fix potential use-after-free on remove
iio: adc: xilinx: fix potential use-after-free on probe
iio: adc: xilinx: prevent touching unclocked h/w on remove
acpi/nfit: Always dump _DSM output payload
libnvdimm/namespace: Fix a potential NULL pointer dereference
HID: input: add mapping for Expose/Overview key
HID: input: add mapping for keyboard Brightness Up/Down/Toggle keys
HID: input: add mapping for "Toggle Display" key
libnvdimm/btt: Fix a kmemdup failure check
s390/dasd: Fix capacity calculation for large volumes
mac80211: fix unaligned access in mesh table hash function
mac80211: Increase MAX_MSG_LEN
cfg80211: Handle WMM rules in regulatory domain intersection
mac80211: fix memory accounting with A-MSDU aggregation
nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands
libnvdimm/pmem: fix a possible OOB access when read and write pmem
s390/3270: fix lockdep false positive on view->lock
drm/amd/display: extending AUX SW Timeout
clocksource/drivers/npcm: select TIMER_OF
clocksource/drivers/oxnas: Fix OX820 compatible
selftests: fib_tests: Fix 'Command line is not complete' errors
mISDN: Check address length before reading address family
vxge: fix return of a free'd memblock on a failed dma mapping
qede: fix write to free'd pointer error and double free of ptp
afs: Unlock pages for __pagevec_release()
drm/amd/display: If one stream full updates, full update all planes
s390/pkey: add one more argument space for debug feature entry
x86/build/lto: Fix truncated .bss with -fdata-sections
x86/reboot, efi: Use EFI reboot for Acer TravelMate X514-51T
KVM: fix spectrev1 gadgets
KVM: x86: avoid misreporting level-triggered irqs as edge-triggered in tracing
tools lib traceevent: Fix missing equality check for strcmp
ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash
ocelot: Don't sleep in atomic context (irqs_disabled())
scsi: aic7xxx: fix EISA support
mm: fix inactive list balancing between NUMA nodes and cgroups
init: initialize jump labels before command line option parsing
selftests: netfilter: check icmp pkttoobig errors are set as related
ipvs: do not schedule icmp errors from tunnels
netfilter: ctnetlink: don't use conntrack/expect object addresses as id
netfilter: nf_tables: prevent shift wrap in nft_chain_parse_hook()
MIPS: perf: ath79: Fix perfcount IRQ assignment
s390: ctcm: fix ctcm_new_device error return code
drm/sun4i: Set device driver data at bind time for use in unbind
drm/sun4i: Fix component unbinding and component master deletion
selftests/net: correct the return value for run_netsocktests
netfilter: fix nf_l4proto_log_invalid to log invalid packets
gpu: ipu-v3: dp: fix CSC handling
drm/imx: don't skip DP channel disable for background plane
ARM: 8856/1: NOMMU: Fix CCR register faulty initialization when MPU is disabled
spi: Micrel eth switch: declare missing of table
spi: ST ST95HF NFC: declare missing of table
drm/sun4i: Unbind components before releasing DRM and memory
Input: synaptics-rmi4 - fix possible double free
RDMA/hns: Bugfix for mapping user db
mm/memory_hotplug.c: drop memory device reference after find_memory_block()
powerpc/smp: Fix NMI IPI timeout
powerpc/smp: Fix NMI IPI xmon timeout
net: dsa: mv88e6xxx: fix few issues in mv88e6390x_port_set_cmode
mm/memory.c: fix modifying of page protection by insert_pfn()
usb: typec: Fix unchecked return value
netfilter: nf_tables: use-after-free in dynamic operations
netfilter: nf_tables: add missing ->release_ops() in error path of newrule()
net: fec: manage ahb clock in runtime pm
mlxsw: spectrum_switchdev: Add MDB entries in prepare phase
mlxsw: core: Do not use WQ_MEM_RECLAIM for EMAD workqueue
mlxsw: core: Do not use WQ_MEM_RECLAIM for mlxsw ordered workqueue
mlxsw: core: Do not use WQ_MEM_RECLAIM for mlxsw workqueue
net/tls: fix the IV leaks
net: strparser: partially revert "strparser: Call skb_unclone conditionally"
NFC: nci: Add some bounds checking in nci_hci_cmd_received()
nfc: nci: Potential off by one in ->pipes[] array
x86/kprobes: Avoid kretprobe recursion bug
cw1200: fix missing unlock on error in cw1200_hw_scan()
mwl8k: Fix rate_idx underflow
rtlwifi: rtl8723ae: Fix missing break in switch statement
Don't jump to compute_result state from check_result state
um: Don't hardcode path as it is architecture dependent
powerpc/64s: Include cpu header
bonding: fix arp_validate toggling in active-backup mode
bridge: Fix error path for kobject_init_and_add()
dpaa_eth: fix SG frame cleanup
fib_rules: return 0 directly if an exactly same rule exists when NLM_F_EXCL not supplied
ipv4: Fix raw socket lookup for local traffic
net: dsa: Fix error cleanup path in dsa_init_module
net: ethernet: stmmac: dwmac-sun8i: enable support of unicast filtering
net: macb: Change interrupt and napi enable order in open
net: seeq: fix crash caused by not set dev.parent
net: ucc_geth - fix Oops when changing number of buffers in the ring
packet: Fix error path in packet_init
selinux: do not report error on connect(AF_UNSPEC)
vlan: disable SIOCSHWTSTAMP in container
vrf: sit mtu should not be updated when vrf netdev is the link
tuntap: fix dividing by zero in ebpf queue selection
tuntap: synchronize through tfiles array instead of tun->numqueues
isdn: bas_gigaset: use usb_fill_int_urb() properly
tipc: fix hanging clients using poll with EPOLLOUT flag
drivers/virt/fsl_hypervisor.c: dereferencing error pointers in ioctl
drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl
powerpc/book3s/64: check for NULL pointer in pgd_alloc()
powerpc/powernv/idle: Restore IAMR after idle
powerpc/booke64: set RI in default MSR
PCI: hv: Fix a memory leak in hv_eject_device_work()
PCI: hv: Add hv_pci_remove_slots() when we unload the driver
PCI: hv: Add pci_destroy_slot() in pci_devices_present_work(), if necessary
Linux 4.19.44
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
[ Upstream commit a885bcfd152f97b25005298ab2d6b741aed9b49c ]
The intended behavior of function ipmi_hardcode_init_one() is to default
to kcs interface when no type argument is presented when initializing
ipmi with hard coded addresses.
However, the array of char pointers allocated on the stack by function
ipmi_hardcode_init() was not inited to zeroes, so it contained stack
debris.
Consequently, passing the cruft stored in this array to function
ipmi_hardcode_init_one() caused a crash when it was unable to detect
that the char * being passed was nonsense and tried to access the
address specified by the bogus pointer.
The fix is simply to initialize the si_type array to zeroes, so if
there were no type argument given to at the command line, function
ipmi_hardcode_init_one() could properly default to the kcs interface.
Signed-off-by: Tony Camuso <tcamuso@redhat.com>
Message-Id: <1554837603-40299-1-git-send-email-tcamuso@redhat.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlzEBokACgkQONu9yGCS
aT7G7w/8C93URGM67H7ynkCHTo8y3hkRE2rUJPckJNdS+IJKuecmOphak4tF0h07
qPWDPya70Q1S0cNu661TuVAGrhmE5jBx8/xfZaAOeaaU0xtZive+TfSHdAQQaHct
tDk32O85N1aZ49rDEz9ibr7CGLVFDZtyhxV5gFMYQpjbqA7MzJC61zQg1jHyPSCz
sKjQzW+uXMuSLru8jXHMvp41K5sFFp5gYdQbAVKlWtt79qPxWdxZPJbLbM0LBbtz
XHt9E45Ink3ALF9P6tZ4e6gi4zzlNbh9yR92+X5NK5/8AP57yWba4W9JHWIfMBpC
yyDYTOEAzdxqa2Jrgwr4WTdKH6U7FbQZFmWfTBB4VotbHLBWkVXj0OnF10qxP9eQ
p5wGDTJAlWezhX1BTCfYroglDsvqhj+gHfwHzDRF1Del1dRgydRMQc0qLD1d9tul
ovzwOkx1xyJrM2wq05I5gc0FoVyOL6/KCwqMrpVfKa3WKY7Uttjgf56bMqdIIkns
i/6opzF+wtvwlLlCoXgYPXdm6kbWdgvS+skVHfWcHmZFMuGrFGGzJNwzXb7qnVjK
T0hD1OestsfTyD/amnDNYkNeCkoOZqtHAi+xYOQR4kGY5cxP1lQJf85MgAy6RZSY
h+rjys76Qf6+hTCtrowLr8SgksX4ACWxm+UarfAiiNnnDXwGfu8=
=SrFV
-----END PGP SIGNATURE-----
Merge 4.19.37 into android-4.19
Changes in 4.19.37
bonding: fix event handling for stacked bonds
failover: allow name change on IFF_UP slave interfaces
net: atm: Fix potential Spectre v1 vulnerabilities
net: bridge: fix per-port af_packet sockets
net: bridge: multicast: use rcu to access port list from br_multicast_start_querier
net: Fix missing meta data in skb with vlan packet
net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv
tcp: tcp_grow_window() needs to respect tcp_space()
team: set slave to promisc if team is already in promisc mode
tipc: missing entries in name table of publications
vhost: reject zero size iova range
ipv4: recompile ip options in ipv4_link_failure
ipv4: ensure rcu_read_lock() in ipv4_link_failure()
net: thunderx: raise XDP MTU to 1508
net: thunderx: don't allow jumbo frames with XDP
net/mlx5: FPGA, tls, hold rcu read lock a bit longer
net/tls: prevent bad memory access in tls_is_sk_tx_device_offloaded()
net/mlx5: FPGA, tls, idr remove on flow delete
route: Avoid crash from dereferencing NULL rt->from
sch_cake: Use tc_skb_protocol() helper for getting packet protocol
sch_cake: Make sure we can write the IP header before changing DSCP bits
nfp: flower: replace CFI with vlan present
nfp: flower: remove vlan CFI bit from push vlan action
sch_cake: Simplify logic in cake_select_tin()
net: IP defrag: encapsulate rbtree defrag code into callable functions
net: IP6 defrag: use rbtrees for IPv6 defrag
net: IP6 defrag: use rbtrees in nf_conntrack_reasm.c
CIFS: keep FileInfo handle live during oplock break
cifs: Fix use-after-free in SMB2_write
cifs: Fix use-after-free in SMB2_read
cifs: fix handle leak in smb2_query_symlink()
KVM: x86: Don't clear EFER during SMM transitions for 32-bit vCPU
KVM: x86: svm: make sure NMI is injected after nmi_singlestep
Staging: iio: meter: fixed typo
staging: iio: ad7192: Fix ad7193 channel address
iio: gyro: mpu3050: fix chip ID reading
iio/gyro/bmg160: Use millidegrees for temperature scale
iio:chemical:bme680: Fix, report temperature in millidegrees
iio:chemical:bme680: Fix SPI read interface
iio: cros_ec: Fix the maths for gyro scale calculation
iio: ad_sigma_delta: select channel when reading register
iio: dac: mcp4725: add missing powerdown bits in store eeprom
iio: Fix scan mask selection
iio: adc: at91: disable adc channel interrupt in timeout case
iio: core: fix a possible circular locking dependency
io: accel: kxcjk1013: restore the range after resume.
staging: most: core: use device description as name
staging: comedi: vmk80xx: Fix use of uninitialized semaphore
staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf
staging: comedi: ni_usb6501: Fix use of uninitialized mutex
staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf
ALSA: hda/realtek - add two more pin configuration sets to quirk table
ALSA: core: Fix card races between register and disconnect
Input: elan_i2c - add hardware ID for multiple Lenovo laptops
serial: sh-sci: Fix HSCIF RX sampling point adjustment
serial: sh-sci: Fix HSCIF RX sampling point calculation
vt: fix cursor when clearing the screen
scsi: core: set result when the command cannot be dispatched
Revert "scsi: fcoe: clear FC_RP_STARTED flags when receiving a LOGO"
Revert "svm: Fix AVIC incomplete IPI emulation"
coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping
ipmi: fix sleep-in-atomic in free_user at cleanup SRCU user->release_barrier
crypto: x86/poly1305 - fix overflow during partial reduction
drm/ttm: fix out-of-bounds read in ttm_put_pages() v2
arm64: futex: Restore oldval initialization to work around buggy compilers
x86/kprobes: Verify stack frame on kretprobe
kprobes: Mark ftrace mcount handler functions nokprobe
kprobes: Fix error check when reusing optimized probes
rt2x00: do not increment sequence number while re-transmitting
mac80211: do not call driver wake_tx_queue op during reconfig
drm/amdgpu/gmc9: fix VM_L2_CNTL3 programming
perf/x86/amd: Add event map for AMD Family 17h
x86/cpu/bugs: Use __initconst for 'const' init data
perf/x86: Fix incorrect PEBS_REGS
x86/speculation: Prevent deadlock on ssb_state::lock
timers/sched_clock: Prevent generic sched_clock wrap caused by tick_freeze()
nfit/ars: Remove ars_start_flags
nfit/ars: Introduce scrub_flags
nfit/ars: Allow root to busy-poll the ARS state machine
nfit/ars: Avoid stale ARS results
mmc: sdhci: Fix data command CRC error handling
mmc: sdhci: Rename SDHCI_ACMD12_ERR and SDHCI_INT_ACMD12ERR
mmc: sdhci: Handle auto-command errors
modpost: file2alias: go back to simple devtable lookup
modpost: file2alias: check prototype of handler
tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete
tpm: Fix the type of the return value in calc_tpm2_event_size()
Revert "kbuild: use -Oz instead of -Os when using clang"
sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup
device_cgroup: fix RCU imbalance in error case
mm/vmstat.c: fix /proc/vmstat format for CONFIG_DEBUG_TLBFLUSH=y CONFIG_SMP=n
ALSA: info: Fix racy addition/deletion of nodes
percpu: stop printing kernel addresses
tools include: Adopt linux/bits.h
ASoC: rockchip: add missing INTERLEAVED PCM attribute
i2c-hid: properly terminate i2c_hid_dmi_desc_override_table[] array
Revert "locking/lockdep: Add debug_locks check in __lock_downgrade()"
kernel/sysctl.c: fix out-of-bounds access when setting file-max
Linux 4.19.37
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit b9d0a85d6b2e76630cfd4c475ee3af4109bfd87a upstream
calc_tpm2_event_size() has an invalid signature because
it returns a 'size_t' where as its signature says that
it returns 'int'.
Cc: <stable@vger.kernel.org>
Fixes: 4d23cc323c ("tpm: add securityfs support for TPM 2.0 firmware event log")
Suggested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Yue Haibing <yuehaibing@huawei.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 442601e87a4769a8daba4976ec3afa5222ca211d ]
Return -E2BIG when the transfer is incomplete. The upper layer does
not retry, so not doing that is incorrect behaviour.
