* refs/heads/tmp-c79e0f8:
Revert "rtc: dt-binding: abx80x: fix resistance scale"
Linux 4.19.89
appletalk: Set error code if register_snap_client failed
appletalk: Fix potential NULL pointer dereference in unregister_snap_client
net: qrtr: fix memort leak in qrtr_tun_write_iter
KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)
ASoC: rsnd: fixup MIX kctrl registration
xfs: add missing error check in xfs_prepare_shift()
iomap: partially revert 4721a601099 (simulated directio short read on EFAULT)
splice: don't read more than available pipe space
perf script: Fix invalid LBR/binary mismatch error
watchdog: aspeed: Fix clock behaviour for ast2600
md/raid0: Fix an error message in raid0_make_request()
ALSA: hda - Fix pending unsol events at shutdown
binder: Handle start==NULL in binder_update_page_range()
binder: Fix race between mmap() and binder_alloc_print_pages()
vcs: prevent write access to vcsu devices
thermal: Fix deadlock in thermal thermal_zone_device_check
iomap: Fix pipe page leakage during splicing
RDMA/qib: Validate ->show()/store() callbacks before calling them
can: ucan: fix non-atomic allocation in completion handler
mwifiex: update set_mac_address logic
spi: atmel: Fix CS high support
crypto: user - fix memory leak in crypto_report
crypto: ecdh - fix big endian bug in ECC library
crypto: ccp - fix uninitialized list head
crypto: af_alg - cast ki_complete ternary op to int
crypto: atmel-aes - Fix IV handling when req->nbytes < ivsize
crypto: crypto4xx - fix double-free in crypto4xx_destroy_sdr
KVM: x86: Grab KVM's srcu lock when setting nested state
KVM: x86: fix presentation of TSX feature in ARCH_CAPABILITIES
KVM: x86: do not modify masked bits of shared MSRs
KVM: arm/arm64: vgic: Don't rely on the wrong pending table
arm64: dts: exynos: Revert "Remove unneeded address space mapping for soc node"
drm/i810: Prevent underflow in ioctl
drm/msm: fix memleak on release
jbd2: Fix possible overflow in jbd2_log_space_left()
kernfs: fix ino wrap-around detection
can: slcan: Fix use-after-free Read in slcan_open
tty: vt: keyboard: reject invalid keycodes
CIFS: Fix SMB2 oplock break processing
CIFS: Fix NULL-pointer dereference in smb2_push_mandatory_locks
xfrm interface: fix management of phydev
xfrm interface: fix list corruption for x-netns
xfrm interface: avoid corruption on changelink
xfrm interface: fix memory leak on creation
x86/PCI: Avoid AMD FCH XHCI USB PME# from D0 defect
x86/mm/32: Sync only to VMALLOC_END in vmalloc_sync_all()
Input: Fix memory leak in psxpad_spi_probe
coresight: etm4x: Fix input validation for sysfs.
Input: goodix - add upside-down quirk for Teclast X89 tablet
Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers
Input: synaptics-rmi4 - re-enable IRQs in f34v7_do_reflash
Input: synaptics - switch another X1 Carbon 6 to RMI/SMbus
ALSA: hda - Add mute led support for HP ProBook 645 G4
ALSA: pcm: oss: Avoid potential buffer overflows
ALSA: hda/realtek - Dell headphone has noise on unmute for ALC236
ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop
ALSA: hda/realtek - Enable internal speaker of ASUS UX431FLC
fuse: verify attributes
fuse: verify nlink
sched/fair: Scale bandwidth quota and period without losing quota/period ratio precision
net: aquantia: fix RSS table and key sizes
media: vimc: fix start stream when link is disabled
ARM: dts: am335x-pdu001: Fix polarity of card detection input
ARM: dts: sunxi: Fix PMU compatible strings
ASoC: max9867: Fix power management
clk: renesas: rcar-gen3: Set state when registering SD clocks
usb: mtu3: fix dbginfo in qmu_tx_zlp_error_handler
mlx4: Use snprintf instead of complicated strcpy
IB/hfi1: Close VNIC sdma_progress sleep window
IB/hfi1: Ignore LNI errors before DC8051 transitions to Polling state
mlxsw: spectrum_router: Relax GRE decap matching check
soc: renesas: r8a77990-sysc: Fix initialization order of 3DG-{A,B}
sctp: frag_point sanity check
clk: qcom: gcc-msm8998: Disable halt check of UFS clocks
firmware: qcom: scm: fix compilation error when disabled
media: stkwebcam: Bugfix for wrong return values
tty: Don't block on IO when ldisc change is pending
ARM: dts: sun8i: h3: Fix the system-control register range
tty: serial: qcom_geni_serial: Fix softlock
media: uvcvideo: Abstract streaming object lifetime
nfsd: Return EPERM, not EACCES, in some SETATTR cases
MIPS: OCTEON: cvmx_pko_mem_debug8: use oldest forward compatible definition
clk: renesas: r8a77995: Correct parent clock of DU
clk: renesas: r8a77990: Correct parent clock of DU
powerpc/math-emu: Update macros from GCC
pstore/ram: Avoid NULL deref in ftrace merging failure path
net/mlx4_core: Fix return codes of unsupported operations
dlm: fix invalid cluster name warning
ARM: dts: realview: Fix some more duplicate regulator nodes
media: cxd2880-spi: fix probe when dvb_attach fails
clk: qcom: Fix MSM8998 resets
clk: sunxi-ng: h3/h5: Fix CSI_MCLK parent
clk: meson: meson8b: fix the offset of vid_pll_dco's N value
ARM: dts: pxa: clean up USB controller nodes
mtd: fix mtd_oobavail() incoherent returned value
kbuild: fix single target build for external module
modpost: skip ELF local symbols during section mismatch check
tcp: fix SNMP TCP timeout under-estimation
tcp: fix SNMP under-estimation on failed retransmission
tcp: fix off-by-one bug on aborting window-probing socket
ARM: dts: realview-pbx: Fix duplicate regulator nodes
ARM: dts: mmp2: fix the gpio interrupt cell number
tcp: make tcp_space() aware of socket backlog
kbuild: disable dtc simple_bus_reg warnings by default
soc: renesas: r8a77980-sysc: Correct A3VIP[012] power domain hierarchy
soc: renesas: r8a77980-sysc: Correct names of A2DP[01] power domains
soc: renesas: r8a77970-sysc: Correct names of A2DP/A2CN power domains
clk: mediatek: Drop more __init markings for driver probe
clk: mediatek: Drop __init from mtk_clk_register_cpumuxes()
tools/bpf: make libbpf _GNU_SOURCE friendly
net/x25: fix null_x25_address handling
net/x25: fix called/calling length calculation in x25_parse_address_block
arm64: dts: meson-gxl-khadas-vim: fix GPIO lines names
arm64: dts: meson-gxbb-odroidc2: fix GPIO lines names
arm64: dts: meson-gxbb-nanopi-k2: fix GPIO lines names
arm64: dts: meson-gxl-libretech-cc: fix GPIO lines names
ARM: OMAP1/2: fix SoC name printing
ASoC: au8540: use 64-bit arithmetic instead of 32-bit
tools: bpftool: fix a bitfield pretty print issue
bpf: btf: check name validity for various types
bpf: btf: implement btf_name_valid_identifier()
nfsd: fix a warning in __cld_pipe_upcall()
can: xilinx: fix return type of ndo_start_xmit function
ARM: debug: enable UART1 for socfpga Cyclone5
dlm: NULL check before kmem_cache_destroy is not needed
ARM: dts: sun8i: v3s: Change pinctrl nodes to avoid warning
ARM: dts: sun8i: a23/a33: Fix OPP DTC warnings
ARM: dts: sun7i: Fix HDMI output DTC warning
ARM: dts: r8a779[01]: Disable unconnected LVDS encoders
ARM: dts: sun5i: a10s: Fix HDMI output DTC warning
ARM: dts: sun4i: Fix HDMI output DTC warning
ARM: dts: sun4i: Fix gpio-keys warning
ASoC: rsnd: tidyup registering method for rsnd_kctrl_new()
iommu/amd: Fix line-break in error log reporting
sctp: increase sk_wmem_alloc when head->truesize is increased
lockd: fix decoding of TEST results
gpu: host1x: Fix syncpoint ID field size on Tegra186
clk: meson: Fix GXL HDMI PLL fractional bits width
i2c: imx: don't print error message on probe defer
serial: imx: fix error handling in console_setup
altera-stapl: check for a null key before strcasecmp'ing it
slimbus: ngd: Fix build error on x86
dma-mapping: fix return type of dma_set_max_seg_size()
nvme: Free ctrl device name on init failure
sparc: Correct ctx->saw_frame_pointer logic.