Cc: stable@vger.kernel.org
Fixes: a2871c62e1 ("tpm: Add support for Atmel I2C TPMs")
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAly2yf8ACgkQONu9yGCS
aT5OkA/+Jf3UWnM8MdPoxVUROYg6WRSMThvuKkcspkvXxXqu7Z9a/+meqdIZ0NDr
j+RdhCfZf7RRNpTpYB9jMqXXuRFhVWniAVM3/me2LxFvwyKkNqURyIz9azh7T0VW
nDa2NDQ9C0IyLFLW4cyzZncrmWntgW5XKZfVot1TMNpryHB4FPsKP5rInDQpSNIu
bbJBWuZziUqdEnk3TWuqdQr4ZTXgnjYSBaTbOQBU3F6E88TRmFIatyYovLcJCQh5
jBmXV3U6mGPZe64I+JXj8dTp32WD74afMX1YSZmjdLL6KgbD9a4k47UzpXzEbKT8
uMG057zPiYcwOyMCFZOWsCYIH7Yr4oMIAzOEyYcDI1uCuKd4aESdpgiWfUWambR8
BJO5oGELzLArMVWusWK7xBfm+Et2ePOFWC7V9MRVVQJLdAWkEafYuLoPqrhhqxQX
Iu3ThoY3UmEoNqi1345gmxQBJfbOqdK7CwQGzKOtiPNs0nyMfg62B9Rcr9O+FE5A
+womRQF2Tik1cZhXxkJVSD4f+orL+xuOu59ufvMTBe4co9tPVFm9Qp6SeWoOVuwZ
l8SS7DD5wb7vzDUZOO4KmA7D6p3YQWdBvGeN6jKqjASIFS9t5Sb+fNiKznTo/WCT
1I68sLm7/rs95+WazKu66ewW8bh91VAo+Gmpfo5zEJjcfajnDxY=
=F1Te
-----END PGP SIGNATURE-----
Merge 4.19.35 into android-4.19
Changes in 4.19.35
kvm: nVMX: NMI-window and interrupt-window exiting should wake L2 from HLT
drm/i915/gvt: do not let pin count of shadow mm go negative
powerpc/tm: Limit TM code inside PPC_TRANSACTIONAL_MEM
hv_netvsc: Fix unwanted wakeup after tx_disable
ibmvnic: Fix completion structure initialization
ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type
ipv6: Fix dangling pointer when ipv6 fragment
ipv6: sit: reset ip header pointer in ipip6_rcv
kcm: switch order of device registration to fix a crash
net: ethtool: not call vzalloc for zero sized memory request
net-gro: Fix GRO flush when receiving a GSO packet.
net/mlx5: Decrease default mr cache size
netns: provide pure entropy for net_hash_mix()
net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock().
net/sched: act_sample: fix divide by zero in the traffic path
net/sched: fix ->get helper of the matchall cls
openvswitch: fix flow actions reallocation
qmi_wwan: add Olicard 600
r8169: disable ASPM again
sctp: initialize _pad of sockaddr_in before copying to user memory
tcp: Ensure DCTCP reacts to losses
tcp: fix a potential NULL pointer dereference in tcp_sk_exit
vrf: check accept_source_route on the original netdevice
net/mlx5e: Fix error handling when refreshing TIRs
net/mlx5e: Add a lock on tir list
nfp: validate the return code from dev_queue_xmit()
nfp: disable netpoll on representors
bnxt_en: Improve RX consumer index validity check.
bnxt_en: Reset device on RX buffer errors.
net: ip_gre: fix possible use-after-free in erspan_rcv
net: ip6_gre: fix possible use-after-free in ip6erspan_rcv
net: core: netif_receive_skb_list: unlist skb before passing to pt->func
r8169: disable default rx interrupt coalescing on RTL8168
net: mlx5: Add a missing check on idr_find, free buf
net/mlx5e: Update xoff formula
net/mlx5e: Update xon formula
kbuild: deb-pkg: fix bindeb-pkg breakage when O= is used
kbuild: clang: choose GCC_TOOLCHAIN_DIR not on LD
x86/vdso: Drop implicit common-page-size linker flag
lib/string.c: implement a basic bcmp
Revert "clk: meson: clean-up clock registration"
netfilter: nfnetlink_cttimeout: pass default timeout policy to obj_to_nlattr
netfilter: nfnetlink_cttimeout: fetch timeouts for udplite and gre, too
arm64: kaslr: Reserve size of ARM64_MEMSTART_ALIGN in linear region
tty: mark Siemens R3964 line discipline as BROKEN
tty: ldisc: add sysctl to prevent autoloading of ldiscs
hwmon: (w83773g) Select REGMAP_I2C to fix build error
ACPICA: Clear status of GPEs before enabling them
ACPICA: Namespace: remove address node from global list after method termination
ALSA: seq: Fix OOB-reads from strlcpy
ALSA: hda/realtek: Enable headset MIC of Acer TravelMate B114-21 with ALC233
ALSA: hda/realtek - Add quirk for Tuxedo XC 1509
ALSA: hda - Add two more machines to the power_save_blacklist
mm/huge_memory.c: fix modifying of page protection by insert_pfn_pmd()
arm64: dts: rockchip: fix rk3328 sdmmc0 write errors
parisc: Detect QEMU earlier in boot process
parisc: regs_return_value() should return gpr28
parisc: also set iaoq_b in instruction_pointer_set()
alarmtimer: Return correct remaining time
drm/i915/gvt: do not deliver a workload if its creation fails
drm/udl: add a release method and delay modeset teardown
kvm: svm: fix potential get_num_contig_pages overflow
include/linux/bitrev.h: fix constant bitrev
mm: writeback: use exact memcg dirty counts
ASoC: intel: Fix crash at suspend/resume after failed codec registration
ASoC: fsl_esai: fix channel swap issue when stream starts
Btrfs: do not allow trimming when a fs is mounted with the nologreplay option
btrfs: prop: fix zstd compression parameter validation
btrfs: prop: fix vanished compression property after failed set
riscv: Fix syscall_get_arguments() and syscall_set_arguments()
block: do not leak memory in bio_copy_user_iov()
block: fix the return errno for direct IO
genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent()
genirq: Initialize request_mutex if CONFIG_SPARSE_IRQ=n
virtio: Honour 'may_reduce_num' in vring_create_virtqueue
ARM: dts: rockchip: fix rk3288 cpu opp node reference
ARM: dts: am335x-evmsk: Correct the regulators for the audio codec
ARM: dts: am335x-evm: Correct the regulators for the audio codec
ARM: dts: at91: Fix typo in ISC_D0 on PC9
arm64: futex: Fix FUTEX_WAKE_OP atomic ops with non-zero result value
arm64: dts: rockchip: fix rk3328 rgmii high tx error rate
arm64: backtrace: Don't bother trying to unwind the userspace stack
xen: Prevent buffer overflow in privcmd ioctl
sched/fair: Do not re-read ->h_load_next during hierarchical load calculation
xtensa: fix return_address
x86/asm: Remove dead __GNUC__ conditionals
x86/asm: Use stricter assembly constraints in bitops
x86/perf/amd: Resolve race condition when disabling PMC
x86/perf/amd: Resolve NMI latency issues for active PMCs
x86/perf/amd: Remove need to check "running" bit in NMI handler
PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller
PCI: pciehp: Ignore Link State Changes after powering off a slot
dm integrity: change memcmp to strncmp in dm_integrity_ctr
dm: revert 8f50e35815 ("dm: limit the max bio size as BIO_MAX_PAGES * PAGE_SIZE")
dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum errors
dm integrity: fix deadlock with overlapping I/O
arm64: dts: rockchip: fix vcc_host1_5v pin assign on rk3328-rock64
arm64: dts: rockchip: Fix vcc_host1_5v GPIO polarity on rk3328-rock64
ACPICA: AML interpreter: add region addresses in global list during initialization
KVM: x86: nVMX: close leak of L0's x2APIC MSRs (CVE-2019-3887)
KVM: x86: nVMX: fix x2APIC VTPR read intercept
Linux 4.19.35
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit c7084edc3f6d67750f50d4183134c4fb5712a5c8 upstream.
The n_r3964 line discipline driver was written in a different time, when
SMP machines were rare, and users were trusted to do the right thing.
Since then, the world has moved on but not this code, it has stayed
rooted in the past with its lovely hand-crafted list structures and
loads of "interesting" race conditions all over the place.
After attempting to clean up most of the issues, I just gave up and am
now marking the driver as BROKEN so that hopefully someone who has this
hardware will show up out of the woodwork (I know you are out there!)
and will help with debugging a raft of changes that I had laying around
for the code, but was too afraid to commit as odds are they would break
things.
Many thanks to Jann and Linus for pointing out the initial problems in
this codebase, as well as many reviews of my attempts to fix the issues.
It was a case of whack-a-mole, and as you can see, the mole won.
Reported-by: Jann Horn <jannh@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlynu40ACgkQONu9yGCS
aT5X6g//Wkfm/+qSZ0GhLDQkPniiH1QkvzhOmVrrxu+KB0qsiwsEl8Srw33ZVkJK
LT8+IPGiG9jEGu9dj+BYXTIfy9ZvfSsEL2N6GhYwDSXP0fok2rUaHbZvv1IB2g4W
afhGdNwNAUCJ/j1UrUsi+SAFJ+xWbVxFpGstd0cqM9IbKdEV7RIukvuKckHiKOKR
qI8FxC+G2PAr+BtnETfk5/suPDJ7B3ZicDoMhiWJGxJ6dfFTVmkSmasSoPDaMiHm
4S3hN2lu+WTeRpRPPB17Dlk4MmIp0k+bGYBKAlaxAMCc/RZxvbT2pRYaMQbId2/L
mNUfSnOQFGEAhlAPfb7wdbObphnyT34GhlkWfZBTrnhPO0/FomLOvU6xVdcNuakX
Tv2JKfDzb+2ttcMZ+0T84Ru9RztoswFATSw8uFMVxW8oTS6MVWnHu96Kxfl7QO3J
PdlIGcyqxSuWNE8OX1QVtdSruGZfwUDNs94S4nQJtkB8BViRwhGJlqaXuy4d9Wp6
fGlI2W6qhjyosi2wBSMTjh/ytk/jq0vfs+z2XjR2gAYssvB/SOLR/AlSVguWsDnf
WaoFBkXvCbuPvPlo0TrLpl5RW5WlOtLXHE3Vr3dKp458wLwpf/OZBGoZiknp7DrF
PzBZs2ie5tmyqTxbAygl7WkbQPJ682pd5R4nf5CY+zvUaOMZv1g=
=Iuup
-----END PGP SIGNATURE-----
Merge 4.19.34 into android-4.19
Changes in 4.19.34
arm64: debug: Don't propagate UNKNOWN FAR into si_code for debug signals
ext4: cleanup bh release code in ext4_ind_remove_space()
tty/serial: atmel: Add is_half_duplex helper
tty/serial: atmel: RS485 HD w/DMA: enable RX after TX is stopped
CIFS: fix POSIX lock leak and invalid ptr deref
h8300: use cc-cross-prefix instead of hardcoding h8300-unknown-linux-
f2fs: fix to adapt small inline xattr space in __find_inline_xattr()
f2fs: fix to avoid deadlock in f2fs_read_inline_dir()
tracing: kdb: Fix ftdump to not sleep
net/mlx5: Avoid panic when setting vport rate
net/mlx5: Avoid panic when setting vport mac, getting vport config
gpio: gpio-omap: fix level interrupt idling
include/linux/relay.h: fix percpu annotation in struct rchan
sysctl: handle overflow for file-max
net: stmmac: Avoid sometimes uninitialized Clang warnings
enic: fix build warning without CONFIG_CPUMASK_OFFSTACK
libbpf: force fixdep compilation at the start of the build
scsi: hisi_sas: Set PHY linkrate when disconnected
scsi: hisi_sas: Fix a timeout race of driver internal and SMP IO
iio: adc: fix warning in Qualcomm PM8xxx HK/XOADC driver
x86/hyperv: Fix kernel panic when kexec on HyperV
perf c2c: Fix c2c report for empty numa node
mm/sparse: fix a bad comparison
mm/cma.c: cma_declare_contiguous: correct err handling
mm/page_ext.c: fix an imbalance with kmemleak
mm, swap: bounds check swap_info array accesses to avoid NULL derefs
mm,oom: don't kill global init via memory.oom.group
memcg: killed threads should not invoke memcg OOM killer
mm, mempolicy: fix uninit memory access
mm/vmalloc.c: fix kernel BUG at mm/vmalloc.c:512!