sparc: Fix JIT fused branch convergance.
f2fs: fix to allow node segment for GC by ioctl path
ARM: dts: rockchip: Assign the proper GPIO clocks for rv1108
ARM: dts: rockchip: Fix the PMU interrupt number for rv1108
f2fs: change segment to section in f2fs_ioc_gc_range
f2fs: fix count of seg_freed to make sec_freed correct
f2fs: fix to account preflush command for noflush_merge mode
ACPI: fix acpi_find_child_device() invocation in acpi_preset_companion()
usb: dwc3: don't log probe deferrals; but do log other error codes
usb: dwc3: debugfs: Properly print/set link state for HS
selftests/powerpc: Skip test instead of failing
selftests/powerpc: Allocate base registers
net: qualcomm: rmnet: move null check on dev before dereferecing it
dmaengine: dw-dmac: implement dma protection control setting
dmaengine: coh901318: Remove unused variable
dmaengine: coh901318: Fix a double-lock bug
net/ipv6: re-do dad when interface has IFF_NOARP flag change
ravb: Clean up duplex handling
iwlwifi: fix cfg structs for 22000 with different RF modules
media: cec: report Vendor ID after initialization
media: pulse8-cec: return 0 when invalidating the logical address
media: coda: fix memory corruption in case more than 32 instances are opened
ARM: dts: exynos: Use Samsung SoC specific compatible for DWC2 module
rtc: dt-binding: abx80x: fix resistance scale
rtc: max8997: Fix the returned value in case of error in 'max8997_rtc_read_alarm()'
nds32: Fix the items of hwcap_str ordering issue.
math-emu/soft-fp.h: (_FP_ROUND_ZERO) cast 0 to void to fix warning
net/smc: use after free fix in smc_wr_tx_put_slot()
MIPS: OCTEON: octeon-platform: fix typing
iw_cxgb4: only reconnect with MPAv1 if the peer aborts
iomap: readpages doesn't zero page tail beyond EOF
iomap: dio data corruption and spurious errors when pipes fill
iomap: sub-block dio needs to zeroout beyond EOF
iomap: FUA is wrong for DIO O_DSYNC writes into unwritten extents
ice: Fix possible NULL pointer de-reference
ice: Fix return value from NAPI poll
net-next/hinic: fix a bug in rx data flow
net-next/hinic:fix a bug in set mac address
xfs: extent shifting doesn't fully invalidate page cache
USB: serial: f81534: fix reading old/new IC config
regulator: Fix return value of _set_load() stub
sctp: count sk_wmem_alloc by skb truesize in sctp_packet_transmit
clk: rockchip: fix ID of 8ch clock of I2S1 for rk3328
clk: rockchip: fix I2S1 clock gate register for rk3328
mm/vmstat.c: fix NUMA statistics updates
firmware: raspberrypi: Fix firmware calls with large buffers
Staging: iio: adt7316: Fix i2c data reading, set the data field
pinctrl: qcom: ssbi-gpio: fix gpio-hog related boot issues
arm64: dts: zynqmp: Fix node names which contain "_"
crypto: bcm - fix normal/non key hash algorithm failure
crypto: ecc - check for invalid values in the key verification test
ARM: dts: imx6: RDU2: fix eGalax touchscreen node
bus: ti-sysc: Fix getting optional clocks in clock_roles
drivers: soc: Allow building the amlogic drivers without ARCH_MESON
scsi: zfcp: drop default switch case which might paper over missing case
scsi: zfcp: update kernel message for invalid FCP_CMND length, it's not the CDB
net: dsa: mv88e6xxx: Work around mv886e6161 SERDES missing MII_PHYSID2
MIPS: SiByte: Enable ZONE_DMA32 for LittleSur
dlm: fix missing idr_destroy for recover_idr
ARM: dts: rockchip: Fix rk3288-rock2 vcc_flash name
clk: rockchip: fix rk3188 sclk_mac_lbtest parameter ordering
clk: rockchip: fix rk3188 sclk_smc gate data
virtchnl: Fix off by one error
i40e: don't restart nway if autoneg not supported
rtc: max77686: Fix the returned value in case of error in 'max77686_rtc_read_time()'
rtc: s3c-rtc: Avoid using broken ALMYEAR register
net: ethernet: ti: cpts: correct debug for expired txq skb
extcon: max8997: Fix lack of path setting in USB device mode
ARM: dts: exynos: Fix LDO13 min values on Odroid XU3/XU4/HC1
dlm: fix possible call to kfree() for non-initialized pointer
ice: Fix NVM mask defines
clk: sunxi-ng: a64: Fix gate bit of DSI DPHY
net/mlx5: Release resource on error flow
ARC: IOC: panic if kernel was started with previously enabled IOC
netfilter: nf_tables: don't use position attribute on rule replacement
audit: Embed key into chunk
ARM: 8813/1: Make aligned 2-byte getuser()/putuser() atomic on ARMv6+
iwlwifi: mvm: Send non offchannel traffic via AP sta
iwlwifi: trans: Clear persistence bit when starting the FW
iwlwifi: mvm: synchronize TID queue removal
cxgb4vf: fix memleak in mac_hlist initialization
serial: core: Allow processing sysrq at port unlock time
i2c: core: fix use after free in of_i2c_notify
net: ep93xx_eth: fix mismatch of request_mem_region in remove
rsxx: add missed destroy_workqueue calls in remove
selftests: kvm: fix build with glibc >= 2.30
drm/sun4i: tcon: Set min division of TCON0_DCLK to 1.
ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed()
perf/core: Consistently fail fork on allocation failures
sched/core: Avoid spurious lock dependencies
Input: cyttsp4_core - fix use after free bug
xfrm: release device reference for invalid state
NFC: nxp-nci: Fix NULL pointer dereference after I2C communication error
audit_get_nd(): don't unlock parent too early
exportfs_decode_fh(): negative pinned may become positive without the parent locked
iwlwifi: pcie: don't consider IV len in A-MSDU
RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN
autofs: fix a leak in autofs_expire_indirect()
serial: ifx6x60: add missed pm_runtime_disable
serial: serial_core: Perform NULL checks for break_ctl ops
serial: pl011: Fix DMA ->flush_buffer()
tty: serial: msm_serial: Fix flow control
tty: serial: fsl_lpuart: use the sg count from dma_map_sg
usb: gadget: u_serial: add missing port entry locking
lp: fix sparc64 LPSETTIMEOUT ioctl
sparc64: implement ioremap_uc
arm64: tegra: Fix 'active-low' warning for Jetson TX1 regulator
rsi: release skb if rsi_prepare_beacon fails
Conflicts:
drivers/slimbus/qcom-ngd-ctrl.c
drivers/usb/dwc3/core.c
drivers/usb/dwc3/debugfs.c
Change-Id: I099fa45df0af3334254d3949dd55efb2c7bbc522
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
* refs/heads/tmp-8e36d3d:
Documentation: devicetree: Remove unimac-mdio bindings from kernel
Revert "media: dt-bindings: adv748x: Fix decimal unit addresses"
Linux 4.19.85
slcan: Fix memory leak in error path
memfd: Use radix_tree_deref_slot_protected to avoid the warning.
net: phy: mdio-bcm-unimac: mark PM functions as __maybe_unused
s390/vdso: correct vdso mapping for compat tasks
media: ov2680: fix null dereference at power on
IB/iser: Fix possible NULL deref at iser_inv_desc()
fuse: use READ_ONCE on congestion_threshold and max_background
usb: usbtmc: uninitialized symbol 'actual' in usbtmc_ioctl_clear
usb: xhci-mtk: fix ISOC error when interval is zero
netfilter: masquerade: don't flush all conntracks if only one address deleted on device
rtc: armada38x: fix possible race condition
rtc: tx4939: fixup nvmem name and register size
rtc: isl1208: avoid possible sysfs race
ARM: dts: lpc32xx: Fix SPI controller node names
arm64: dts: lg: Fix SPI controller node names
arm64: dts: amd: Fix SPI bus warnings
scsi: NCR5380: Check for bus reset
scsi: NCR5380: Handle BUS FREE during reselection
scsi: NCR5380: Don't call dsprintk() following reselection interrupt
scsi: NCR5380: Don't clear busy flag when abort fails
scsi: NCR5380: Check for invalid reselection target
scsi: NCR5380: Use DRIVER_SENSE to indicate valid sense data
scsi: NCR5380: Withhold disconnect privilege for REQUEST SENSE
scsi: NCR5380: Have NCR5380_select() return a bool
scsi: NCR5380: Clear all unissued commands on host reset
iwlwifi: mvm: Allow TKIP for AP mode
iwlwifi: mvm: use correct FIFO length
iwlwifi: pcie: fit reclaim msg to MAX_MSG_LEN
iwlwifi: pcie: gen2: build A-MSDU only for GSO
iwlwifi: api: annotate compressed BA notif array sizes
iwlwifi: pcie: read correct prph address for newer devices
iwlwifi: fix non_shared_ant for 22000 devices
iwlwifi: dbg: don't crash if the firmware crashes in the middle of a debug dump
crypto: fix a memory leak in rsa-kcs1pad's encryption mode
crypto: s5p-sss: Fix Fix argument list alignment
crypto: s5p-sss: Fix race in error handling
x86/hyperv: Suppress "PCI: Fatal: No config space access function found"
Bluetooth: btrsi: fix bt tx timeout issue
Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS
Bluetooth: hci_serdev: clear HCI_UART_PROTO_READY to avoid closing proto races
firmware: dell_rbu: Make payload memory uncachable
ARM: dts: realview: Fix SPI controller node names
EDAC: Raise the maximum number of memory controllers
RDMA: Fix dependencies for rdma_user_mmap_io
f2fs: mark inode dirty explicitly in recover_inode()
f2fs: fix to recover inode's project id during POR
f2fs: update i_size after DIO completion
PCI/ERR: Run error recovery callbacks for all affected devices
net: faraday: fix return type of ndo_start_xmit function
net: smsc: fix return type of ndo_start_xmit function
ARM: dts: paz00: fix wakeup gpio keycode
ARM: tegra: colibri_t30: fix mcp2515 can controller interrupt polarity
ARM: tegra: apalis_t30: fix mcp2515 can controller interrupt polarity
ARM: tegra: apalis_t30: fix mmc1 cmd pull-up
ARM: dts: tegra20: restore address order
ARM: dts: tegra30: fix xcvr-setup-use-fuses
arm64: tegra: I2C on Tegra194 is not compatible with Tegra114
ARM: dts: imx51-zii-rdu1: Fix the rtc compatible string
arm64: dts: fsl: Fix I2C and SPI bus warnings
phy: lantiq: Fix compile warning
f2fs: fix remount problem of option io_bits
scsi: libsas: always unregister the old device if going to discover new
iw_cxgb4: Use proper enumerated type in c4iw_bar2_addrs
vfio/pci: Mask buggy SR-IOV VF INTx support
vfio/pci: Fix potential memory leak in vfio_msi_cap_len
vmbus: keep pointer to ring buffer page
misc: genwqe: should return proper error value.
misc: kgdbts: Fix restrict error
silmbus: ngd: register controller after power up.
slimbus: ngd: return proper error code instead of zero
slimbus: ngd: register ngd driver only once.
coresight: dynamic-replicator: Handle multiple connections
coresight: tmc: Fix byte-address alignment for RRP
coresight: etm4x: Configure EL2 exception level when kernel is running in HYP
coresight: tmc-etr: Handle driver mode specific ETR buffers
coresight: perf: Disable trace path upon source error
coresight: perf: Fix per cpu path management
coresight: Fix handling of sinks
coresight: Use ERR_CAST instead of ERR_PTR
usb: gadget: uvc: Only halt video streaming endpoint in bulk mode
usb: gadget: uvc: Factor out video USB request queueing
ARM: dts: imx6ull: update vdd_soc voltage for 900MHz operating point
phy: phy-twl4030-usb: fix denied runtime access
phy: renesas: rcar-gen3-usb2: fix vbus_ctrl for role sysfs
phy: brcm-sata: allow PHY_BRCM_SATA driver to be built for DSL SoCs
ARM: at91: pm: call put_device instead of of_node_put in at91_pm_config_ws
gpiolib: Fix gpio_direction_* for single direction GPIOs
i2c: aspeed: fix invalid clock parameters for very large divisors
ARM: dts: exynos: Correct audio subsystem parent clock on Peach Chromebooks
usb: gadget: uvc: configfs: Sort frame intervals upon writing
usb: gadget: uvc: configfs: Prevent format changes after linking header
usb: gadget: uvc: configfs: Drop leaked references to config items
ARM: dts: rockchip: explicitly set vcc_sd0 pin to gpio on rk3188-radxarock
media: davinci: Fix implicit enum conversion warning
media: au0828: Fix incorrect error messages
media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init()
media: imx: work around false-positive warning, again
mlxsw: Make MLXSW_SP1_FWREV_MINOR a hard requirement
arm64: dts: rockchip: Fix microSD in rk3399 sapphire board
MIPS: kexec: Relax memory restriction
EDAC: Correct DIMM capacity unit symbol
x86/CPU: Change query logic so CPUID is enabled before testing
x86/CPU: Use correct macros for Cyrix calls
net: freescale: fix return type of ndo_start_xmit function
net: micrel: fix return type of ndo_start_xmit function
net: phy: mdio-bcm-unimac: Allow configuring MDIO clock divider
samples/bpf: fix compilation failure
PCI/ERR: Use slot reset if available
PCI/AER: Don't read upstream ports below fatal errors
PCI/AER: Take reference on error devices
bnx2x: Ignore bandwidth attention in single function mode
ARM: dts: stm32: Fix SPI controller node names
ARM: dts: clearfog: fix sdhci supply property name
ARM: dts: stm32: enable display on stm32mp157c-ev1 board
x86/mce-inject: Reset injection struct after injection
ARM: dts: marvell: Fix SPI and I2C bus warnings
crypto: arm/crc32 - avoid warning when compiling with Clang
cpufeature: avoid warning when compiling with clang
crypto: chacha20 - Fix chacha20_block() keystream alignment (again)
spi: pic32: Use proper enum in dmaengine_prep_slave_rg
ARM: dts: ste: Fix SPI controller node names
ARM: dts: ux500: Fix LCDA clock line muxing
ARM: dts: ux500: Correct SCU unit address
f2fs: fix to recover inode's uid/gid during POR
f2fs: avoid infinite loop in f2fs_alloc_nid
ARM: dts: ti: Fix SPI and I2C bus warnings
ARM: dts: am335x-evm: fix number of cpsw
PCI: portdrv: Initialize service drivers directly
mlxsw: spectrum: Init shaper for TCs 8..15
brcmsmac: Use kvmalloc() for ucode allocations
brcmfmac: increase buffer for obtaining firmware capabilities
s390/vdso: correct CFI annotations of vDSO functions
s390/vdso: avoid 64-bit vdso mapping for compat tasks
s390/zcrypt: enable AP bus scan without a valid default domain
usb: usbtmc: Fix ioctl USBTMC_IOCTL_ABORT_BULK_OUT
usb: chipidea: Fix otg event handler
usb: chipidea: imx: enable OTG overcurrent in case USB subsystem is already started
nfp: provide a better warning when ring allocation fails
net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg()
net: hns3: Fix client initialize state issue when roce client initialize failed
net: hns3: Clear client pointer when initialize client failed or unintialize finished
net: hns3: Fix cmdq registers initialization issue for vf
net: hns3: Fix for setting speed for phy failed problem
net: sun: fix return type of ndo_start_xmit function
net: amd: fix return type of ndo_start_xmit function
net: broadcom: fix return type of ndo_start_xmit function
net: xilinx: fix return type of ndo_start_xmit function
net: toshiba: fix return type of ndo_start_xmit function
net: marvell: fix return type of ndo_start_xmit function
net: mvpp2: fix the number of queues per cpu for PPv2.2
power: supply: twl4030_charger: disable eoc interrupt on linear charge
power: supply: twl4030_charger: fix charging current out-of-bounds
libfdt: Ensure INT_MAX is defined in libfdt_env.h
of/unittest: Fix I2C bus unit-address error
OPP: Protect dev_list with opp_table lock
ARM: dts: atmel: Fix I2C and SPI bus warnings
RDMA/i40iw: Fix incorrect iterator type
powerpc: Fix duplicate const clang warning in user access code
powerpc/pseries: Disable CPU hotplug across migrations
powerpc/pseries/memory-hotplug: Only update DT once per memory DLPAR request
powerpc/64s/hash: Fix stab_rr off by one initialization
selftests/powerpc: Do not fail with reschedule
powerpc/iommu: Avoid derefence before pointer check
net: ibm: fix return type of ndo_start_xmit function
net: cavium: fix return type of ndo_start_xmit function
net: hns3: fix return type of ndo_start_xmit function
ipmi: fix return value of ipmi_set_my_LUN
ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address
ipmi_si: fix potential integer overflow on large shift
ipmi_si_pci: fix NULL device in ipmi_si error message
ASoC: rt5682: Fix the boost volume at the begining of playback
spi: mediatek: Don't modify spi_transfer when transfer.