mm/slab.c: kmemleak no scan alien caches
ocfs2: fix a panic problem caused by o2cb_ctl
f2fs: do not use mutex lock in atomic context
fs/file.c: initialize init_files.resize_wait
page_poison: play nicely with KASAN
cifs: use correct format characters
dm thin: add sanity checks to thin-pool and external snapshot creation
f2fs: fix to check inline_xattr_size boundary correctly
cifs: Accept validate negotiate if server return NT_STATUS_NOT_SUPPORTED
cifs: Fix NULL pointer dereference of devname
netfilter: nf_tables: check the result of dereferencing base_chain->stats
netfilter: conntrack: tcp: only close if RST matches exact sequence
jbd2: fix invalid descriptor block checksum
fs: fix guard_bio_eod to check for real EOD errors
tools lib traceevent: Fix buffer overflow in arg_eval
PCI/PME: Fix hotplug/sysfs remove deadlock in pcie_pme_remove()
wil6210: check null pointer in _wil_cfg80211_merge_extra_ies
mt76: fix a leaked reference by adding a missing of_node_put
crypto: crypto4xx - add missing of_node_put after of_device_is_available
crypto: cavium/zip - fix collision with generic cra_driver_name
usb: chipidea: Grab the (legacy) USB PHY by phandle first
powerpc/powernv/ioda: Fix locked_vm counting for memory used by IOMMU tables
scsi: core: replace GFP_ATOMIC with GFP_KERNEL in scsi_scan.c
kbuild: invoke syncconfig if include/config/auto.conf.cmd is missing
powerpc/xmon: Fix opcode being uninitialized in print_insn_powerpc
coresight: etm4x: Add support to enable ETMv4.2
serial: 8250_pxa: honor the port number from devicetree
ARM: 8840/1: use a raw_spinlock_t in unwind
iommu/io-pgtable-arm-v7s: Only kmemleak_ignore L2 tables
powerpc/hugetlb: Handle mmap_min_addr correctly in get_unmapped_area callback
btrfs: qgroup: Make qgroup async transaction commit more aggressive
mmc: omap: fix the maximum timeout setting
net: dsa: mv88e6xxx: Add lockdep classes to fix false positive splat
e1000e: Fix -Wformat-truncation warnings
mlxsw: spectrum: Avoid -Wformat-truncation warnings
platform/x86: ideapad-laptop: Fix no_hw_rfkill_list for Lenovo RESCUER R720-15IKBN
platform/mellanox: mlxreg-hotplug: Fix KASAN warning
loop: set GENHD_FL_NO_PART_SCAN after blkdev_reread_part()
IB/mlx4: Increase the timeout for CM cache
clk: fractional-divider: check parent rate only if flag is set
perf annotate: Fix getting source line failure
ASoC: qcom: Fix of-node refcount unbalance in qcom_snd_parse_of()
cpufreq: acpi-cpufreq: Report if CPU doesn't support boost technologies
efi: cper: Fix possible out-of-bounds access
s390/ism: ignore some errors during deregistration
scsi: megaraid_sas: return error when create DMA pool failed
scsi: fcoe: make use of fip_mode enum complete
drm/amd/display: Clear stream->mode_changed after commit
perf test: Fix failure of 'evsel-tp-sched' test on s390
mwifiex: don't advertise IBSS features without FW support
perf report: Don't shadow inlined symbol with different addr range
SoC: imx-sgtl5000: add missing put_device()
media: ov7740: fix runtime pm initialization
media: sh_veu: Correct return type for mem2mem buffer helpers
media: s5p-jpeg: Correct return type for mem2mem buffer helpers
media: rockchip/rga: Correct return type for mem2mem buffer helpers
media: s5p-g2d: Correct return type for mem2mem buffer helpers
media: mx2_emmaprp: Correct return type for mem2mem buffer helpers
media: mtk-jpeg: Correct return type for mem2mem buffer helpers
mt76: usb: do not run mt76u_queues_deinit twice
xen/gntdev: Do not destroy context while dma-bufs are in use
vfs: fix preadv64v2 and pwritev64v2 compat syscalls with offset == -1
HID: intel-ish-hid: avoid binding wrong ishtp_cl_device
cgroup, rstat: Don't flush subtree root unless necessary
jbd2: fix race when writing superblock
leds: lp55xx: fix null deref on firmware load failure
perf report: Add s390 diagnosic sampling descriptor size
iwlwifi: pcie: fix emergency path
ACPI / video: Refactor and fix dmi_is_desktop()
selftests: skip seccomp get_metadata test if not real root
kprobes: Prohibit probing on bsearch()
kprobes: Prohibit probing on RCU debug routine
netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm
ARM: 8833/1: Ensure that NEON code always compiles with Clang
ARM: dts: meson8b: fix the Ethernet data line signals in eth_rgmii_pins
ALSA: PCM: check if ops are defined before suspending PCM
ath10k: fix shadow register implementation for WCN3990
usb: f_fs: Avoid crash due to out-of-scope stack ptr access
sched/topology: Fix percpu data types in struct sd_data & struct s_data
bcache: fix input overflow to cache set sysfs file io_error_halflife
bcache: fix input overflow to sequential_cutoff
bcache: fix potential div-zero error of writeback_rate_i_term_inverse
bcache: improve sysfs_strtoul_clamp()
genirq: Avoid summation loops for /proc/stat
net: marvell: mvpp2: fix stuck in-band SGMII negotiation
iw_cxgb4: fix srqidx leak during connection abort
net: phy: consider latched link-down status in polling mode
fbdev: fbmem: fix memory access if logo is bigger than the screen
cdrom: Fix race condition in cdrom_sysctl_register
drm: rcar-du: add missing of_node_put
drm/amd/display: Don't re-program planes for DPMS changes
drm/amd/display: Disconnect mpcc when changing tg
perf/aux: Make perf_event accessible to setup_aux()
e1000e: fix cyclic resets at link up with active tx
e1000e: Exclude device from suspend direct complete optimization
platform/x86: intel_pmc_core: Fix PCH IP sts reading
i2c: of: Try to find an I2C adapter matching the parent
staging: spi: mt7621: Add return code check on device_reset()
iwlwifi: mvm: fix RFH config command with >=10 CPUs
ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe
sched/debug: Initialize sd_sysctl_cpus if !CONFIG_CPUMASK_OFFSTACK
efi/memattr: Don't bail on zero VA if it equals the region's PA
sched/core: Use READ_ONCE()/WRITE_ONCE() in move_queued_task()/task_rq_lock()
drm/vkms: Bugfix extra vblank frame
ARM: dts: lpc32xx: Remove leading 0x and 0s from bindings notation
efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted
soc: qcom: gsbi: Fix error handling in gsbi_probe()
mt7601u: bump supported EEPROM version
ARM: 8830/1: NOMMU: Toggle only bits in EXC_RETURN we are really care of
ARM: avoid Cortex-A9 livelock on tight dmb loops
block, bfq: fix in-service-queue check for queue merging
bpf: fix missing prototype warnings
selftests/bpf: skip verifier tests for unsupported program types
powerpc/64s: Clear on-stack exception marker upon exception return
cgroup/pids: turn cgroup_subsys->free() into cgroup_subsys->release() to fix the accounting
backlight: pwm_bl: Use gpiod_get_value_cansleep() to get initial state
tty: increase the default flip buffer limit to 2*640K
powerpc/pseries: Perform full re-add of CPU for topology update post-migration
drm/amd/display: Enable vblank interrupt during CRC capture
ALSA: dice: add support for Solid State Logic Duende Classic/Mini
usb: dwc3: gadget: Fix OTG events when gadget driver isn't loaded
platform/x86: intel-hid: Missing power button release on some Dell models
perf script python: Use PyBytes for attr in trace-event-python
perf script python: Add trace_context extension module to sys.modules
media: mt9m111: set initial frame size other than 0x0
hwrng: virtio - Avoid repeated init of completion
soc/tegra: fuse: Fix illegal free of IO base address
HID: intel-ish: ipc: handle PIMR before ish_wakeup also clear PISR busy_clear bit
f2fs: UBSAN: set boolean value iostat_enable correctly
hpet: Fix missing '=' character in the __setup() code of hpet_mmap_enable
cpu/hotplug: Mute hotplug lockdep during init
dmaengine: imx-dma: fix warning comparison of distinct pointer types
dmaengine: qcom_hidma: assign channel cookie correctly
dmaengine: qcom_hidma: initialize tx flags in hidma_prep_dma_*
netfilter: physdev: relax br_netfilter dependency
media: rcar-vin: Allow independent VIN link enablement
media: s5p-jpeg: Check for fmt_ver_flag when doing fmt enumeration
regulator: act8865: Fix act8600_sudcdc_voltage_ranges setting
pinctrl: meson: meson8b: add the eth_rxd2 and eth_rxd3 pins
drm: Auto-set allow_fb_modifiers when given modifiers at plane init
drm/nouveau: Stop using drm_crtc_force_disable
x86/build: Specify elf_i386 linker emulation explicitly for i386 objects
selinux: do not override context on context mounts
brcmfmac: Use firmware_request_nowarn for the clm_blob
wlcore: Fix memory leak in case wl12xx_fetch_firmware failure
x86/build: Mark per-CPU symbols as absolute explicitly for LLD
drm/fb-helper: fix leaks in error path of drm_fb_helper_fbdev_setup
clk: meson: clean-up clock registration
clk: rockchip: fix frac settings of GPLL clock for rk3328
dmaengine: tegra: avoid overflow of byte tracking
Input: soc_button_array - fix mapping of the 5th GPIO in a PNP0C40 device
drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers
net: stmmac: Avoid one more sometimes uninitialized Clang warning
ACPI / video: Extend chassis-type detection with a "Lunch Box" check
bcache: fix potential div-zero error of writeback_rate_p_term_inverse
kprobes/x86: Blacklist non-attachable interrupt functions
Linux 4.19.34
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
[ Upstream commit 24d48a61f2666630da130cc2ec2e526eacf229e3 ]
Commit '3d035f580699 ("drivers/char/hpet.c: allow user controlled mmap for
user processes")' introduced a new kernel command line parameter hpet_mmap,
that is required to expose the memory map of the HPET registers to
user-space. Unfortunately the kernel command line parameter 'hpet_mmap' is
broken and never takes effect due to missing '=' character in the __setup()
code of hpet_mmap_enable.
Before this patch:
dmesg output with the kernel command line parameter hpet_mmap=1
[ 0.204152] HPET mmap disabled
dmesg output with the kernel command line parameter hpet_mmap=0
[ 0.204192] HPET mmap disabled
After this patch:
dmesg output with the kernel command line parameter hpet_mmap=1
[ 0.203945] HPET mmap enabled
dmesg output with the kernel command line parameter hpet_mmap=0
[ 0.204652] HPET mmap disabled
Fixes: 3d035f5806 ("drivers/char/hpet.c: allow user controlled mmap for user processes")
Signed-off-by: Buland Singh <bsingh@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit aef027db48da56b6f25d0e54c07c8401ada6ce21 ]
The virtio-rng driver uses a completion called have_data to wait for a
virtio read to be fulfilled by the hypervisor. The completion is reset
before placing a buffer on the virtio queue and completed by the virtio
callback once data has been written into the buffer.
Prior to this commit, the driver called init_completion on this
completion both during probe as well as when registering virtio buffers
as part of a hwrng read operation. The second of these init_completion
calls should instead be reinit_completion because the have_data
completion has already been inited by probe. As described in
Documentation/scheduler/completion.txt, "Calling init_completion() twice
on the same completion object is most likely a bug".
This bug was present in the initial implementation of virtio-rng in
f7f510ec19 ("virtio: An entropy device, as suggested by hpa"). Back
then the have_data completion was a single static completion rather than
a member of one of potentially multiple virtrng_info structs as
implemented later by 08e53fbdb8 ("virtio-rng: support multiple
virtio-rng devices"). The original driver incorrectly used
init_completion rather than INIT_COMPLETION to reset have_data during
read.
Tested by running `head -c48 /dev/random | hexdump` within crosvm, the
Chrome OS virtual machine monitor, and confirming that the virtio-rng
driver successfully produces random bytes from the host.
Signed-off-by: David Tolnay <dtolnay@gmail.com>
Tested-by: David Tolnay <dtolnay@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlykNfcACgkQONu9yGCS
aT40dRAAiCeYjEC1zH8dkAnbFlKo6IZuhKgISfVTgrWlRe9nUTYaenBXqAfGjufH
EzXHrD1IANRAnFfWg8xt01TNBfTaiEYnYzFmJkWAHFWGKxa5fRU5Kan0MB97r8s9
NjoSRsnFl8l2oJI88zwFa7k89Itop9ST/zvZIgnrysAr+j8yEZb7BZWaU2UrKK/q
qfnJxjfCb/jeqAxwVh3OkasXj0gG2JkGR/uEGTw2EARuI6pvKo5OCzYz0tXTN6ZJ
CSzM4X7dhkGSgLIUw3JOCB28riK9TYbOdPr4MFYMrnoU5VL8+n62tXoKXewobJ1C
2+Pmg5E54r13Rr35eoGCiHsW2LGQrOyvm8S9TFB/0SmTPtzUjFlHBC62Vs/AW5ut
HSmwVy+ILM/xTIdts5QT58Gw+5NCmHxw2oEdrgcct+6FtnR9XPOqZYyzH1tw1ZB+
DL2PqYyT9czuo2bKanWA37M8339q2INDFskXqKRokQ9GNiqUx1E6fNBqtK5SqyDI
CdohtAs7xSQoPPbKDiITOmt82MM8xvefKmqTIvHN5B7Ns4lT1QC74DCXEFEKtw6M
l+p64h6Qw4DiKmqna7fsbKPjmg8pg1lVrCOwD5iUF3JXy+Wxi/OKnr2gqAVMChAq
GSfFFf+MMZhYzJPRQKxOn4GwDBDz5niaWvQmlPcPWLJ5jdbzl+Y=
=Yyc/
-----END PGP SIGNATURE-----
Merge 4.19.33 into android-4.19
Changes in 4.19.33
Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer
ipmi_si: Fix crash when using hard-coded device
dccp: do not use ipv6 header for ipv4 flow
genetlink: Fix a memory leak on error path
gtp: change NET_UDP_TUNNEL dependency to select
ipv6: make ip6_create_rt_rcu return ip6_null_entry instead of NULL
mac8390: Fix mmio access size probe
mISDN: hfcpci: Test both vendor & device ID for Digium HFC4S
net: aquantia: fix rx checksum offload for UDP/TCP over IPv6
net: datagram: fix unbounded loop in __skb_try_recv_datagram()
net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec
net: phy: meson-gxl: fix interrupt support
net: rose: fix a possible stack overflow
net: stmmac: fix memory corruption with large MTUs
net-sysfs: call dev_hold if kobject_init_and_add success
packets: Always register packet sk in the same order
rhashtable: Still do rehash when we get EEXIST
sctp: get sctphdr by offset in sctp_compute_cksum
sctp: use memdup_user instead of vmemdup_user
tcp: do not use ipv6 header for ipv4 flow
tipc: allow service ranges to be connect()'ed on RDM/DGRAM
tipc: change to check tipc_own_id to return in tipc_net_stop
tipc: fix cancellation of topology subscriptions
tun: properly test for IFF_UP
vrf: prevent adding upper devices
vxlan: Don't call gro_cells_destroy() before device is unregistered
ila: Fix rhashtable walker list corruption
net: sched: fix cleanup NULL pointer exception in act_mirr
thunderx: enable page recycling for non-XDP case
thunderx: eliminate extra calls to put_page() for pages held for recycling
tun: add a missing rcu_read_unlock() in error path
powerpc/fsl: Add infrastructure to fixup branch predictor flush
powerpc/fsl: Add macro to flush the branch predictor
powerpc/fsl: Emulate SPRN_BUCSR register
powerpc/fsl: Add nospectre_v2 command line argument
powerpc/fsl: Flush the branch predictor at each kernel entry (64bit)
powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit)
powerpc/fsl: Flush branch predictor when entering KVM
powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used
powerpc/fsl: Update Spectre v2 reporting
powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup'
powerpc/fsl: Fix the flush of branch predictor.
powerpc/security: Fix spectre_v2 reporting
Btrfs: fix incorrect file size after shrinking truncate and fsync
btrfs: remove WARN_ON in log_dir_items
btrfs: don't report readahead errors and don't update statistics
btrfs: raid56: properly unmap parity page in finish_parity_scrub()
btrfs: Avoid possible qgroup_rsv_size overflow in btrfs_calculate_inode_block_rsv_size
Btrfs: fix assertion failure on fsync with NO_HOLES enabled
ARM: imx6q: cpuidle: fix bug that CPU might not wake up at expected time
powerpc: bpf: Fix generation of load/store DW instructions
vfio: ccw: only free cp on final interrupt
NFS: fix mount/umount race in nlmclnt.