spi/bcm63xx-hsspi: keep pll clk enabled
samples/bpf: fix a compilation failure
arm64: dts: ti: k3-am65: Change #address-cells and #size-cells of interconnect to 2
tty: serial: qcom_geni_serial: Fix serial when not used as console
serial: mxs-auart: Fix potential infinite loop
serial: samsung: Enable baud clock for UART reset procedure in resume
serial: uartps: Fix suspend functionality
ARM: dts: xilinx: Fix I2C and SPI bus warnings
PCI: mediatek: Fix unchecked return value
net: socionext: Fix two sleep-in-atomic-context bugs in ave_rxfifo_reset()
PCI/ACPI: Correct error message for ASPM disabling
media: ov2680: don't register the v4l2 subdevice before checking chip ID
media: vsp1: Fix YCbCr planar formats pitch calculation
media: vsp1: Fix vsp1_regs.h license header
s390/qeth: invoke softirqs after napi_schedule()
s390/qeth: uninstall IRQ handler on device removal
ath9k: Fix a locking bug in ath9k_add_interface()
netfilter: nf_tables: avoid BUG_ON usage
ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask
arm64: dts: rockchip: Fix I2C bus unit-address error on rk3399-puma-haikou
ARM: dts: rockchip: Fix erroneous SPI bus dtc warnings on rk3036
scsi: ufshcd: Fix NULL pointer dereference for in ufshcd_init
ip_gre: fix parsing gre header in ipgre_err
kernfs: Fix range checks in kernfs_get_target_path
component: fix loop condition to call unbind() if bind() fails
power: supply: max8998-charger: Fix platform data retrieval
power: reset: at91-poweroff: do not procede if at91_shdwc is allocated
power: supply: ab8500_fg: silence uninitialized variable warnings
arm64: dts: meson: Fix erroneous SPI bus warnings
blok, bfq: do not plug I/O if all queues are weight-raised
block, bfq: inject other-queue I/O into seeky idle queues on NCQ flash
arm64: fix for bad_mode() handler to always result in panic
cxgb4: Fix endianness issue in t4_fwcache()
android: binder: no outgoing transaction when thread todo has transaction
ARM: dts: sun9i: Fix I2C bus warnings
pinctrl: at91: don't use the same irqchip with multiple gpiochips
ARM: dts: sunxi: Fix I2C bus warnings
ARM: dts: socfpga: Fix I2C bus unit-address error
powerpc/vdso: Correct call frame information
ARM: dts: aspeed: Fix I2C bus warnings
ARM: dts: bcm: Fix SPI bus warnings
arm64: dts: broadcom: Fix I2C and SPI bus warnings
drivers: qcom: rpmh-rsc: clear wait_for_compl after use
soc: qcom: apr: Avoid string overflow
soc: qcom: wcnss_ctrl: Avoid string overflow
soc: qcom: geni: geni_se_clk_freq_match() should always accept multiples
soc: qcom: geni: Don't ignore clk_round_rate() errors in geni_se_clk_tbl_get()
ARM: dts: qcom: ipq4019: fix cpu0's qcom,saw2 reg value
llc: avoid blocking in llc_sap_close()
pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map()
arm64: dts: renesas: r8a77965: Fix clock/reset for usb2_phy1
arm64: dts: renesas: r8a77965: Fix HS-USB compatible
arm64: dts: renesas: r8a77965: Attach the SYS-DMAC to the IPMMU
arm64: dts: renesas: salvator-common: adv748x: Override secondary addresses
ALSA: intel8x0m: Register irq handler after register initializations
arm64: dts: meson-axg: use the proper compatible for ethmac
arm64: dts: meson: libretech: update board model
net: bcmgenet: Fix speed selection for reverse MII
media: dvb: fix compat ioctl translation
media: fix: media: pci: meye: validate offset to avoid arbitrary access
ALSA: hda: Fix implicit definition of pci_iomap() on SH
media: dt-bindings: adv748x: Fix decimal unit addresses
nvmem: core: return error code instead of NULL from nvmem_device_get
Drivers: hv: vmbus: Fix synic per-cpu context initialization
net: aquantia: fix hw_atl_utils_fw_upload_dwords
kprobes: Don't call BUG_ON() if there is a kprobe in use on free list
scsi: pm80xx: Fixed system hang issue during kexec boot
scsi: pm80xx: Corrected dma_unmap_sg() parameter
ARM: imx6: register pm_power_off handler if "fsl,pmic-stby-poweroff" is set
scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir()
scsi: lpfc: Fix errors in log messages.
scsi: lpfc: Correct invalid EQ doorbell write on if_type=6
scsi: lpfc: Fix GFT_ID and PRLI logic for RSCN
scsi: qla2xxx: Fix duplicate switch's Nport ID entries
scsi: qla2xxx: Fix dropped srb resource.
scsi: qla2xxx: Fix port speed display on chip reset
scsi: qla2xxx: Check for Register disconnect
scsi: qla2xxx: Increase abort timeout value
scsi: qla2xxx: Fix deadlock between ATIO and HW lock
scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0
scsi: qla2xxx: Defer chip reset until target mode is enabled
scsi: qla2xxx: Fix iIDMA error
scsi: qla2xxx: Use correct qpair for ABTS/CMD
f2fs: fix setattr project check upon fssetxattr ioctl
f2fs: fix memory leak of percpu counter in fill_super()
f2fs: fix memory leak of write_io in fill_super()
signal: Properly deliver SIGSEGV from x86 uprobes
signal: Properly deliver SIGILL from uprobes
signal: Always ignore SIGKILL and SIGSTOP sent to the global init
IB/hfi1: Missing return value in error path for user sdma
RDMA/hns: Fix an error code in hns_roce_v2_init_eq_table()
dmaengine: at_xdmac: remove a stray bottom half unlock
ath9k: add back support for using active monitor interfaces for tx99
rtc: pl030: fix possible race condition
rtc: mt6397: fix possible race condition
EDAC, sb_edac: Return early on ADDRV bit and address type test
dmaengine: dma-jz4780: Further residue status fix
dmaengine: dma-jz4780: Don't depend on MACH_JZ4780
usb: mtu3: disable vbus rise/fall interrupts of ltssm
ARM: dts: exynos: Disable pull control for PMIC IRQ line on Artik5 board
arm64: dts: rockchip: Fix VCC5V0_HOST_EN on rk3399-sapphire
firmware: arm_scmi: use strlcpy to ensure NULL-terminated strings
sched/debug: Use symbolic names for task state constants
sched/debug: Explicitly cast sched_feat() to bool
failover: Fix error return code in net_failover_create
f2fs: submit bio after shutdown
ARM: dts: omap3-gta04: keep vpll2 always on
ARM: dts: omap3-gta04: make NAND partitions compatible with recent U-Boot
ARM: dts: omap3-gta04: fix touchscreen tsc2007
ARM: dts: omap3-gta04: tvout: enable as display1 alias
ARM: dts: omap3-gta04: fixes for tvout / venc
ARM: dts: omap3-gta04: give spi_lcd node a label so that we can overwrite in other DTS files
of: make PowerMac cache node search conditional on CONFIG_PPC_PMAC
ata: Disable AHCI ALPM feature for Ampere Computing eMAG SATA
ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation
ASoC: dapm: Avoid uninitialised variable warning
udf: Fix crash during mount
mips: txx9: fix iounmap related issue
RDMA/core: Follow correct unregister order between sysfs and cgroup
RDMA/core: Rate limit MAD error messages
IB/ipoib: Ensure that MTU isn't less than minimum permitted
IB/mlx5: Don't hold spin lock while checking device state
i2c: mediatek: Use DMA safe buffers for i2c transactions
ath10k: wmi: disable softirq's while calling ieee80211_rx
ARM: dts: exynos: Disable pull control for S5M8767 PMIC
ath10k: avoid possible memory access violation
ASoC: sgtl5000: avoid division by zero if lo_vag is zero
rtnetlink: move type calculation out of loop
net: lan78xx: Bail out if lan78xx_get_endpoints fails
f2fs: avoid wrong decrypted data from disk
cfg80211: validate wmm rule when setting
mac80211: fix saving a few HE values
qxl: fix null-pointer crash during suspend
IB/mlx5: Change TX affinity assignment in RoCE LAG mode
mtd: rawnand: qcom: don't include dma-direct.h
mtd: rawnand: fsl_ifc: fixup SRAM init for newer ctrl versions
mtd: rawnand: fsl_ifc: check result of SRAM initialization
mtd: rawnand: marvell: use regmap_update_bits() for syscon access
ARM: dts: meson8b: fix the clock controller register size
ARM: dts: meson8: fix the clock controller register size
net: phy: mscc: read 'vsc8531, edge-slowdown' as an u32
net: phy: mscc: read 'vsc8531,vddmac' as an u32
net/mlx5: Fix atomic_mode enum values
net: hns3: Change the dst mac addr of loopback packet
net: hns3: Fix for loopback selftest failed problem
net: hns3: Fix error of checking used vlan id
net: hns3: Fix for multicast failure
ASoC: rsnd: ssi: Fix issue in dma data address assignment
soc: imx: gpc: fix PDN delay
mt76: Fix comparisons with invalid hardware key index
brcmfmac: fix wrong strnchr usage
mwifex: free rx_cmd skb in suspended state
mwifiex: do no submit URB in suspended state
rtl8187: Fix warning generated when strncpy() destination length matches the sixe argument
ARM: dts: pxa: fix power i2c base address
ARM: dts: pxa: fix the rtc controller
media: ov772x: Disable clk on error path
media: i2c: Fix pm_runtime_get_if_in_use() usage in sensor drivers
media: vicodec: fix out-of-range values when decoding
iwlwifi: mvm: avoid sending too many BARs
iwlwifi: don't WARN on trying to dump dead firmware
iwlwifi: drop packets with bad status in CD
IB/rxe: fixes for rdma read retry
IB/rxe: avoid back-to-back retries
i40e: Prevent deleting MAC address from VF when set by PF
i40evf: cancel workqueue sync for adminq when a VF is removed
i40e: hold the rtnl lock on clearing interrupt scheme
i40evf: Don't enable vlan stripping when rx offload is turned on
i40e: Check and correct speed values for link on open
i40evf: set IFF_UNICAST_FLT flag for the VF
i40e: use correct length for strncpy
i40evf: Validate the number of queues a PF sends
ARM: dts: exynos: Fix regulators configuration on Peach Pi/Pit Chromebooks
arm64: dts: stratix10: i2c clock running out of spec
liquidio: fix race condition in instruction completion processing
ARM: dts: exynos: Fix sound in Snow-rev5 Chromebook
ARM: dts: exynos: Fix HDMI-HPD line handling on Arndale
ARM: dts: exynos: Use i2c-gpio for HDMI-DDC on Arndale
MIPS: BCM47XX: Enable USB power on Netgear WNDR3400v3
pinctrl: ingenic: Probe driver at subsys_initcall
ASoC: AMD: Change MCLK to 48Mhz
ASoC: meson: axg-fifo: report interrupt request failure
ASoC: dpcm: Properly initialise hw->rate_max
ASoC: dapm: Don't fail creating new DAPM control on NULL pinctrl
ice: Fix and update driver version string
gfs2: Don't set GFS2_RDF_UPTODATE when the lvb is updated
ice: Prevent control queue operations during reset
ice: Update request resource command to latest specification
ath10k: limit available channels via DT ieee80211-freq-limit
wil6210: fix invalid memory access for rx_buff_mgmt debugfs
wil6210: prevent usage of tx ring 0 for eDMA
wil6210: set edma variables only for Talyn-MB devices
wil6210: drop Rx multicast packets that are looped-back to STA
ath9k: fix tx99 with monitor mode interface
ath10k: skip resetting rx filter for WCN3990
ALSA: seq: Do error checks at creating system ports
cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set
extcon: cht-wc: Return from default case to avoid warnings
remoteproc/davinci: Use %zx for formating size_t
rtc: rv8803: fix the rv8803 id in the OF table
rtc: sysfs: fix NULL check in rtc_add_groups()
ARM: dts: at91/trivial: Fix USART1 definition for at91sam9g45
ARM: dts: rcar: Correct SATA device sizes to 2 MiB
y2038: make do_gettimeofday() and get_seconds() inline
arm64: dts: tegra210-p2180: Correct sdmmc4 vqmmc-supply
soc/tegra: pmc: Fix pad voltage configuration for Tegra186
ALSA: pcm: signedness bug in snd_pcm_plug_alloc()
arm64: dts: allwinner: a64: NanoPi-A64: Fix DCDC1 voltage
arm64: dts: allwinner: a64: Olinuxino: fix DRAM voltage
arm64: dts: allwinner: a64: Orange Pi Win: Fix SD card node
soundwire: intel: Fix uninitialized adev deref
soundwire: Initialize completion for defer messages
clk: sunxi-ng: h6: fix PWM gate/reset offset
iio: dac: mcp4922: fix error handling in mcp4922_write_raw
ath10k: fix kernel panic by moving pci flush after napi_disable
tee: optee: take DT status property into account
iio: adc: max9611: explicitly cast gain_selectors
mmc: sdhci-of-at91: fix quirk2 overwrite
mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup()
mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm()
mm: mempolicy: fix the wrong return value and potential pages leak of mbind
iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros
net: ethernet: dwmac-sun8i: Use the correct function in exit path
ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either
ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable
i2c: acpi: Force bus speed to 400KHz if a Silead touchscreen is present
IB/hfi1: Use a common pad buffer for 9B and 16B packets
IB/hfi1: Ensure full Gen3 speed in a Gen4 system
Input: synaptics-rmi4 - destroy F54 poller workqueue when removing
Input: synaptics-rmi4 - clear IRQ enables for F54
Input: synaptics-rmi4 - do not consume more data than we have (F11, F12)
Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver
Input: synaptics-rmi4 - fix video buffer size
Input: ff-memless - kill timer in destroy()
Btrfs: fix log context list corruption after rename exchange operation
ALSA: usb-audio: Fix incorrect size check for processing/extension units
ALSA: usb-audio: Fix incorrect NULL check in create_yamaha_midi_quirk()
ALSA: usb-audio: not submit urb for stopped endpoint
ALSA: usb-audio: Fix missing error check at mixer resolution test
slip: Fix memory leak in slip_open error path
net: usb: qmi_wwan: add support for Foxconn T77W968 LTE modules
net: gemini: add missed free_netdev
ipmr: Fix skb headroom in ipmr_get_route().