NFSv4.1 don't free interrupted slot on open
net: dsa: qca8k: remove leftover phy accessors
ALSA: rawmidi: Fix potential Spectre v1 vulnerability
ALSA: seq: oss: Fix Spectre v1 vulnerability
ALSA: pcm: Fix possible OOB access in PCM oss plugins
ALSA: pcm: Don't suspend stream in unrecoverable PCM state
ALSA: hda/realtek - Add support headset mode for DELL WYSE AIO
ALSA: hda/realtek - Add support headset mode for New DELL WYSE NB
ALSA: hda/realtek: Enable headset MIC of Acer AIO with ALC286
ALSA: hda/realtek: Enable headset MIC of Acer Aspire Z24-890 with ALC286
ALSA: hda/realtek - Add support for Acer Aspire E5-523G/ES1-432 headset mic
ALSA: hda/realtek: Enable ASUS X441MB and X705FD headset MIC with ALC256
ALSA: hda/realtek: Enable headset mic of ASUS P5440FF with ALC256
ALSA: hda/realtek: Enable headset MIC of ASUS X430UN and X512DK with ALC256
ALSA: hda/realtek - Fix speakers on Acer Predator Helios 500 Ryzen laptops
kbuild: modversions: Fix relative CRC byte order interpretation
fs/open.c: allow opening only regular files during execve()
ocfs2: fix inode bh swapping mixup in ocfs2_reflink_inodes_lock
scsi: sd: Fix a race between closing an sd device and sd I/O
scsi: sd: Quiesce warning if device does not report optimal I/O size
scsi: zfcp: fix rport unblock if deleted SCSI devices on Scsi_Host
scsi: zfcp: fix scsi_eh host reset with port_forced ERP for non-NPIV FCP devices
drm/rockchip: vop: reset scale mode when win is disabled
tty: mxs-auart: fix a potential NULL pointer dereference
tty: atmel_serial: fix a potential NULL pointer dereference
tty: serial: qcom_geni_serial: Initialize baud in qcom_geni_console_setup
staging: comedi: ni_mio_common: Fix divide-by-zero for DIO cmdtest
staging: speakup_soft: Fix alternate speech with other synths
staging: vt6655: Remove vif check from vnt_interrupt
staging: vt6655: Fix interrupt race condition on device start up.
staging: erofs: fix to handle error path of erofs_vmap()
serial: max310x: Fix to avoid potential NULL pointer dereference
serial: mvebu-uart: Fix to avoid a potential NULL pointer dereference
serial: sh-sci: Fix setting SCSCR_TIE while transferring data
USB: serial: cp210x: add new device id
USB: serial: ftdi_sio: add additional NovaTech products
USB: serial: mos7720: fix mos_parport refcount imbalance on error path
USB: serial: option: set driver_info for SIM5218 and compatibles
USB: serial: option: add support for Quectel EM12
USB: serial: option: add Olicard 600
Disable kgdboc failed by echo space to /sys/module/kgdboc/parameters/kgdboc
fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links
drm/vgem: fix use-after-free when drm_gem_handle_create() fails
drm/vkms: fix use-after-free when drm_gem_handle_create() fails
drm/i915/gvt: Fix MI_FLUSH_DW parsing with correct index check
gpio: exar: add a check for the return value of ida_simple_get fails
gpio: adnp: Fix testing wrong value in adnp_gpio_direction_input
phy: sun4i-usb: Support set_mode to USB_HOST for non-OTG PHYs
usb: mtu3: fix EXTCON dependency
USB: gadget: f_hid: fix deadlock in f_hidg_write()
usb: common: Consider only available nodes for dr_mode
usb: host: xhci-rcar: Add XHCI_TRUST_TX_LENGTH quirk
xhci: Fix port resume done detection for SS ports with LPM enabled
usb: xhci: dbc: Don't free all memory with spinlock held
xhci: Don't let USB3 ports stuck in polling state prevent suspend
usb: cdc-acm: fix race during wakeup blocking TX traffic
mm: add support for kmem caches in DMA32 zone
iommu/io-pgtable-arm-v7s: request DMA32 memory, and improve debugging
mm: mempolicy: make mbind() return -EIO when MPOL_MF_STRICT is specified
mm/migrate.c: add missing flush_dcache_page for non-mapped page migrate
perf pmu: Fix parser error for uncore event alias
perf intel-pt: Fix TSC slip
objtool: Query pkg-config for libelf location
powerpc/pseries/energy: Use OF accessor functions to read ibm,drc-indexes
powerpc/64: Fix memcmp reading past the end of src/dest
watchdog: Respect watchdog cpumask on CPU hotplug
cpu/hotplug: Prevent crash when CPU bringup fails on CONFIG_HOTPLUG_CPU=n
x86/smp: Enforce CONFIG_HOTPLUG_CPU when SMP=y
KVM: Reject device ioctls from processes other than the VM's creator
KVM: x86: update %rip after emulating IO
KVM: x86: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts
staging: erofs: fix error handling when failed to read compresssed data
staging: erofs: keep corrupted fs from crashing kernel in erofs_readdir()
bpf: do not restore dst_reg when cur_state is freed
drivers: base: Helpers for adding device connection descriptions
platform: x86: intel_cht_int33fe: Register all connections at once
platform: x86: intel_cht_int33fe: Add connection for the DP alt mode
platform: x86: intel_cht_int33fe: Add connections for the USB Type-C port
usb: typec: class: Don't use port parent for getting mux handles
platform: x86: intel_cht_int33fe: Remove the old connections for the muxes
Linux 4.19.33
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Backport from 41b766d661bf94a364960862cfc248a78313dbd3
When excuting a command like:
modprobe ipmi_si ports=0xffc0e3 type=bt
The system would get an oops.
The trouble here is that ipmi_si_hardcode_find_bmc() is called before
ipmi_si_platform_init(), but initialization of the hard-coded device
creates an IPMI platform device, which won't be initialized yet.
The real trouble is that hard-coded devices aren't created with
any device, and the fixup is done later. So do it right, create the
hard-coded devices as normal platform devices.
This required adding some new resource types to the IPMI platform
code for passing information required by the hard-coded device
and adding some code to remove the hard-coded platform devices
on module removal.
To enforce the "hard-coded devices passed by the user take priority
over firmware devices" rule, some special code was added to check
and see if a hard-coded device already exists.
The backport required some minor fixups and adding the device
id table that had been added in another change and was used
in this one.
Reported-by: Yang Yingliang <yangyingliang@huawei.com>
Cc: stable@vger.kernel.org # v4.15+
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Tested-by: Yang Yingliang <yangyingliang@huawei.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlyWhJcACgkQONu9yGCS
aT6XzxAAzP2QGzC4SVPgcFH1woF/d8Cz0zQ81mLXzjXtEPm39fZCM2hbBnxkXLu1
peFyrKNk6/c9541D9gsQCQT6Fu+H6u1bJKcIezlKJ2xyB/MsU1hXkjZrTJYW3RRs
gimy1EGdood2el1ubEBZiaspazoeRzBqtg1Nsmr4V0l+RT8HwtKKw+0+Nxixfp59
NoVkqTpPI5mL0FiH2R9ogcfg3SvgMZOsOhOBjdPvSjiJJsbvIWcW48MCs95XSUpF
R+l/fWn+oiFCcIqBaFheujuqZMvVrUHZHaWAPMuoR/c3Cdf0lTBokdv6UM9c0nv3
61jX5r5ImRI/dfQANN5mbB1YKcs5xOI+I7QZHQ2q4clsWrWyLapXW4clrAZJ6z5t
UVeVbuLV2y5PL9GJyBcXpyY0BOf4e2gZURaPY3C5McNwgybNoiR0ZePqKb8ZhZyh
jYOYRoBjJJpZoVTSt6MNX95NTvGaSAtqKMu1s3IeMfpwCfQKBPMOuBHr/dUqSC6I
U0xxjk/71C15dSPVcTVJT/lmcKc6TXgoagnfbn8GBtDOAjBNsYyUJLQI+db1ERCe
9MEB9k1Z87ROQ5jQCQmWsewOVAtFZBEvSszFmpKv3zTe8M2oFpXG56zckdiumwHU
nSfeZTTeWzsFJd30MioEnGYm3ZwKwZx7wi0x4B4WWvBfSpp20Us=
=xtLx
-----END PGP SIGNATURE-----
Merge 4.19.31 into android-4.19
Changes in 4.19.31
media: videobuf2-v4l2: drop WARN_ON in vb2_warn_zero_bytesused()
9p: use inode->i_lock to protect i_size_write() under 32-bit
9p/net: fix memory leak in p9_client_create
ASoC: fsl_esai: fix register setting issue in RIGHT_J mode
ASoC: codecs: pcm186x: fix wrong usage of DECLARE_TLV_DB_SCALE()
ASoC: codecs: pcm186x: Fix energysense SLEEP bit
iio: adc: exynos-adc: Fix NULL pointer exception on unbind
mei: hbm: clean the feature flags on link reset
mei: bus: move hw module get/put to probe/release
stm class: Fix an endless loop in channel allocation
crypto: caam - fix hash context DMA unmap size
crypto: ccree - fix missing break in switch statement
crypto: caam - fixed handling of sg list
crypto: caam - fix DMA mapping of stack memory
crypto: ccree - fix free of unallocated mlli buffer
crypto: ccree - unmap buffer before copying IV
crypto: ccree - don't copy zero size ciphertext
crypto: cfb - add missing 'chunksize' property
crypto: cfb - remove bogus memcpy() with src == dest
crypto: ahash - fix another early termination in hash walk
crypto: rockchip - fix scatterlist nents error
crypto: rockchip - update new iv to device in multiple operations
drm/imx: ignore plane updates on disabled crtcs
gpu: ipu-v3: Fix i.MX51 CSI control registers offset
drm/imx: imx-ldb: add missing of_node_puts
gpu: ipu-v3: Fix CSI offsets for imx53
ASoC: rt5682: Correct the setting while select ASRC clk for AD/DA filter
clocksource: timer-ti-dm: Fix pwm dmtimer usage of fck reparenting
KVM: arm/arm64: vgic: Make vgic_dist->lpi_list_lock a raw_spinlock
arm64: dts: rockchip: fix graph_port warning on rk3399 bob kevin and excavator
s390/dasd: fix using offset into zero size array error
Input: pwm-vibra - prevent unbalanced regulator
Input: pwm-vibra - stop regulator after disabling pwm, not before
ARM: dts: Configure clock parent for pwm vibra
ARM: OMAP2+: Variable "reg" in function omap4_dsi_mux_pads() could be uninitialized
ASoC: dapm: fix out-of-bounds accesses to DAPM lookup tables
ASoC: rsnd: fixup rsnd_ssi_master_clk_start() user count check
KVM: arm/arm64: Reset the VCPU without preemption and vcpu state loaded
arm/arm64: KVM: Allow a VCPU to fully reset itself
arm/arm64: KVM: Don't panic on failure to properly reset system registers
KVM: arm/arm64: vgic: Always initialize the group of private IRQs
KVM: arm64: Forbid kprobing of the VHE world-switch code
ASoC: samsung: Prevent clk_get_rate() calls in atomic context
ARM: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug
Input: cap11xx - switch to using set_brightness_blocking()
Input: ps2-gpio - flush TX work when closing port
Input: matrix_keypad - use flush_delayed_work()
mac80211: call drv_ibss_join() on restart
mac80211: Fix Tx aggregation session tear down with ITXQs
netfilter: compat: initialize all fields in xt_init
blk-mq: insert rq with DONTPREP to hctx dispatch list when requeue
ipvs: fix dependency on nf_defrag_ipv6
floppy: check_events callback should not return a negative number
xprtrdma: Make sure Send CQ is allocated on an existing compvec
NFS: Don't use page_file_mapping after removing the page
mm/gup: fix gup_pmd_range() for dax
Revert "mm: use early_pfn_to_nid in page_ext_init"
scsi: qla2xxx: Fix panic from use after free in qla2x00_async_tm_cmd
net: dsa: bcm_sf2: potential array overflow in bcm_sf2_sw_suspend()
x86/CPU: Add Icelake model number
mm: page_alloc: fix ref bias in page_frag_alloc() for 1-byte allocs
net: hns: Fix object reference leaks in hns_dsaf_roce_reset()
i2c: cadence: Fix the hold bit setting
i2c: bcm2835: Clear current buffer pointers and counts after a transfer
auxdisplay: ht16k33: fix potential user-after-free on module unload
Input: st-keyscan - fix potential zalloc NULL dereference
clk: sunxi-ng: v3s: Fix TCON reset de-assert bit
kallsyms: Handle too long symbols in kallsyms.c
clk: sunxi: A31: Fix wrong AHB gate number
esp: Skip TX bytes accounting when sending from a request socket
ARM: 8824/1: fix a migrating irq bug when hotplug cpu
bpf: only adjust gso_size on bytestream protocols
bpf: fix lockdep false positive in stackmap
af_key: unconditionally clone on broadcast
ARM: 8835/1: dma-mapping: Clear DMA ops on teardown
assoc_array: Fix shortcut creation
keys: Fix dependency loop between construction record and auth key
scsi: libiscsi: Fix race between iscsi_xmit_task and iscsi_complete_task
net: systemport: Fix reception of BPDUs
net: dsa: bcm_sf2: Do not assume DSA master supports WoL
pinctrl: meson: meson8b: fix the sdxc_a data 1..3 pins
qmi_wwan: apply SET_DTR quirk to Sierra WP7607
net: mv643xx_eth: disable clk on error path in mv643xx_eth_shared_probe()
xfrm: Fix inbound traffic via XFRM interfaces across network namespaces
mailbox: bcm-flexrm-mailbox: Fix FlexRM ring flush timeout issue
ASoC: topology: free created components in tplg load error
qed: Fix iWARP buffer size provided for syn packet processing.
qed: Fix iWARP syn packet mac address validation.
ARM: dts: armada-xp: fix Armada XP boards NAND description
arm64: Relax GIC version check during early boot
ARM: tegra: Restore DT ABI on Tegra124 Chromebooks
net: marvell: mvneta: fix DMA debug warning
mm: handle lru_add_drain_all for UP properly
tmpfs: fix link accounting when a tmpfile is linked in
ixgbe: fix older devices that do not support IXGBE_MRQC_L3L4TXSWEN
ARCv2: lib: memcpy: fix doing prefetchw outside of buffer
ARC: uacces: remove lp_start, lp_end from clobber list
ARCv2: support manual regfile save on interrupts
ARCv2: don't assume core 0x54 has dual issue
phonet: fix building with clang
mac80211_hwsim: propagate genlmsg_reply return code
bpf, lpm: fix lookup bug in map_delete_elem
net: thunderx: make CFG_DONE message to run through generic send-ack sequence
net: thunderx: add nicvf_send_msg_to_pf result check for set_rx_mode_task
nfp: bpf: fix code-gen bug on BPF_ALU | BPF_XOR | BPF_K
nfp: bpf: fix ALU32 high bits clearance bug
bnxt_en: Fix typo in firmware message timeout logic.
bnxt_en: Wait longer for the firmware message response to complete.
net: set static variable an initial value in atl2_probe()
selftests: fib_tests: sleep after changing carrier. again.