ax88172a: fix information leak on short answers
scsi: core: Handle drivers which set sg_tablesize to zero
MIPS: BCM63XX: fix switch core reset on BCM6368
KVM: x86: introduce is_pae_paging
Conflicts:
drivers/hwtracing/coresight/coresight-etm-perf.c
drivers/hwtracing/coresight/coresight-tmc-etr.c
drivers/hwtracing/coresight/coresight-tmc.h
drivers/hwtracing/coresight/coresight.c
drivers/net/wireless/ath/wil6210/pcie_bus.c
drivers/net/wireless/ath/wil6210/txrx.c
drivers/scsi/ufs/ufshcd.c
drivers/slimbus/qcom-ngd-ctrl.c
include/linux/libfdt_env.h
Change-Id: Iba6cbaecffd0ef9fd94503df06397ca4cce9b4fb
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
* refs/heads/tmp-314ab78:
Linux 4.19.84
kvm: x86: mmu: Recovery of shattered NX large pages
kvm: Add helper function for creating VM worker threads
kvm: mmu: ITLB_MULTIHIT mitigation
KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active
KVM: x86: add tracepoints around __direct_map and FNAME(fetch)
KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON
KVM: x86: remove now unneeded hugepage gfn adjustment
KVM: x86: make FNAME(fetch) and __direct_map more similar
kvm: mmu: Do not release the page inside mmu_set_spte()
kvm: Convert kvm_lock to a mutex
kvm: x86, powerpc: do not allow clearing largepages debugfs entry
Documentation: Add ITLB_MULTIHIT documentation
cpu/speculation: Uninline and export CPU mitigations helpers
x86/cpu: Add Tremont to the cpu vulnerability whitelist
x86/bugs: Add ITLB_MULTIHIT bug infrastructure
x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs
x86/tsx: Add config options to set tsx=on|off|auto
x86/speculation/taa: Add documentation for TSX Async Abort
x86/tsx: Add "auto" option to the tsx= cmdline parameter
kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
x86/speculation/taa: Add sysfs reporting for TSX Async Abort
x86/speculation/taa: Add mitigation for TSX Async Abort
x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
x86/cpu: Add a helper function x86_read_arch_cap_msr()
x86/msr: Add the IA32_TSX_CTRL MSR
KVM: x86: use Intel speculation bugs and features as derived in generic x86 code
drm/i915/cmdparser: Fix jump whitelist clearing
drm/i915/gen8+: Add RC6 CTX corruption WA
drm/i915: Lower RM timeout to avoid DSI hard hangs
drm/i915/cmdparser: Ignore Length operands during command matching
drm/i915/cmdparser: Add support for backward jumps
drm/i915/cmdparser: Use explicit goto for error paths
drm/i915: Add gen9 BCS cmdparsing
drm/i915: Allow parsing of unsized batches
drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
drm/i915: Add support for mandatory cmdparsing
drm/i915: Remove Master tables from cmdparser
drm/i915: Disable Secure Batches for gen6+
drm/i915: Rename gen7 cmdparser tables
vsock/virtio: fix sock refcnt holding during the shutdown
iio: imu: mpu6050: Fix FIFO layout for ICM20602
net: prevent load/store tearing on sk->sk_stamp
netfilter: ipset: Copy the right MAC address in hash:ip,mac IPv6 sets
usbip: Fix free of unallocated memory in vhci tx
cgroup,writeback: don't switch wbs immediately on dead wbs if the memcg is dead
mm/filemap.c: don't initiate writeback if mapping has no dirty pages
iio: imu: inv_mpu6050: fix no data on MPU6050
iio: imu: mpu6050: Add support for the ICM 20602 IMU
blkcg: make blkcg_print_stat() print stats only for online blkgs
pinctrl: cherryview: Fix irq_valid_mask calculation
ocfs2: protect extent tree in ocfs2_prepare_inode_for_write()
pinctrl: intel: Avoid potential glitches if pin is in GPIO mode
e1000: fix memory leaks
igb: Fix constant media auto sense switching when no cable is connected
net: ethernet: arc: add the missed clk_disable_unprepare
NFSv4: Don't allow a cached open with a revoked delegation
usb: dwc3: gadget: fix race when disabling ep with cancelled xfers
hv_netvsc: Fix error handling in netvsc_attach()
drm/amd/display: Passive DP->HDMI dongle detection fix
drm/amdgpu: If amdgpu_ib_schedule fails return back the error.
iommu/amd: Apply the same IVRS IOAPIC workaround to Acer Aspire A315-41
net: mscc: ocelot: refuse to overwrite the port's native vlan
net: mscc: ocelot: fix vlan_filtering when enslaving to bridge before link is up
net: hisilicon: Fix "Trying to free already-free IRQ"
fjes: Handle workqueue allocation failure
nvme-multipath: fix possible io hang after ctrl reconnect
scsi: qla2xxx: stop timer in shutdown path
RDMA/hns: Prevent memory leaks of eq->buf_list
RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case
usbip: tools: Fix read_usb_vudc_device() error path handling
USB: ldusb: use unsigned size format specifiers
USB: Skip endpoints with 0 maxpacket length
perf/x86/uncore: Fix event group support
perf/x86/amd/ibs: Handle erratum #420 only on the affected CPU family (10h)
perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus precise RIP validity
usb: dwc3: remove the call trace of USBx_GFLADJ
usb: gadget: configfs: fix concurrent issue between composite APIs
usb: dwc3: pci: prevent memory leak in dwc3_pci_probe
usb: gadget: composite: Fix possible double free memory bug
usb: gadget: udc: atmel: Fix interrupt storm in FIFO mode.
usb: fsl: Check memory resource before releasing it
macsec: fix refcnt leak in module exit routine
bonding: fix unexpected IFF_BONDING bit unset
ipvs: move old_secure_tcp into struct netns_ipvs
ipvs: don't ignore errors in case refcounting ip_vs module fails
netfilter: nf_flow_table: set timeout before insertion into hashes
scsi: qla2xxx: Initialized mailbox to prevent driver load failure
scsi: lpfc: Honor module parameter lpfc_use_adisc
net: openvswitch: free vport unless register_netdevice() succeeds
RDMA/uverbs: Prevent potential underflow
scsi: qla2xxx: fixup incorrect usage of host_byte
net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq
net/mlx5e: TX, Fix consumer index of error cqe dump
RDMA/qedr: Fix reported firmware version
iw_cxgb4: fix ECN check on the passive accept
RDMA/mlx5: Clear old rate limit when closing QP
HID: intel-ish-hid: fix wrong error handling in ishtp_cl_alloc_tx_ring()
dmaengine: sprd: Fix the possible memory leak issue
dmaengine: xilinx_dma: Fix control reg update in vdma_channel_set_config
HID: google: add magnemite/masterball USB ids
PCI: tegra: Enable Relaxed Ordering only for Tegra20 & Tegra30
usbip: Implement SG support to vhci-hcd and stub driver
usbip: Fix vhci_urb_enqueue() URB null transfer buffer error path
sched/fair: Fix -Wunused-but-set-variable warnings
sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices
ALSA: usb-audio: Fix copy&paste error in the validator
ALSA: usb-audio: remove some dead code
ALSA: usb-audio: Fix possible NULL dereference at create_yamaha_midi_quirk()
ALSA: usb-audio: Clean up check_input_term()
ALSA: usb-audio: Remove superfluous bLength checks
ALSA: usb-audio: Unify the release of usb_mixer_elem_info objects
ALSA: usb-audio: Simplify parse_audio_unit()
ALSA: usb-audio: More validations of descriptor units
configfs: fix a deadlock in configfs_symlink()
configfs: provide exclusion between IO and removals
configfs: new object reprsenting tree fragments
configfs_register_group() shouldn't be (and isn't) called in rmdirable parts
configfs: stash the data we need into configfs_buffer at open time
can: peak_usb: fix slab info leak
can: mcba_usb: fix use-after-free on disconnect
can: dev: add missing of_node_put() after calling of_get_child_by_name()
can: gs_usb: gs_can_open(): prevent memory leak
can: rx-offload: can_rx_offload_queue_sorted(): fix error handling, avoid skb mem leak
can: peak_usb: fix a potential out-of-sync while decoding packets
can: c_can: c_can_poll(): only read status register after status IRQ
can: flexcan: disable completely the ECC mechanism
can: usb_8dev: fix use-after-free on disconnect