tmpfs: fix uninitialized return value in shmem_link
stm class: Prevent division by zero
nfit: acpi_nfit_ctl(): Check out_obj->type in the right place
acpi/nfit: Fix bus command validation
nfit/ars: Attempt a short-ARS whenever the ARS state is idle at boot
nfit/ars: Attempt short-ARS even in the no_init_ars case
libnvdimm/label: Clear 'updating' flag after label-set update
libnvdimm, pfn: Fix over-trim in trim_pfn_device()
libnvdimm/pmem: Honor force_raw for legacy pmem regions
libnvdimm: Fix altmap reservation size calculation
fix cgroup_do_mount() handling of failure exits
crypto: aead - set CRYPTO_TFM_NEED_KEY if ->setkey() fails
crypto: aegis - fix handling chunked inputs
crypto: arm/crct10dif - revert to C code for short inputs
crypto: arm64/aes-neonbs - fix returning final keystream block
crypto: arm64/crct10dif - revert to C code for short inputs
crypto: hash - set CRYPTO_TFM_NEED_KEY if ->setkey() fails
crypto: morus - fix handling chunked inputs
crypto: pcbc - remove bogus memcpy()s with src == dest
crypto: skcipher - set CRYPTO_TFM_NEED_KEY if ->setkey() fails
crypto: testmgr - skip crc32c context test for ahash algorithms
crypto: x86/aegis - fix handling chunked inputs and MAY_SLEEP
crypto: x86/aesni-gcm - fix crash on empty plaintext
crypto: x86/morus - fix handling chunked inputs and MAY_SLEEP
crypto: arm64/aes-ccm - fix logical bug in AAD MAC handling
crypto: arm64/aes-ccm - fix bugs in non-NEON fallback routine
CIFS: Do not reset lease state to NONE on lease break
CIFS: Do not skip SMB2 message IDs on send failures
CIFS: Fix read after write for files with read caching
tracing: Use strncpy instead of memcpy for string keys in hist triggers
tracing: Do not free iter->trace in fail path of tracing_open_pipe()
tracing/perf: Use strndup_user() instead of buggy open-coded version
xen: fix dom0 boot on huge systems
ACPI / device_sysfs: Avoid OF modalias creation for removed device
mmc: sdhci-esdhc-imx: fix HS400 timing issue
mmc:fix a bug when max_discard is 0
netfilter: ipt_CLUSTERIP: fix warning unused variable cn
spi: ti-qspi: Fix mmap read when more than one CS in use
spi: pxa2xx: Setup maximum supported DMA transfer length
regulator: s2mps11: Fix steps for buck7, buck8 and LDO35
regulator: max77620: Initialize values for DT properties
regulator: s2mpa01: Fix step values for some LDOs
clocksource/drivers/exynos_mct: Move one-shot check from tick clear to ISR
clocksource/drivers/exynos_mct: Clear timer interrupt when shutdown
clocksource/drivers/arch_timer: Workaround for Allwinner A64 timer instability
s390/setup: fix early warning messages
s390/virtio: handle find on invalid queue gracefully
scsi: virtio_scsi: don't send sc payload with tmfs
scsi: aacraid: Fix performance issue on logical drives
scsi: sd: Optimal I/O size should be a multiple of physical block size
scsi: target/iscsi: Avoid iscsit_release_commands_from_conn() deadlock
scsi: qla2xxx: Fix LUN discovery if loop id is not assigned yet by firmware
fs/devpts: always delete dcache dentry-s in dput()
splice: don't merge into linked buffers
ovl: During copy up, first copy up data and then xattrs
ovl: Do not lose security.capability xattr over metadata file copy-up
m68k: Add -ffreestanding to CFLAGS
Btrfs: setup a nofs context for memory allocation at btrfs_create_tree()
Btrfs: setup a nofs context for memory allocation at __btrfs_set_acl
btrfs: ensure that a DUP or RAID1 block group has exactly two stripes
Btrfs: fix corruption reading shared and compressed extents after hole punching
soc: qcom: rpmh: Avoid accessing freed memory from batch API
libertas_tf: don't set URB_ZERO_PACKET on IN USB transfer
irqchip/gic-v3-its: Avoid parsing _indirect_ twice for Device table
irqchip/brcmstb-l2: Use _irqsave locking variants in non-interrupt code
x86/kprobes: Prohibit probing on optprobe template code
cpufreq: kryo: Release OPP tables on module removal
cpufreq: tegra124: add missing of_node_put()
cpufreq: pxa2xx: remove incorrect __init annotation
ext4: fix check of inode in swap_inode_boot_loader
ext4: cleanup pagecache before swap i_data
ext4: update quota information while swapping boot loader inode
ext4: add mask of ext4 flags to swap
ext4: fix crash during online resizing
PCI/ASPM: Use LTR if already enabled by platform
PCI/DPC: Fix print AER status in DPC event handling
PCI: dwc: skip MSI init if MSIs have been explicitly disabled
IB/hfi1: Close race condition on user context disable and close
cxl: Wrap iterations over afu slices inside 'afu_list_lock'
ext2: Fix underflow in ext2_max_size()
clk: uniphier: Fix update register for CPU-gear
clk: clk-twl6040: Fix imprecise external abort for pdmclk
clk: samsung: exynos5: Fix possible NULL pointer exception on platform_device_alloc() failure
clk: samsung: exynos5: Fix kfree() of const memory on setting driver_override
clk: ingenic: Fix round_rate misbehaving with non-integer dividers
clk: ingenic: Fix doc of ingenic_cgu_div_info
usb: chipidea: tegra: Fix missed ci_hdrc_remove_device()
usb: typec: tps6598x: handle block writes separately with plain-I2C adapters
dmaengine: usb-dmac: Make DMAC system sleep callbacks explicit
mm: hwpoison: fix thp split handing in soft_offline_in_use_page()
mm/vmalloc: fix size check for remap_vmalloc_range_partial()
mm/memory.c: do_fault: avoid usage of stale vm_area_struct
kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv
device property: Fix the length used in PROPERTY_ENTRY_STRING()
intel_th: Don't reference unassigned outputs
parport_pc: fix find_superio io compare code, should use equal test.
i2c: tegra: fix maximum transfer size
media: i2c: ov5640: Fix post-reset delay
gpio: pca953x: Fix dereference of irq data in shutdown
can: flexcan: FLEXCAN_IFLAG_MB: add () around macro argument
drm/i915: Relax mmap VMA check
bpf: only test gso type on gso packets
serial: uartps: Fix stuck ISR if RX disabled with non-empty FIFO
serial: 8250_of: assume reg-shift of 2 for mrvl,mmp-uart
serial: 8250_pci: Fix number of ports for ACCES serial cards
serial: 8250_pci: Have ACCES cards that use the four port Pericom PI7C9X7954 chip use the pci_pericom_setup()
jbd2: clear dirty flag when revoking a buffer from an older transaction
jbd2: fix compile warning when using JBUFFER_TRACE
selinux: add the missing walk_size + len check in selinux_sctp_bind_connect
security/selinux: fix SECURITY_LSM_NATIVE_LABELS on reused superblock
powerpc/32: Clear on-stack exception marker upon exception return
powerpc/wii: properly disable use of BATs when requested.
powerpc/powernv: Make opal log only readable by root
powerpc/83xx: Also save/restore SPRG4-7 during suspend
powerpc/powernv: Don't reprogram SLW image on every KVM guest entry/exit
powerpc: Fix 32-bit KVM-PR lockup and host crash with MacOS guest
powerpc/ptrace: Simplify vr_get/set() to avoid GCC warning
powerpc/hugetlb: Don't do runtime allocation of 16G pages in LPAR configuration
powerpc/traps: fix recoverability of machine check handling on book3s/32
powerpc/traps: Fix the message printed when stack overflows
ARM: s3c24xx: Fix boolean expressions in osiris_dvs_notify
arm64: Fix HCR.TGE status for NMI contexts
arm64: debug: Ensure debug handlers check triggering exception level
arm64: KVM: Fix architecturally invalid reset value for FPEXC32_EL2
ipmi_si: fix use-after-free of resource->name
dm: fix to_sector() for 32bit
dm integrity: limit the rate of error messages
mfd: sm501: Fix potential NULL pointer dereference
cpcap-charger: generate events for userspace
NFS: Fix I/O request leakages
NFS: Fix an I/O request leakage in nfs_do_recoalesce
NFS: Don't recoalesce on error in nfs_pageio_complete_mirror()
nfsd: fix performance-limiting session calculation
nfsd: fix memory corruption caused by readdir
nfsd: fix wrong check in write_v4_end_grace()
NFSv4.1: Reinitialise sequence results before retransmitting a request
svcrpc: fix UDP on servers with lots of threads
PM / wakeup: Rework wakeup source timer cancellation
bcache: never writeback a discard operation
stable-kernel-rules.rst: add link to networking patch queue
vt: perform safe console erase in the right order
x86/unwind/orc: Fix ORC unwind table alignment
perf intel-pt: Fix CYC timestamp calculation after OVF
perf tools: Fix split_kallsyms_for_kcore() for trampoline symbols
perf auxtrace: Define auxtrace record alignment
perf intel-pt: Fix overlap calculation for padding
perf/x86/intel/uncore: Fix client IMC events return huge result
perf intel-pt: Fix divide by zero when TSC is not available
md: Fix failed allocation of md_register_thread
tpm/tpm_crb: Avoid unaligned reads in crb_recv()
tpm: Unify the send callback behaviour
rcu: Do RCU GP kthread self-wakeup from softirq and interrupt
media: imx: prpencvf: Stop upstream before disabling IDMA channel
media: lgdt330x: fix lock status reporting
media: uvcvideo: Avoid NULL pointer dereference at the end of streaming
media: vimc: Add vimc-streamer for stream control
media: imx: csi: Disable CSI immediately after last EOF
media: imx: csi: Stop upstream before disabling IDMA channel
drm/fb-helper: generic: Fix drm_fbdev_client_restore()
drm/radeon/evergreen_cs: fix missing break in switch statement
drm/amd/powerplay: correct power reading on fiji
drm/amd/display: don't call dm_pp_ function from an fpu block
KVM: Call kvm_arch_memslots_updated() before updating memslots
KVM: x86/mmu: Detect MMIO generation wrap in any address space
KVM: x86/mmu: Do not cache MMIO accesses while memslots are in flux
KVM: nVMX: Sign extend displacements of VMX instr's mem operands
KVM: nVMX: Apply addr size mask to effective address for VMX instructions
KVM: nVMX: Ignore limit checks on VMX instructions using flat segments
bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata
s390/setup: fix boot crash for machine without EDAT-1
Linux 4.19.31
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit f5595f5baa30e009bf54d0d7653a9a0cc465be60 upstream.
The send() callback should never return length as it does not in every
driver except tpm_crb in the success case. The reason is that the main
transmit functionality only cares about whether the transmit was
successful or not and ignores the count completely.
Suggested-by: Stefan Berger <stefanb@linux.ibm.com>
Cc: stable@vger.kernel.org
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com>
Tested-by: Alexander Steffen <Alexander.Steffen@infineon.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 3d7a850fdc1a2e4d2adbc95cc0fc962974725e88 upstream.
The current approach to read first 6 bytes from the response and then tail
of the response, can cause the 2nd memcpy_fromio() to do an unaligned read
(e.g. read 32-bit word from address aligned to a 16-bits), depending on how
memcpy_fromio() is implemented. If this happens, the read will fail and the
memory controller will fill the read with 1's.
This was triggered by 170d13ca3a2f, which should be probably refined to
check and react to the address alignment. Before that commit, on x86
memcpy_fromio() turned out to be memcpy(). By a luck GCC has done the right
thing (from tpm_crb's perspective) for us so far, but we should not rely on
that. Thus, it makes sense to fix this also in tpm_crb, not least because
the fix can be then backported to stable kernels and make them more robust
when compiled in differing environments.
Cc: stable@vger.kernel.org
Cc: James Morris <jmorris@namei.org>
Cc: Tomas Winkler <tomas.winkler@intel.com>
Cc: Jerry Snitselaar <jsnitsel@redhat.com>
Fixes: 30fc8d138e ("tpm: TPM 2.0 CRB Interface")
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com>
Acked-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlyEq/IACgkQONu9yGCS
aT77AhAAgqbxHsKsgqh7JV477xEgLqrLKYw+/6Bx+l79fUZoaR3PRwM62UEzikPQ
KbvutNuOHOWuJA0Xyj5gqV4SJaqBOkoGNnHFOBi/qjtFUsOlBFrlGpow+0fsP/ay
Bmo0LhoTvBub4ap7bJt4pwel/elWYVtOkA1Qgv3OCiDkTorYuPTbIUyuAVOJJbRn
sZ1eKi00CQPrN65Rxgci0g0p/m7JWpvW2zqmDNZJuZZeEmSLdrrZGwt5ExiI6oKz
CqX/VBGChEesMTEOLsSfRyg6NZW3j4rOUaCzkxDq/Tsh9XqNabhk1jod2p3t7Nmu
n5Js3ujfuyCKf5tD49Z8xy5A++nYyJLa5jbFnURr2H/ZJPla0CHuc4RoFf/wFYr4
xQAeA3XXiZZB02n6oZlweUSp7hVnCgLJ4Ev2ctAyPUpyf4ncl+vffzj40bozFvAC
adJE1UyEJp0xUuRVdx0I+HyueHcWmRIAgs0iz9B5S2KNc4rYDqE+/t+ddrNqjvSF
+C33nMn+7A+ngmQlwWjOBaZhhQn3qWrWU0ACERbIG/DUD2voBYu3oIfQzKsXTt0V
erSSDq0KSy73PRKN4Tzf2GnDUAlNITUuyFgWITOg8p29HuXJO00p4MQ7fOMYacyB
WdwXFB7islUtUoA8nEedZgF7IF1WRh6Iz2HJ5uMTl6pCMSV+8Dk=
=OvW8
-----END PGP SIGNATURE-----
Merge 4.19.28 into android-4.19
Changes in 4.19.28
cpufreq: Use struct kobj_attribute instead of struct global_attr
staging: erofs: fix mis-acted TAIL merging behavior
USB: serial: option: add Telit ME910 ECM composition
USB: serial: cp210x: add ID for Ingenico 3070
USB: serial: ftdi_sio: add ID for Hjelmslund Electronics USB485
staging: erofs: fix illegal address access under memory pressure
staging: erofs: compressed_pages should not be accessed again after freed
staging: comedi: ni_660x: fix missing break in switch statement
staging: wilc1000: fix to set correct value for 'vif_num'
staging: android: ion: fix sys heap pool's gfp_flags
staging: android: ashmem: Don't call fallocate() with ashmem_mutex held.
staging: android: ashmem: Avoid range_alloc() allocation with ashmem_mutex held.
ip6mr: Do not call __IP6_INC_STATS() from preemptible context
net: dsa: mv88e6xxx: handle unknown duplex modes gracefully in mv88e6xxx_port_set_duplex
net: dsa: mv8e6xxx: fix number of internal PHYs for 88E6x90 family
net: sched: put back q.qlen into a single location
net-sysfs: Fix mem leak in netdev_register_kobject
qmi_wwan: Add support for Quectel EG12/EM12
sctp: call iov_iter_revert() after sending ABORT
sky2: Disable MSI on Dell Inspiron 1545 and Gateway P-79
team: Free BPF filter when unregistering netdev
tipc: fix RDM/DGRAM connect() regression
bnxt_en: Drop oversize TX packets to prevent errors.
geneve: correctly handle ipv6.disable module parameter
hv_netvsc: Fix IP header checksum for coalesced packets
ipv4: Add ICMPv6 support when parse route ipproto
lan743x: Fix TX Stall Issue
net: dsa: mv88e6xxx: Fix statistics on mv88e6161
net: dsa: mv88e6xxx: Fix u64 statistics
netlabel: fix out-of-bounds memory accesses
net: netem: fix skb length BUG_ON in __skb_to_sgvec
net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails
net: phy: Micrel KSZ8061: link failure after cable connect
net: phy: phylink: fix uninitialized variable in phylink_get_mac_state
net: sit: fix memory leak in sit_init_net()
net: socket: set sock->sk to NULL after calling proto_ops::release()
tipc: fix race condition causing hung sendto
tun: fix blocking read
xen-netback: don't populate the hash cache on XenBus disconnect
xen-netback: fix occasional leak of grant ref mappings under memory pressure
tun: remove unnecessary memory barrier
net: Add __icmp_send helper.
net: avoid use IPCB in cipso_v4_error
ipv4: Return error for RTA_VIA attribute
ipv6: Return error for RTA_VIA attribute
mpls: Return error for RTA_GATEWAY attribute
ipv4: Pass original device to ip_rcv_finish_core
net: dsa: mv88e6xxx: power serdes on/off for 10G interfaces on 6390X
net: dsa: mv88e6xxx: prevent interrupt storm caused by mv88e6390x_port_set_cmode
net/sched: act_ipt: fix refcount leak when replace fails
net/sched: act_skbedit: fix refcount leak when replace fails
net: sched: act_tunnel_key: fix NULL pointer dereference during init
x86/CPU/AMD: Set the CPB bit unconditionally on F17h
x86/boot/compressed/64: Do not read legacy ROM on EFI system
tracing: Fix event filters and triggers to handle negative numbers
usb: xhci: Fix for Enabling USB ROLE SWITCH QUIRK on INTEL_SUNRISEPOINT_LP_XHCI
applicom: Fix potential Spectre v1 vulnerabilities
MIPS: irq: Allocate accurate order pages for irq stack
aio: Fix locking in aio_poll()
xtensa: fix get_wchan
gnss: sirf: fix premature wakeup interrupt enable
USB: serial: cp210x: fix GPIO in autosuspend
selftests: firmware: fix verify_reqs() return value
Bluetooth: btrtl: Restore old logic to assume firmware is already loaded
Bluetooth: Fix locking in bt_accept_enqueue() for BH context
exec: Fix mem leak in kernel_read_file
scsi: core: reset host byte in DID_NEXUS_FAILURE case
bpf: fix sanitation rewrite in case of non-pointers
Linux 4.19.28
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit d7ac3c6ef5d8ce14b6381d52eb7adafdd6c8bb3c upstream.