SMB3: Fix persistent handles reconnect
x86/apic/32: Avoid bogus LDR warnings
intel_th: pci: Add Jasper Lake PCH support
intel_th: pci: Add Comet Lake PCH support
netfilter: ipset: Fix an error code in ip_set_sockfn_get()
netfilter: nf_tables: Align nft_expr private data to 64-bit
ARM: sunxi: Fix CPU powerdown on A83T
iio: srf04: fix wrong limitation in distance measuring
iio: imu: adis16480: make sure provided frequency is positive
iio: adc: stm32-adc: fix stopping dma
ceph: add missing check in d_revalidate snapdir handling
ceph: fix use-after-free in __ceph_remove_cap()
arm64: Do not mask out PTE_RDONLY in pte_same()
soundwire: bus: set initial value to port_status
soundwire: depend on ACPI
HID: wacom: generic: Treat serial number and related fields as unsigned
drm/radeon: fix si_enable_smc_cac() failed issue
perf tools: Fix time sorting
tools: gpio: Use !building_out_of_srctree to determine srctree
dump_stack: avoid the livelock of the dump_lock
mm, vmstat: hide /proc/pagetypeinfo from normal users
mm: thp: handle page cache THP correctly in PageTransCompoundMap
mm, meminit: recalculate pcpu batch and high limits after init completes
mm: memcontrol: fix network errors from failing __GFP_ATOMIC charges
ALSA: hda/ca0132 - Fix possible workqueue stall
ALSA: bebob: fix to detect configured source of sampling clock for Focusrite Saffire Pro i/o series
ALSA: timer: Fix incorrectly assigned timer instance
net: hns: Fix the stray netpoll locks causing deadlock in NAPI path
ipv6: fixes rt6_probe() and fib6_nh->last_probe init
net: mscc: ocelot: fix NULL pointer on LAG slave removal
net: mscc: ocelot: don't handle netdev events for other netdevs
qede: fix NULL pointer deref in __qede_remove()
NFC: st21nfca: fix double free
nfc: netlink: fix double device reference drop
NFC: fdp: fix incorrect free object
net: usb: qmi_wwan: add support for DW5821e with eSIM support
net: qualcomm: rmnet: Fix potential UAF when unregistering
net: fix data-race in neigh_event_send()
net: ethernet: octeon_mgmt: Account for second possible VLAN header
ipv4: Fix table id reference in fib_sync_down_addr
CDC-NCM: handle incomplete transfer of MTU
bonding: fix state transition issue in link monitoring
Linux 4.19.83
usb: gadget: udc: core: Fix segfault if udc_bind_to_driver() for pending driver fails
arm64: dts: ti: k3-am65-main: Fix gic-its node unit-address
ASoC: pcm3168a: The codec does not support S32_LE
selftests/powerpc: Fix compile error on tlbie_test due to newer gcc
selftests/powerpc: Add test case for tlbie vs mtpidr ordering issue
powerpc/mm: Fixup tlbie vs mtpidr/mtlpidr ordering issue on POWER9
platform/x86: pmc_atom: Add Siemens SIMATIC IPC227E to critclk_systems DMI table
wireless: Skip directory when generating certificates
net/flow_dissector: switch to siphash
r8152: add device id for Lenovo ThinkPad USB-C Dock Gen 2
net: dsa: fix switch tree list
net: usb: lan78xx: Connect PHY before registering MAC
net: bcmgenet: reset 40nm EPHY on energy detect
net: phy: bcm7xxx: define soft_reset for 40nm EPHY
net: bcmgenet: don't set phydev->link from MAC
net: dsa: b53: Do not clear existing mirrored port mask
net/mlx5e: Fix ethtool self test: link speed
r8169: fix wrong PHY ID issue with RTL8168dp
net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget
selftests: fib_tests: add more tests for metric update
ipv4: fix route update on metric change.
net: add READ_ONCE() annotation in __skb_wait_for_more_packets()
net: use skb_queue_empty_lockless() in busy poll contexts
net: use skb_queue_empty_lockless() in poll() handlers
udp: use skb_queue_empty_lockless()
net: add skb_queue_empty_lockless()
vxlan: check tun_info options_len properly
udp: fix data-race in udp_set_dev_scratch()
selftests: net: reuseport_dualstack: fix uninitalized parameter
net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol()
net: usb: lan78xx: Disable interrupts before calling generic_handle_irq()
netns: fix GFP flags in rtnl_net_notifyid()
net/mlx4_core: Dynamically set guaranteed amount of counters per VF
net: hisilicon: Fix ping latency when deal with high throughput
net: fix sk_page_frag() recursion from memory reclaim
net: ethernet: ftgmac100: Fix DMA coherency issue with SW checksum
net: dsa: bcm_sf2: Fix IMP setup for port different than 8
net: annotate lockless accesses to sk->sk_napi_id
net: annotate accesses to sk->sk_incoming_cpu
inet: stop leaking jiffies on the wire
erspan: fix the tun_info options_len check for erspan
dccp: do not leak jiffies on the wire
cxgb4: fix panic when attaching to ULD fail
nbd: handle racing with error'ed out commands
nbd: protect cmd->status with cmd->lock
cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs
i2c: stm32f7: remove warning when compiling with W=1
i2c: stm32f7: fix a race in slave mode with arbitration loss irq
i2c: stm32f7: fix first byte to send in slave mode
irqchip/gic-v3-its: Use the exact ITSList for VMOVP
MIPS: bmips: mark exception vectors as char arrays
of: unittest: fix memory leak in unittest_data_add
ARM: 8926/1: v7m: remove register save to stack before svc
tracing: Fix "gfp_t" format for synthetic events
scsi: target: core: Do not overwrite CDB byte 1
drm/amdgpu: fix potential VM faults
ARM: davinci: dm365: Fix McBSP dma_slave_map entry
perf kmem: Fix memory leak in compact_gfp_flags()
8250-men-mcb: fix error checking when get_num_ports returns -ENODEV
perf c2c: Fix memory leak in build_cl_output()
ARM: dts: imx7s: Correct GPT's ipg clock source
scsi: fix kconfig dependency warning related to 53C700_LE_ON_BE
scsi: sni_53c710: fix compilation error
scsi: scsi_dh_alua: handle RTPG sense code correctly during state transitions
scsi: qla2xxx: fix a potential NULL pointer dereference
ARM: mm: fix alignment handler faults under memory pressure
pinctrl: ns2: Fix off by one bugs in ns2_pinmux_enable()
ARM: dts: logicpd-torpedo-som: Remove twl_keypad
ASoc: rockchip: i2s: Fix RPM imbalance
ASoC: wm_adsp: Don't generate kcontrols without READ flags
regulator: pfuze100-regulator: Variable "val" in pfuze100_regulator_probe() could be uninitialized
ASoC: rt5682: add NULL handler to set_jack function
regulator: ti-abb: Fix timeout in ti_abb_wait_txdone/ti_abb_clear_all_txdone
arm64: dts: Fix gpio to pinmux mapping
arm64: dts: allwinner: a64: sopine-baseboard: Add PHY regulator delay
arm64: dts: allwinner: a64: pine64-plus: Add PHY regulator delay
ASoC: wm8994: Do not register inapplicable controls for WM1811
regulator: of: fix suspend-min/max-voltage parsing
kbuild: add -fcf-protection=none when using retpoline flags
Linux 4.19.82
Revert "ALSA: hda: Flush interrupts on disabling"
powerpc/powernv: Fix CPU idle to be called with IRQs disabled
ALSA: usb-audio: Add DSD support for Gustard U16/X26 USB Interface
ALSA: usb-audio: Update DSD support quirks for Oppo and Rotel
ALSA: usb-audio: DSD auto-detection for Playback Designs
ALSA: timer: Fix mutex deadlock at releasing card
ALSA: timer: Simplify error path in snd_timer_open()
sch_netem: fix rcu splat in netem_enqueue()
net: usb: sr9800: fix uninitialized local variable
bonding: fix potential NULL deref in bond_update_slave_arr
NFC: pn533: fix use-after-free and memleaks
rxrpc: Fix trace-after-put looking at the put peer record
rxrpc: rxrpc_peer needs to hold a ref on the rxrpc_local record
rxrpc: Fix call ref leak
llc: fix sk_buff leak in llc_conn_service()
llc: fix sk_buff leak in llc_sap_state_process()
batman-adv: Avoid free/alloc race when handling OGM buffer
NFS: Fix an RCU lock leak in nfs4_refresh_delegation_stateid()
drm/amdgpu/powerplay/vega10: allow undervolting in p7
dmaengine: cppi41: Fix cppi41_dma_prep_slave_sg() when idle
dmaengine: qcom: bam_dma: Fix resource leak
rtlwifi: Fix potential overflow on P2P code
arm64: Ensure VM_WRITE|VM_SHARED ptes are clean by default