IndexCard is indirectly controlled by user-space, hence leading to
a potential exploitation of the Spectre variant 1 vulnerability.
This issue was detected with the help of Smatch:
drivers/char/applicom.c:418 ac_write() warn: potential spectre issue 'apbs' [r]
drivers/char/applicom.c:728 ac_ioctl() warn: potential spectre issue 'apbs' [r] (local cap)
Fix this by sanitizing IndexCard before using it to index apbs.
Notice that given that speculation windows are large, the policy is
to kill the speculation on the first load and not worry if it can be
completed with a dependent load/store [1].
[1] https://lore.kernel.org/lkml/20180423164740.GY17484@dhcp22.suse.cz/
Cc: stable@vger.kernel.org
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlxSoGgACgkQONu9yGCS
aT5IShAAmr4efAHaepYtsEM5q7hpYwdIXauhfmVzYS1KITQ0L+FSO6b6r18/X/Xu
ZnGr87x9s7rzTwbgW9EK+cPBE7tVI3Tlem1prTSAQLneiv2zN/iTvJigWGUmifB/
+xldQxiM1S8j6dlVTu0lFl9P8voJ/zFA1II1DV4KJYiPX2lfVis77Tolcd/3TUJ4
V67abXHeAsLc+bU8kcMxamVievyQndwVlMT4XjStJyl6xy1zDozgiNwphyLqT7yc
GY0H4jCbFNLfhZlMQgpHanvXzHshbJ4VtMNnjmUApplftzrVf864rgi+sRcoHWK/
Q6ER8LtgFYoqwG1ZjLUIEMChjhs/Xv+FLHWsCvCIkINyzo0PSgubnbYQVccXkBmB
XSZ62YTh9sdQtdihWUly0Gr53yMvSn9+ndwJjvBDEErjC9b/D9jOLMcY1L/cCDaQ
J34dp6ES+6YdQjAu0TEwuuJHMdGR+BvtKgGIL7V6ujxZhuU39eaJ0QLZktsmIO12
qWQyUKaLA450Qqiqza7foTWAVM6nFu9fd9xsZUKZV6lNnFjKYy/vWjhHsMCR8eKi
aojGiRVRNnrlIwgk9h7H4EiuRkK3CJFc9jyZhA6u05NLMdIjD9YuLaMLHuSN0R+m
lSgdmM3dVC4gyosKZHGdwzX/ytHTQiA8QRb4SWEnck7piKyWplg=
=/rR0
-----END PGP SIGNATURE-----
Merge 4.19.19 into android-4.19
Changes in 4.19.19
amd-xgbe: Fix mdio access for non-zero ports and clause 45 PHYs
net: bridge: Fix ethernet header pointer before check skb forwardable
net: Fix usage of pskb_trim_rcsum
net: phy: marvell: Errata for mv88e6390 internal PHYs
net: phy: mdio_bus: add missing device_del() in mdiobus_register() error handling
net/sched: act_tunnel_key: fix memory leak in case of action replace
net_sched: refetch skb protocol for each filter
openvswitch: Avoid OOB read when parsing flow nlattrs
vhost: log dirty page correctly
mlxsw: pci: Increase PCI SW reset timeout
net: ipv4: Fix memory leak in network namespace dismantle
mlxsw: spectrum_fid: Update dummy FID index
mlxsw: pci: Ring CQ's doorbell before RDQ's
net/sched: cls_flower: allocate mask dynamically in fl_change()
udp: with udp_segment release on error path
ip6_gre: fix tunnel list corruption for x-netns
erspan: build the header with the right proto according to erspan_ver
net: phy: marvell: Fix deadlock from wrong locking
ip6_gre: update version related info when changing link
tcp: allow MSG_ZEROCOPY transmission also in CLOSE_WAIT state
mei: me: mark LBG devices as having dma support
mei: me: add denverton innovation engine device IDs
USB: leds: fix regression in usbport led trigger
USB: serial: simple: add Motorola Tetra TPG2200 device id
USB: serial: pl2303: add new PID to support PL2303TB
ceph: clear inode pointer when snap realm gets dropped by its inode
ASoC: atom: fix a missing check of snd_pcm_lib_malloc_pages
ASoC: rt5514-spi: Fix potential NULL pointer dereference
ASoC: tlv320aic32x4: Kernel OOPS while entering DAPM standby mode
clk: socfpga: stratix10: fix rate calculation for pll clocks
clk: socfpga: stratix10: fix naming convention for the fixed-clocks
inotify: Fix fd refcount leak in inotify_add_watch().
ALSA: hda/realtek - Fix typo for ALC225 model
ALSA: hda - Add mute LED support for HP ProBook 470 G5
ARCv2: lib: memeset: fix doing prefetchw outside of buffer
ARC: adjust memblock_reserve of kernel memory
ARC: perf: map generic branches to correct hardware condition
s390/mm: always force a load of the primary ASCE on context switch
s390/early: improve machine detection
s390/smp: fix CPU hotplug deadlock with CPU rescan
misc: ibmvsm: Fix potential NULL pointer dereference
char/mwave: fix potential Spectre v1 vulnerability
mmc: dw_mmc-bluefield: : Fix the license information
mmc: meson-gx: Free irq in release() callback
staging: rtl8188eu: Add device code for D-Link DWA-121 rev B1
tty: Handle problem if line discipline does not have receive_buf
uart: Fix crash in uart_write and uart_put_char
tty/n_hdlc: fix __might_sleep warning
hv_balloon: avoid touching uninitialized struct page during tail onlining
Drivers: hv: vmbus: Check for ring when getting debug info
vgacon: unconfuse vc_origin when using soft scrollback
CIFS: Fix possible hang during async MTU reads and writes
CIFS: Fix credits calculations for reads with errors
CIFS: Fix credit calculation for encrypted reads with errors
CIFS: Do not reconnect TCP session in add_credits()
smb3: add credits we receive from oplock/break PDUs
Input: xpad - add support for SteelSeries Stratus Duo
Input: input_event - provide override for sparc64
Input: uinput - fix undefined behavior in uinput_validate_absinfo()
acpi/nfit: Block function zero DSMs
acpi/nfit: Fix command-supported detection
scsi: ufs: Use explicit access size in ufshcd_dump_regs
dm thin: fix passdown_double_checking_shared_status()
dm crypt: fix parsing of extended IV arguments
drm/amdgpu: Add APTX quirk for Lenovo laptop
KVM: x86: Fix single-step debugging
KVM: x86: Fix PV IPIs for 32-bit KVM host
KVM: x86: WARN_ONCE if sending a PV IPI returns a fatal error
kvm: x86/vmx: Use kzalloc for cached_vmcs12
KVM/nVMX: Do not validate that posted_intr_desc_addr is page aligned
x86/pkeys: Properly copy pkey state at fork()
x86/selftests/pkeys: Fork() to check for state being preserved
x86/kaslr: Fix incorrect i8254 outb() parameters
x86/entry/64/compat: Fix stack switching for XEN PV
posix-cpu-timers: Unbreak timer rearming
net: sun: cassini: Cleanup license conflict
irqchip/gic-v3-its: Align PCI Multi-MSI allocation on their size
can: dev: __can_get_echo_skb(): fix bogous check for non-existing skb by removing it
can: bcm: check timer values before ktime conversion
can: flexcan: fix NULL pointer exception during bringup
vt: make vt_console_print() compatible with the unicode screen buffer
vt: always call notifier with the console lock held
vt: invoke notifier on screen size change
drm/meson: Fix atomic mode switching regression
bpf: improve verifier branch analysis
bpf: add per-insn complexity limit
bpf: move {prev_,}insn_idx into verifier env
bpf: move tmp variable into ax register in interpreter
bpf: enable access to ax register also from verifier rewrite
bpf: restrict map value pointer arithmetic for unprivileged
bpf: restrict stack pointer arithmetic for unprivileged
bpf: restrict unknown scalars of mixed signed bounds for unprivileged
bpf: fix check_map_access smin_value test when pointer contains offset
bpf: prevent out of bounds speculation on pointer arithmetic
bpf: fix sanitation of alu op with pointer / scalar type from different paths
bpf: fix inner map masking to prevent oob under speculation
s390/smp: Fix calling smp_call_ipl_cpu() from ipl CPU
nvmet-rdma: Add unlikely for response allocated check
nvmet-rdma: fix null dereference under heavy load
Revert "mm, memory_hotplug: initialize struct pages for the full memory section"
usb: dwc3: gadget: Clear req->needs_extra_trb flag on cleanup
ide: fix a typo in the settings proc file name
Input: input_event - fix the CONFIG_SPARC64 mixup
Linux 4.19.19
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit 701956d4018e5d5438570e39e8bda47edd32c489 upstream.
ipcnum is indirectly controlled by user-space, hence leading to
a potential exploitation of the Spectre variant 1 vulnerability.
This issue was detected with the help of Smatch:
drivers/char/mwave/mwavedd.c:299 mwave_ioctl() warn: potential spectre issue 'pDrvData->IPCs' [w] (local cap)
Fix this by sanitizing ipcnum before using it to index pDrvData->IPCs.
Notice that given that speculation windows are large, the policy is
to kill the speculation on the first load and not worry if it can be
completed with a dependent load/store [1].
[1] https://marc.info/?l=linux-kernel&m=152449131114778&w=2
Cc: stable@vger.kernel.org
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlxMGy0ACgkQONu9yGCS
aT5ppQ/8COjyZg1aTrCrd0ttMHYotw3Lb4B6E/SCf2ub4X38SxGz9irhQ7r2FKdK
w0ZXlLOF2ddqWe6BUnIfWago4Pk1GBpg3bgnp5XyYTjlJbfI2yZ9ggiO0iNYBPaL
fN2JwM9eze/7cDlpYbhwGpF4+Wz8wTrzh+NIputcvC6n3SQH/cTGmOUa9rlamQju
uukkvLanAYY3sqDCl4B415Ds44ROU4filqHYIkvZC81jc3Q0YZ8M7cTmpLcDQKGz
8Z+Veil07jEM9bF2W8iX79nwxMT+edFC62HMuRCoxJKq+1kccw1TVMWpQ8TWbv13
zeLOqXxNP6VcNaC251q3QzlInRDp1dtr8KtzA/OG0WFnZBTEDng/iChhiL8qZt0R
9+Sz7n9uZ5pMRK3tr03Ccjg3AneKWRqad2iaTB/kOwAdu7Uqxz8U9qUuRDFPV7OY
KTMCCfdS8XpMHl/S+Cvg2dqSNiBEkNmowYO6NvQClG0aoN4/6wH+m2TZ0hCl6PVq
pNFOTJmp7FOaztEZC4rqW8DoOGeGaNo5DP9A2XKKDR20F7EiAE437ApEQ4p5QGVk
ek4uslZkwJWU/UOzXRl/Hoz0OlI0ixsdZy1vw88HCl7SD1E7xHJpnRUkOjigTT1Q
nbCt0Nm/A2+c1tKbzU+PVW8FtIbutZhW1BtrqaIbbHr9NBTICR0=
=Yg+/
-----END PGP SIGNATURE-----
Merge 4.19.18 into android-4.19
Changes in 4.19.18
ipv6: Consider sk_bound_dev_if when binding a socket to a v4 mapped address
mlxsw: spectrum: Disable lag port TX before removing it
mlxsw: spectrum_switchdev: Set PVID correctly during VLAN deletion
net: dsa: mv88x6xxx: mv88e6390 errata
net, skbuff: do not prefer skb allocation fails early
qmi_wwan: add MTU default to qmap network interface
r8169: Add support for new Realtek Ethernet
ipv6: Take rcu_read_lock in __inet6_bind for mapped addresses
net: clear skb->tstamp in bridge forwarding path
netfilter: ipset: Allow matching on destination MAC address for mac and ipmac sets
gpio: pl061: Move irq_chip definition inside struct pl061
drm/amd/display: Guard against null stream_state in set_crc_source
drm/amdkfd: fix interrupt spin lock
ixgbe: allow IPsec Tx offload in VEPA mode
platform/x86: asus-wmi: Tell the EC the OS will handle the display off hotkey
e1000e: allow non-monotonic SYSTIM readings
usb: typec: tcpm: Do not disconnect link for self powered devices
selftests/bpf: enable (uncomment) all tests in test_libbpf.sh
of: overlay: add missing of_node_put() after add new node to changeset
writeback: don't decrement wb->refcnt if !wb->bdi
serial: set suppress_bind_attrs flag only if builtin
bpf: Allow narrow loads with offset > 0
ALSA: oxfw: add support for APOGEE duet FireWire
x86/mce: Fix -Wmissing-prototypes warnings
MIPS: SiByte: Enable swiotlb for SWARM, LittleSur and BigSur
crypto: ecc - regularize scalar for scalar multiplication
arm64: perf: set suppress_bind_attrs flag to true
drm/atomic-helper: Complete fake_commit->flip_done potentially earlier
clk: meson: meson8b: fix incorrect divider mapping in cpu_scale_table
samples: bpf: fix: error handling regarding kprobe_events
usb: gadget: udc: renesas_usb3: add a safety connection way for forced_b_device
fpga: altera-cvp: fix probing for multiple FPGAs on the bus
selinux: always allow mounting submounts
ASoC: pcm3168a: Don't disable pcm3168a when CONFIG_PM defined
scsi: qedi: Check for session online before getting iSCSI TLV data.
drm/amdgpu: Reorder uvd ring init before uvd resume
rxe: IB_WR_REG_MR does not capture MR's iova field
efi/libstub: Disable some warnings for x86{,_64}
jffs2: Fix use of uninitialized delayed_work, lockdep breakage
clk: imx: make mux parent strings const
pstore/ram: Do not treat empty buffers as valid
media: uvcvideo: Refactor teardown of uvc on USB disconnect
powerpc/xmon: Fix invocation inside lock region
powerpc/pseries/cpuidle: Fix preempt warning
media: firewire: Fix app_info parameter type in avc_ca{,_app}_info
ASoC: use dma_ops of parent device for acp_audio_dma
media: venus: core: Set dma maximum segment size
staging: erofs: fix use-after-free of on-stack `z_erofs_vle_unzip_io'
net: call sk_dst_reset when set SO_DONTROUTE
scsi: target: use consistent left-aligned ASCII INQUIRY data
scsi: target/core: Make sure that target_wait_for_sess_cmds() waits long enough
selftests: do not macro-expand failed assertion expressions
arm64: kasan: Increase stack size for KASAN_EXTRA
clk: imx6q: reset exclusive gates on init
arm64: Fix minor issues with the dcache_by_line_op macro
bpf: relax verifier restriction on BPF_MOV | BPF_ALU
kconfig: fix file name and line number of warn_ignored_character()
kconfig: fix memory leak when EOF is encountered in quotation
mmc: atmel-mci: do not assume idle after atmci_request_end
btrfs: volumes: Make sure there is no overlap of dev extents at mount time
btrfs: alloc_chunk: fix more DUP stripe size handling
btrfs: fix use-after-free due to race between replace start and cancel
btrfs: improve error handling of btrfs_add_link
tty/serial: do not free trasnmit buffer page under port lock
perf intel-pt: Fix error with config term "pt=0"
perf tests ARM: Disable breakpoint tests 32-bit
perf svghelper: Fix unchecked usage of strncpy()
perf parse-events: Fix unchecked usage of strncpy()
perf vendor events intel: Fix Load_Miss_Real_Latency on SKL/SKX
netfilter: ipt_CLUSTERIP: check MAC address when duplicate config is set
netfilter: ipt_CLUSTERIP: remove wrong WARN_ON_ONCE in netns exit routine
netfilter: ipt_CLUSTERIP: fix deadlock in netns exit routine
x86/topology: Use total_cpus for max logical packages calculation
dm crypt: use u64 instead of sector_t to store iv_offset
dm kcopyd: Fix bug causing workqueue stalls
perf stat: Avoid segfaults caused by negated options
tools lib subcmd: Don't add the kernel sources to the include path
dm snapshot: Fix excessive memory usage and workqueue stalls
perf cs-etm: Correct packets swapping in cs_etm__flush()
perf tools: Add missing sigqueue() prototype for systems lacking it
perf tools: Add missing open_memstream() prototype for systems lacking it
quota: Lock s_umount in exclusive mode for Q_XQUOTA{ON,OFF} quotactls.
clocksource/drivers/integrator-ap: Add missing of_node_put()
dm: Check for device sector overflow if CONFIG_LBDAF is not set
Bluetooth: btusb: Add support for Intel bluetooth device 8087:0029
ALSA: bebob: fix model-id of unit for Apogee Ensemble
sysfs: Disable lockdep for driver bind/unbind files
IB/usnic: Fix potential deadlock
scsi: mpt3sas: fix memory ordering on 64bit writes
scsi: smartpqi: correct lun reset issues
ath10k: fix peer stats null pointer dereference
scsi: smartpqi: call pqi_free_interrupts() in pqi_shutdown()
scsi: megaraid: fix out-of-bound array accesses
iomap: don't search past page end in iomap_is_partially_uptodate
ocfs2: fix panic due to unrecovered local alloc
mm/page-writeback.c: don't break integrity writeback on ->writepage() error
mm/swap: use nr_node_ids for avail_lists in swap_info_struct
userfaultfd: clear flag if remap event not enabled
mm, proc: be more verbose about unstable VMA flags in /proc/<pid>/smaps
iwlwifi: mvm: Send LQ command as async when necessary
Bluetooth: Fix unnecessary error message for HCI request completion
ipmi: fix use-after-free of user->release_barrier.rda
ipmi: msghandler: Fix potential Spectre v1 vulnerabilities
ipmi: Prevent use-after-free in deliver_response
ipmi:ssif: Fix handling of multi-part return messages
ipmi: Don't initialize anything in the core until something uses it
Linux 4.19.18
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit 913a89f009d98c85a902d718cd54bb32ab11d167 upstream.
The IPMI driver was recently modified to use SRCU, but it turns out
this uses a chunk of percpu memory, even if IPMI is never used.
So modify thing to on initialize on the first use. There was already
code to sort of handle this for handling init races, so piggy back
on top of that, and simplify it in the process.
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Reported-by: Tejun Heo <tj@kernel.org>
Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Reviewed-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Cc: stable@vger.kernel.org # 4.18
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 7d6380cd40f7993f75c4bde5b36f6019237e8719 upstream.
The block number was not being compared right, it was off by one
when checking the response.
Some statistics wouldn't be incremented properly in some cases.
Check to see if that middle-part messages always have 31 bytes of
data.
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Cc: stable@vger.kernel.org # 4.4
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 479d6b39b9e0d2de648ebf146f23a1e40962068f upstream.
Some IPMI modules (e.g. ibmpex_msg_handler()) will have ipmi_usr_hdlr
handlers that call ipmi_free_recv_msg() directly. This will essentially
kfree(msg), leading to use-after-free.
This does not happen in the ipmi_devintf module, which will queue the
message and run ipmi_free_recv_msg() later.
BUG: KASAN: use-after-free in deliver_response+0x12f/0x1b0
Read of size 8 at addr ffff888a7bf20018 by task ksoftirqd/3/27
CPU: 3 PID: 27 Comm: ksoftirqd/3 Tainted: G O 4.19.11-amd64-ani99-debug #12.0.1.601133+pv
Hardware name: AppNeta r1000/X11SPW-TF, BIOS 2.1a-AP 09/17/2018
Call Trace:
dump_stack+0x92/0xeb
print_address_description+0x73/0x290
kasan_report+0x258/0x380
deliver_response+0x12f/0x1b0
? ipmi_free_recv_msg+0x50/0x50
deliver_local_response+0xe/0x50
handle_one_recv_msg+0x37a/0x21d0
handle_new_recv_msgs+0x1ce/0x440
...
Allocated by task 9885:
kasan_kmalloc+0xa0/0xd0
kmem_cache_alloc_trace+0x116/0x290
ipmi_alloc_recv_msg+0x28/0x70
i_ipmi_request+0xb4a/0x1640
ipmi_request_settime+0x1b8/0x1e0
...
Freed by task 27:
__kasan_slab_free+0x12e/0x180
kfree+0xe9/0x280
deliver_response+0x122/0x1b0
deliver_local_response+0xe/0x50
handle_one_recv_msg+0x37a/0x21d0
handle_new_recv_msgs+0x1ce/0x440
tasklet_action_common.isra.19+0xc4/0x250
__do_softirq+0x11f/0x51f
Fixes: e86ee2d44b ("ipmi: Rework locking and shutdown for hot remove")
Cc: stable@vger.kernel.org # 4.18
Signed-off-by: Fred Klassen <fklassen@appneta.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit a7102c7461794a5bb31af24b08e9e0f50038897a upstream.
channel and addr->channel are indirectly controlled by user-space,
hence leading to a potential exploitation of the Spectre variant 1
vulnerability.
These issues were detected with the help of Smatch:
drivers/char/ipmi/ipmi_msghandler.c:1381 ipmi_set_my_address() warn: potential spectre issue 'user->intf->addrinfo' [w] (local cap)
drivers/char/ipmi/ipmi_msghandler.c:1401 ipmi_get_my_address() warn: potential spectre issue 'user->intf->addrinfo' [r] (local cap)
drivers/char/ipmi/ipmi_msghandler.c:1421 ipmi_set_my_LUN() warn: potential spectre issue 'user->intf->addrinfo' [w] (local cap)
drivers/char/ipmi/ipmi_msghandler.c:1441 ipmi_get_my_LUN() warn: potential spectre issue 'user->intf->addrinfo' [r] (local cap)
drivers/char/ipmi/ipmi_msghandler.c:2260 check_addr() warn: potential spectre issue 'intf->addrinfo' [r] (local cap)
Fix this by sanitizing channel and addr->channel before using them to
index user->intf->addrinfo and intf->addrinfo, correspondingly.
Notice that given that speculation windows are large, the policy is
to kill the speculation on the first load and not worry if it can be
completed with a dependent load/store [1].
[1] https://lore.kernel.org/lkml/20180423164740.GY17484@dhcp22.suse.cz/
Cc: stable@vger.kernel.org
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlw2Jd8ACgkQONu9yGCS
aT5DIw//RlX7Djwh9VnEEgggVpPxzIDfO8BcIR5EvSpHoci2skeD6/M5a+xiKKLk
HOuH/cqBobkifnCzHwHLQYP9rIbkRceW0wDU2tdaecTf6G82TPoa5rQzG0rMMTM4
HFrMlMXvQoWSlaALBi5xkGGa7AGOVcmiJBaIkbqNST4Ah8KMBRxEqDvnbh/ALXCe
qLRc7lDf/WRoN9GBzoCJwuaF9EcDW/C3EyHowVroDkN3UobzfdFSmrjkteFbkIkp
9rMzoyIXmKAe762ggkQTk8hEaVHqs7YxWlq53cym6NBtiBgfjqIKtT6tEtGs5U3i
sA+YK6PzCfwp4I0ffXVqUoFi3WfJ4Ist+co8e8Uu0+taRDzahBkxtxxmNb6URU64
1sosY0YyG7k72OYp9J4mYhCAbxUKC8S80TWjwPlyaVaUDWDHAbOQk5HDJ9wIERmN
PltF9wQ7ZQrha4v4nafPYJn/FmQuDCfDA78vOJ09PEbNZoNBhqXbHJGx/GEShdDE
/ZzoVigpN2tqIvXFM99rVPRDaTsWlCSiorOvn8vTyqv64EaGO2qZUDmvaReEbUxy
i1jJ5YcQoPk4GbNI8hfShGOhT+eAtw/KW5pHwqHbEle6jyeK+7KIdBmzw5ZXQIM6
4tzDOgn7yIpkMc+qyj3n3WE1LqRLt/cbOoxMu85jHDf5LgrtF50=
=Gqyx
-----END PGP SIGNATURE-----
Merge 4.19.14 into android-4.19
Changes in 4.19.14
ax25: fix a use-after-free in ax25_fillin_cb()
gro_cell: add napi_disable in gro_cells_destroy
ibmveth: fix DMA unmap error in ibmveth_xmit_start error path
ieee802154: lowpan_header_create check must check daddr
ip6mr: Fix potential Spectre v1 vulnerability
ipv4: Fix potential Spectre v1 vulnerability
ipv6: explicitly initialize udp6_addr in udp_sock_create6()
ipv6: tunnels: fix two use-after-free
ip: validate header length on virtual device xmit
isdn: fix kernel-infoleak in capi_unlocked_ioctl
net: clear skb->tstamp in forwarding paths
net/hamradio/6pack: use mod_timer() to rearm timers
net: ipv4: do not handle duplicate fragments as overlapping
net: macb: restart tx after tx used bit read
net: mvpp2: 10G modes aren't supported on all ports
net: phy: Fix the issue that netif always links up after resuming
netrom: fix locking in nr_find_socket()
net/smc: fix TCP fallback socket release
net: stmmac: Fix an error code in probe()
net/tls: allocate tls context using GFP_ATOMIC
net/wan: fix a double free in x25_asy_open_tty()
packet: validate address length
packet: validate address length if non-zero
ptr_ring: wrap back ->producer in __ptr_ring_swap_queue()
qmi_wwan: Added support for Fibocom NL668 series
qmi_wwan: Added support for Telit LN940 series
qmi_wwan: Add support for Fibocom NL678 series
sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event
sock: Make sock->sk_stamp thread-safe
tcp: fix a race in inet_diag_dump_icsk()
tipc: check tsk->group in tipc_wait_for_cond()
tipc: compare remote and local protocols in tipc_udp_enable()
tipc: fix a double free in tipc_enable_bearer()
tipc: fix a double kfree_skb()
tipc: use lock_sock() in tipc_sk_reinit()
vhost: make sure used idx is seen before log in vhost_add_used_n()
VSOCK: Send reset control packet when socket is partially bound
xen/netfront: tolerate frags with no data
net/mlx5: Typo fix in del_sw_hw_rule
tipc: check group dests after tipc_wait_for_cond()
net/mlx5e: Remove the false indication of software timestamping support
ipv6: frags: Fix bogus skb->sk in reassembled packets
net/ipv6: Fix a test against 'ipv6_find_idev()' return value
nfp: flower: ensure TCP flags can be placed in IPv6 frame
ipv6: route: Fix return value of ip6_neigh_lookup() on neigh_create() error
mscc: Configured MAC entries should be locked.
net/mlx5e: Cancel DIM work on close SQ
net/mlx5e: RX, Verify MPWQE stride size is in range
net: mvpp2: fix the phylink mode validation
qed: Fix command number mismatch between driver and the mfw
mlxsw: core: Increase timeout during firmware flash process
net/mlx5e: Remove unused UDP GSO remaining counter
net/mlx5e: RX, Fix wrong early return in receive queue poll
net: mvneta: fix operation for 64K PAGE_SIZE
net: Use __kernel_clockid_t in uapi net_stamp.h
r8169: fix WoL device wakeup enable
IB/hfi1: Incorrect sizing of sge for PIO will OOPs
ALSA: rme9652: Fix potential Spectre v1 vulnerability
ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities
ALSA: pcm: Fix potential Spectre v1 vulnerability
ALSA: emux: Fix potential Spectre v1 vulnerabilities
powerpc/fsl: Fix spectre_v2 mitigations reporting
mtd: atmel-quadspi: disallow building on ebsa110
mtd: rawnand: marvell: prevent timeouts on a loaded machine
mtd: rawnand: omap2: Pass the parent of pdev to dma_request_chan()
ALSA: hda: add mute LED support for HP EliteBook 840 G4
ALSA: hda/realtek: Enable audio jacks of ASUS UX391UA with ALC294
ALSA: fireface: fix for state to fetch PCM frames
ALSA: firewire-lib: fix wrong handling payload_length as payload_quadlet
ALSA: firewire-lib: fix wrong assignment for 'out_packet_without_header' tracepoint
ALSA: firewire-lib: use the same print format for 'without_header' tracepoints
ALSA: hda/realtek: Enable the headset mic auto detection for ASUS laptops
ALSA: hda/tegra: clear pending irq handlers
usb: dwc2: host: use hrtimer for NAK retries
USB: serial: pl2303: add ids for Hewlett-Packard HP POS pole displays
USB: serial: option: add Fibocom NL678 series
usb: r8a66597: Fix a possible concurrency use-after-free bug in r8a66597_endpoint_disable()
usb: dwc2: disable power_down on Amlogic devices
Revert "usb: dwc3: pci: Use devm functions to get the phy GPIOs"
usb: roles: Add a description for the class to Kconfig
media: dvb-usb-v2: Fix incorrect use of transfer_flags URB_FREE_BUFFER
staging: wilc1000: fix missing read_write setting when reading data
ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Clapper
ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Gnawty
s390/pci: fix sleeping in atomic during hotplug
Input: atmel_mxt_ts - don't try to free unallocated kernel memory
Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G
x86/speculation/l1tf: Drop the swap storage limit restriction when l1tf=off
x86/mm: Drop usage of __flush_tlb_all() in kernel_physical_mapping_init()
KVM: x86: Use jmp to invoke kvm_spurious_fault() from .fixup
arm64: KVM: Make VHE Stage-2 TLB invalidation operations non-interruptible
KVM: nVMX: Free the VMREAD/VMWRITE bitmaps if alloc_kvm_area() fails
platform-msi: Free descriptors in platform_msi_domain_free()
drm/v3d: Skip debugfs dumping GCA on platforms without GCA.
DRM: UDL: get rid of useless vblank initialization
clocksource/drivers/arc_timer: Utilize generic sched_clock
perf machine: Record if a arch has a single user/kernel address space
perf thread: Add fallback functions for cases where cpumode is insufficient
perf tools: Use fallback for sample_addr_correlates_sym() cases
perf script: Use fallbacks for branch stacks
perf pmu: Suppress potential format-truncation warning
perf env: Also consider env->arch == NULL as local operation
ocxl: Fix endiannes bug in ocxl_link_update_pe()
ocxl: Fix endiannes bug in read_afu_name()
ext4: add ext4_sb_bread() to disambiguate ENOMEM cases
ext4: fix possible use after free in ext4_quota_enable
ext4: missing unlock/put_page() in ext4_try_to_write_inline_data()
ext4: fix EXT4_IOC_GROUP_ADD ioctl
ext4: include terminating u32 in size of xattr entries when expanding inodes
ext4: avoid declaring fs inconsistent due to invalid file handles
ext4: force inode writes when nfsd calls commit_metadata()
ext4: check for shutdown and r/o file system in ext4_write_inode()
spi: bcm2835: Fix race on DMA termination
spi: bcm2835: Fix book-keeping of DMA termination
spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode
clk: rockchip: fix typo in rk3188 spdif_frac parent
clk: sunxi-ng: Use u64 for calculation of NM rate
crypto: cavium/nitrox - fix a DMA pool free failure
crypto: chcr - small packet Tx stalls the queue
crypto: testmgr - add AES-CFB tests
crypto: cfb - fix decryption
cgroup: fix CSS_TASK_ITER_PROCS
cdc-acm: fix abnormal DATA RX issue for Mediatek Preloader.
btrfs: dev-replace: go back to suspended state if target device is missing
btrfs: dev-replace: go back to suspend state if another EXCL_OP is running
btrfs: skip file_extent generation check for free_space_inode in run_delalloc_nocow
Btrfs: fix fsync of files with multiple hard links in new directories
btrfs: run delayed items before dropping the snapshot
Btrfs: send, fix race with transaction commits that create snapshots
brcmfmac: fix roamoff=1 modparam
brcmfmac: Fix out of bounds memory access during fw load
powerpc/tm: Unset MSR[TS] if not recheckpointing
dax: Don't access a freed inode
dax: Use non-exclusive wait in wait_entry_unlocked()
f2fs: read page index before freeing
f2fs: fix validation of the block count in sanity_check_raw_super
f2fs: sanity check of xattr entry size
serial: uartps: Fix interrupt mask issue to handle the RX interrupts properly
media: cec: keep track of outstanding transmits
media: cec-pin: fix broken tx_ignore_nack_until_eom error injection
media: rc: cec devices do not have a lirc chardev
media: imx274: fix stack corruption in imx274_read_reg
media: vivid: free bitmap_cap when updating std/timings/etc.
media: vb2: check memory model for VIDIOC_CREATE_BUFS
media: v4l2-tpg: array index could become negative
tools lib traceevent: Fix processing of dereferenced args in bprintk events
MIPS: math-emu: Write-protect delay slot emulation pages
MIPS: c-r4k: Add r4k_blast_scache_node for Loongson-3
MIPS: Ensure pmd_present() returns false after pmd_mknotpresent()
MIPS: Align kernel load address to 64KB
MIPS: Expand MIPS32 ASIDs to 64 bits
MIPS: OCTEON: mark RGMII interface disabled on OCTEON III
MIPS: Fix a R10000_LLSC_WAR logic in atomic.h
CIFS: Fix error mapping for SMB2_LOCK command which caused OFD lock problem
smb3: fix large reads on encrypted connections
arm64: KVM: Avoid setting the upper 32 bits of VTCR_EL2 to 1
arm/arm64: KVM: vgic: Force VM halt when changing the active state of GICv3 PPIs/SGIs
ARM: dts: exynos: Specify I2S assigned clocks in proper node
rtc: m41t80: Correct alarm month range with RTC reads
KVM: arm/arm64: vgic: Do not cond_resched_lock() with IRQs disabled
KVM: arm/arm64: vgic: Cap SPIs to the VM-defined maximum
KVM: arm/arm64: vgic-v2: Set active_source to 0 when restoring state
KVM: arm/arm64: vgic: Fix off-by-one bug in vgic_get_irq()
iommu/arm-smmu-v3: Fix big-endian CMD_SYNC writes
arm64: compat: Avoid sending SIGILL for unallocated syscall numbers
tpm: tpm_try_transmit() refactor error flow.
tpm: tpm_i2c_nuvoton: use correct command duration for TPM 2.x
spi: bcm2835: Unbreak the build of esoteric configs
MIPS: Only include mmzone.h when CONFIG_NEED_MULTIPLE_NODES=y
Linux 4.19.14
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit 01f54664a4db0d612de0ece8e0022f21f9374e9b upstream.
First, rename out_no_locality to out_locality for bailing out on
both tpm_cmd_ready() and tpm_request_locality() failure.
Second, ignore the return value of go_to_idle() as it may override
the return value of the actual tpm operation, the go_to_idle() error
will be caught on any consequent command.
Last, fix the wrong 'goto out', that jumped back instead of forward.
Cc: stable@vger.kernel.org
Fixes: 627448e85c ("tpm: separate cmd_ready/go_idle from runtime_pm")
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
In preparation for adding XChaCha12 support, rename/refactor
chacha20-generic to support different numbers of rounds. The
justification for needing XChaCha12 support is explained in more detail
in the patch "crypto: chacha - add XChaCha12 support".
The only difference between ChaCha{8,12,20} are the number of rounds
itself; all other parts of the algorithm are the same. Therefore,
remove the "20" from all definitions, structures, functions, files, etc.
that will be shared by all ChaCha versions.
Also make ->setkey() store the round count in the chacha_ctx (previously
chacha20_ctx). The generic code then passes the round count through to
chacha_block(). There will be a ->setkey() function for each explicitly
allowed round count; the encrypt/decrypt functions will be the same. I
decided not to do it the opposite way (same ->setkey() function for all
round counts, with different encrypt/decrypt functions) because that
would have required more boilerplate code in architecture-specific
implementations of ChaCha and XChaCha.
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Martin Willi <martin@strongswan.org>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
(cherry picked from commit 1ca1b917940c24ca3d1f490118c5474168622953
https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git master)
Conflicts:
arch/x86/crypto/chacha20_glue.c
drivers/crypto/caam/caamalg.c
drivers/crypto/caam/caamalg_qi2.c
drivers/crypto/caam/compat.h
include/crypto/chacha20.h
Bug: 112008522
Test: As series, see Ic61c13b53facfd2173065be715a7ee5f3af8760b
Change-Id: I7fa203ddc7095ce8675a32f49b8a5230cd0cf5f6
Signed-off-by: Eric Biggers <ebiggers@google.com>
In commit 9f480faec5 ("crypto: chacha20 - Fix keystream alignment for
chacha20_block()"), I had missed that chacha20_block() can be called
directly on the buffer passed to get_random_bytes(), which can have any
alignment. So, while my commit didn't break anything, it didn't fully
solve the alignment problems.
Revert my solution and just update chacha20_block() to use
put_unaligned_le32(), so the output buffer need not be aligned.
This is simpler, and on many CPUs it's the same speed.
But, I kept the 'tmp' buffers in extract_crng_user() and
_get_random_bytes() 4-byte aligned, since that alignment is actually
needed for _crng_backtrack_protect() too.
Reported-by: Stephan Müller <smueller@chronox.de>
Cc: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
(cherry picked from commit a5e9f557098e54af44ade5d501379be18435bfbf)
Bug: 112008522
Test: As series, see Ic61c13b53facfd2173065be715a7ee5f3af8760b
Change-Id: Ic355d2416330ae2f4a50cb7064633810e35a93bf
Signed-off-by: Eric Biggers <ebiggers@google.com>
commit 84b59f6487d82d3ab4247a099aba66d4d17e8b08 upstream.
When checking whether the response is large enough to be able to contain
the received random bytes in tpm_get_random() and tpm2_get_random(),
they fail to take account the header size, which should be added to the
minimum size. This commit fixes this issue.
Cc: stable@vger.kernel.org
Fixes: c659af78eb ("tpm: Check size of response before accessing data")
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit e487a0f52301293152a6f8c4e217f2a11dd808e3 upstream.
Functionality of the xen-tpmfront driver was lost secondary to
the introduction of xenbus multi-page support in commit ccc9d90a9a
("xenbus_client: Extend interface to support multi-page ring").
In this commit pointer to location of where the shared page address
is stored was being passed to the xenbus_grant_ring() function rather
then the address of the shared page itself. This resulted in a situation
where the driver would attach to the vtpm-stubdom but any attempt
to send a command to the stub domain would timeout.
A diagnostic finding for this regression is the following error
message being generated when the xen-tpmfront driver probes for a
device:
<3>vtpm vtpm-0: tpm_transmit: tpm_send: error -62
<3>vtpm vtpm-0: A TPM error (-62) occurred attempting to determine
the timeouts
This fix is relevant to all kernels from 4.1 forward which is the
release in which multi-page xenbus support was introduced.
Daniel De Graaf formulated the fix by code inspection after the
regression point was located.
Fixes: ccc9d90a9a ("xenbus_client: Extend interface to support multi-page ring")
Signed-off-by: Dr. Greg Wettstein <greg@enjellic.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[boris: Updated commit message, added Fixes tag]
Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: stable@vger.kernel.org # v4.1+
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
[ Upstream commit 0d6d0d62d9505a9816716aa484ebd0b04c795063 ]
For TPM 1.2 chips the system setup utility allows to set the TPM device in
one of the following states:
* Active: Security chip is functional
* Inactive: Security chip is visible, but is not functional
* Disabled: Security chip is hidden and is not functional
When choosing the "Inactive" state, the TPM 1.2 device is enumerated and
registered, but sending TPM commands fail with either TPM_DEACTIVATED or
TPM_DISABLED depending if the firmware deactivated or disabled the TPM.
Since these TPM 1.2 error codes don't have special treatment, inactivating
the TPM leads to a very noisy kernel log buffer that shows messages like
the following:
tpm_tis 00:05: 1.2 TPM (device-id 0x0, rev-id 78)
tpm tpm0: A TPM error (6) occurred attempting to read a pcr value
tpm tpm0: TPM is disabled/deactivated (0x6)
tpm tpm0: A TPM error (6) occurred attempting get random
tpm tpm0: A TPM error (6) occurred attempting to read a pcr value
ima: No TPM chip found, activating TPM-bypass! (rc=6)
tpm tpm0: A TPM error (6) occurred attempting get random
tpm tpm0: A TPM error (6) occurred attempting get random
tpm tpm0: A TPM error (6) occurred attempting get random
tpm tpm0: A TPM error (6) occurred attempting get random
Let's just suppress error log messages for the TPM_{DEACTIVATED,DISABLED}
return codes, since this is expected when the TPM 1.2 is set to Inactive.
In that case the kernel log is cleaner and less confusing for users, i.e:
tpm_tis 00:05: 1.2 TPM (device-id 0x0, rev-id 78)
tpm tpm0: TPM is disabled/deactivated (0x6)
ima: No TPM chip found, activating TPM-bypass! (rc=6)
Reported-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
for cd2315d "ipmi: kcs_bmc: don't change device name" which is for a
driver that very few people use, and those people need the change.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJbmb2pAAoJEGHzjJCRm/+B73kP/j+dbKDEYJoBzHl+ni7yJNnv
gfmmJ8mmjB0ia7Y8rAcd3VkyzUnTtRliHs8j78VLmMHHOfQYR55xWbJmV53qJnTA
umq4SaDpmLAxnCxRlmaB6/s2HvMFVXWzgs4Ke8xVqA8cL37i/JDyHBe1wc+xkZcB
6rj5Sg8WgJTsbybTOCDvSAN99tdo5o8TjfTLk94isVuEbFz/3qcsIxdofJQvYwJ8
c/TC5zVY6pvUmTZEl6bIBT1GzLRnrCpijM4GBsmKCrL/ZRb+UW/vryWUcKMxs6oY
IhCfXAM6rl83cgfH6SHZjjruDMnUFZxpyQvR+bqEnZpp3RJ5D5SQQkLNMwrR9cCV
wdIz/n+LYATbiSOUJgJOlFsjUv1xQ4V1F92Krln8Kir/+rDkkb/75mBS7edNl606
iPQDdrg193Rz8xEqmuf9CcmRsft+9QxcdzsSOt8ZZQSHIS1TAyQc1pwtkFeyExXP
n1CVbx3+toX2J9LGfUq0h4ntcEcfW9qZRz8gAhZ4Gj5S4N3ih2KU2xo8lRQ+HRAk
8XGnSy/6IidnPn/r7onvC37RoDNltSPELm1CZxt510dZWX0GQw6G5e/TParjbvqY
3HsJZ3fGsWyzCDcblfBS010Rdz4K4vb2KFZ1da4Xrt568g1ciLY/BJrrn6ltSif/
hmxDJ/KY4iMfwiPz/E20
=nuBB
-----END PGP SIGNATURE-----
Merge tag 'for-linus-4.19' of git://github.com/cminyard/linux-ipmi
Pull IPMI bugfixes from Corey Minyard:
"A few fixes that came around or after the merge window, except for
commit cd2315d471 ("ipmi: kcs_bmc: don't change device name") which
is for a driver that very few people use, and those people need the
change"
* tag 'for-linus-4.19' of git://github.com/cminyard/linux-ipmi:
ipmi: Fix NULL pointer dereference in ssif_probe
ipmi: Fix I2C client removal in the SSIF driver
ipmi: Move BT capabilities detection to the detect call
ipmi: Rework SMI registration failure
ipmi: kcs_bmc: don't change device name
initialize the CRNG is configurable via the boot option
random.trust_cpu={on,off}
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEEK2m5VNv+CHkogTfJ8vlZVpUNgaMFAluVEQAACgkQ8vlZVpUN
gaN4vAgAqQQHYBTlHSYTyh9eEyOOo6gSTnu9mgk6iwejUceoPDcwYiFptZvdpQxj
moNTz31hy2tFHqt8aiNA2CgSMLI6cilLhz9AzeA6UuQe/EGhZeQHtnvKNIct8Zbg
97+b2WipCgspO0hzm8NLCjcvSgu892fBLc1TVl8Z+GxLhTCTAgkrMqLpo2iSR/Xe
+wv2NhT5gAnXFUuHzayiG/wCwSpWNt1cc1DJHVLMFv2yznHL/nagUywO4IeYqaJk
ZeXie9GsMZDsqFMOjCPS98U3/7c6y2FoYtm/O4NRUpQh9T8QP4NPylP3NDlhIxss
ZTu6x9xXKnLBfhHu5qk6LuYMJNW/lQ==
=XP8t
-----END PGP SIGNATURE-----
Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random
Pull random driver fix from Ted Ts'o:
"Fix things so the choice of whether or not to trust RDRAND to
initialize the CRNG is configurable via the boot option
random.trust_cpu={on,off}"
* tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random:
random: make CPU trust a boot parameter
Instead of forcing a distro or other system builder to choose
at build time whether the CPU is trusted for CRNG seeding via
CONFIG_RANDOM_TRUST_CPU, provide a boot-time parameter for end users to
control the choice. The CONFIG will set the default state instead.
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
There is a potential execution path in which function ssif_info_find()
returns NULL, hence there is a NULL pointer dereference when accessing
pointer *addr_info*
Fix this by null checking *addr_info* before dereferencing it.
Addresses-Coverity-ID: 1473145 ("Explicit null dereferenced")
Fixes: e333054a91d1 ("ipmi: Fix I2C client removal in the SSIF driver")
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Andy Lutomirski
Sergey Senozhatsky
Hsin-Yi Wang
Theodore Ts'o
George Spelvin
Kees Cook
Rasmus Villemoes
Greg Kroah-Hartman
Zhenzhong Duan
Linus Torvalds
Tony Lindgren
Jonas Gorski
Nicholas Mc Guire
Navid Emamdoost
Corey Minyard
Arnd Bergmann
Sumit Garg
Tadeusz Struk
Lionel Debieve
Laurent Vivier
Eric Biggers
YueHaibing
Colin Ian King
Meelis Roos
Vadim Sukhomlinov
Jarkko Sakkinen
Tetsuo Handa
David Howells
Kefeng Wang
Rouven Czerwinski
Pankaj Gupta
Sebastian Andrzej Siewior
Jon DeVree
Kamlakant Patel
Tony Camuso
Greg Kroah-Hartman
Buland Singh
David Tolnay
Yang Yingliang
Gustavo A. R. Silva
Fred Klassen
Tomas Winkler
Dr. Greg Wettstein
Javier Martinez Canillas
Jan Glauber