s390/idle: fix cpu idle time calculation
s390/cmm: fix information leak in cmm_timeout_handler()
nl80211: fix validation of mesh path nexthop
HID: fix error message in hid_open_report()
HID: Fix assumption that devices have inputs
HID: i2c-hid: add Trekstor Primebook C11B to descriptor override
scsi: target: cxgbit: Fix cxgbit_fw4_ack()
USB: serial: whiteheat: fix line-speed endianness
USB: serial: whiteheat: fix potential slab corruption
usb: xhci: fix __le32/__le64 accessors in debugfs code
USB: ldusb: fix control-message timeout
USB: ldusb: fix ring-buffer locking
usb-storage: Revert commit 747668dbc061 ("usb-storage: Set virt_boundary_mask to avoid SG overflows")
USB: gadget: Reject endpoints with 0 maxpacket value
UAS: Revert commit 3ae62a42090f ("UAS: fix alignment of scatter/gather segments")
ALSA: hda/realtek - Add support for ALC623
ALSA: hda/realtek - Fix 2 front mics of codec 0x623
ALSA: bebob: Fix prototype of helper function to return negative value
fuse: truncate pending writes on O_TRUNC
fuse: flush dirty data/metadata before non-truncate setattr
ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()
thunderbolt: Use 32-bit writes when writing ring producer/consumer
USB: legousbtower: fix a signedness bug in tower_probe()
nbd: verify socket is supported during setup
iwlwifi: exclude GEO SAR support for 3168
ALSA: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360
ARM: 8914/1: NOMMU: Fix exc_ret for XIP
tracing: Initialize iter->seq after zeroing in tracing_read_pipe()
s390/uaccess: avoid (false positive) compiler warnings
NFSv4: Fix leak of clp->cl_acceptor string
nbd: fix possible sysfs duplicate warning
virt: vbox: fix memory leak in hgcm_call_preprocess_linaddr
MIPS: fw: sni: Fix out of bounds init of o32 stack
MIPS: include: Mark __xchg as __always_inline
iio: imu: adis16400: release allocated memory on failure
drm/amdgpu: fix memory leak
perf/x86/amd: Change/fix NMI latency mitigation to use a timestamp
sched/vtime: Fix guest/system mis-accounting on task switch
x86/cpu: Add Comet Lake to the Intel CPU models header
arm64: armv8_deprecated: Checking return value for memory allocation
fs: ocfs2: fix a possible null-pointer dereference in ocfs2_info_scan_inode_alloc()
fs: ocfs2: fix a possible null-pointer dereference in ocfs2_write_end_nolock()
fs: ocfs2: fix possible null-pointer dereferences in ocfs2_xa_prepare_entry()
ocfs2: clear zero in unaligned direct IO
x86/xen: Return from panic notifier
MIPS: include: Mark __cmpxchg as __always_inline
efi/x86: Do not clean dummy variable in kexec path
efi/cper: Fix endianness of PCIe class code
serial: mctrl_gpio: Check for NULL pointer
fs: cifs: mute -Wunused-const-variable message
gpio: max77620: Use correct unit for debounce times
tty: n_hdlc: fix build on SPARC
tty: serial: owl: Fix the link time qualifier of 'owl_uart_exit()'
arm64: ftrace: Ensure synchronisation in PLT setup for Neoverse-N1 #1542419
nfs: Fix nfsi->nrequests count error on nfs_inode_remove_request
HID: hyperv: Use in-place iterator API in the channel callback
RDMA/iwcm: Fix a lock inversion issue
RDMA/hfi1: Prevent memory leak in sdma_init
staging: rtl8188eu: fix null dereference when kzalloc fails
perf annotate: Return appropriate error code for allocation failures
perf annotate: Propagate the symbol__annotate() error return
perf annotate: Fix the signedness of failure returns
perf annotate: Propagate perf_env__arch() error
perf tools: Propagate get_cpuid() error
perf jevents: Fix period for Intel fixed counters
perf script brstackinsn: Fix recovery from LBR/binary mismatch
perf map: Fix overlapped map handling
perf tests: Avoid raising SEGV using an obvious NULL dereference
libsubcmd: Make _FORTIFY_SOURCE defines dependent on the feature
iio: fix center temperature of bmc150-accel-core
iio: adc: meson_saradc: Fix memory allocation order
power: supply: max14656: fix potential use-after-free
drm/amd/display: fix odm combine pipe reset
PCI/PME: Fix possible use-after-free on remove
net: dsa: mv88e6xxx: Release lock while requesting IRQ
exec: load_script: Do not exec truncated interpreter path
ext4: disallow files with EXT4_JOURNAL_DATA_FL from EXT4_IOC_SWAP_BOOT
media: vimc: Remove unused but set variables
ALSA: hda/realtek - Apply ALC294 hp init also for S4 resume
cifs: add credits from unmatched responses/messages
CIFS: Respect SMB2 hdr preamble size in read responses
scsi: lpfc: Correct localport timeout duration error
mlxsw: spectrum: Set LAG port collector only when active
arm64: kpti: Whitelist HiSilicon Taishan v110 CPUs
arm64: Add MIDR encoding for HiSilicon Taishan CPUs
rtc: pcf8523: set xtal load capacitance from DT
usb: handle warm-reset port requests on hub resume
ALSA: usb-audio: Cleanup DSD whitelist
usb: dwc3: gadget: clear DWC3_EP_TRANSFER_STARTED on cmd complete
usb: dwc3: gadget: early giveback if End Transfer already completed
samples: bpf: fix: seg fault with NULL pointer arg
HID: steam: fix deadlock with input devices.
HID: steam: fix boot loop with bluetooth firmware
NFSv4: Ensure that the state manager exits the loop on SIGKILL
HID: Add ASUS T100CHI keyboard dock battery quirks
staging: mt7621-pinctrl: use pinconf-generic for 'dt_node_to_map' and 'dt_free_map'
scripts/setlocalversion: Improve -dirty check with git-status --no-optional-locks
clk: boston: unregister clks on failure in clk_boston_setup()
ath10k: assign 'n_cipher_suites = 11' for WCN3990 to enable WPA3
platform/x86: Fix config space access for intel_atomisp2_pm
platform/x86: Add the VLV ISP PCI ID to atomisp2_pm
HID: i2c-hid: Add Odys Winbook 13 to descriptor override
HID: i2c-hid: Ignore input report if there's no data present on Elan touchpanels
HID: i2c-hid: Disable runtime PM for LG touchscreen
netfilter: ipset: Make invalid MAC address checks consistent
Btrfs: fix deadlock on tree root leaf when finding free extent
PCI: Fix Switchtec DMA aliasing quirk dmesg noise
bcache: fix input overflow to writeback_rate_minimum
drm/msm/dpu: handle failures while initializing displays
x86/cpu: Add Atom Tremont (Jacobsville)
tools/power turbostat: fix goldmont C-state limit decoding
usb: dwc2: fix unbalanced use of external vbus-supply
HID: i2c-hid: add Direkt-Tek DTLAPY133-1 to descriptor override
f2fs: fix to recover inode->i_flags of inode block during POR
f2fs: fix to recover inode's i_gc_failures during POR
powerpc/powernv: hold device_hotplug_lock when calling memtrace_offline_pages()
sc16is7xx: Fix for "Unexpected interrupt: 8"
scsi: lpfc: Fix a duplicate 0711 log message number.
f2fs: flush quota blocks after turnning it off
wil6210: fix freeing of rx buffers in EDMA mode
btrfs: tracepoints: Fix wrong parameter order for qgroup events
btrfs: qgroup: Always free PREALLOC META reserve in btrfs_delalloc_release_extents()
Btrfs: fix memory leak due to concurrent append writes with fiemap
Btrfs: fix inode cache block reserve leak on failure to allocate data space
dm snapshot: rework COW throttling to fix deadlock
dm snapshot: introduce account_start_copy() and account_end_copy()
zram: fix race between backing_dev_show and backing_dev_store
Conflicts:
arch/arm64/include/asm/cputype.h
drivers/net/ethernet/qualcomm/rmnet/rmnet_config.c
drivers/net/wireless/ath/wil6210/txrx_edma.c
drivers/usb/dwc3/gadget.c
include/linux/cpu.h
kernel/cpu.c
Following USB commits were reverted on importing android-4.19.57
into msm-4.19 due to BootTimeRunner failure. android-4.19-q.82
introduced new usb changes [1] that fixed the regression, hence it
is safe to restore the reverts. It is done in this merge.
9c423fd89("usb: dwc3: Reset num_trbs after skipping")
385cacd95("usb: dwc3: gadget: Clear req->needs_extra_trb flag on cleanup")
6edcdd0e6("usb: dwc3: gadget: remove wait_end_transfer")
d7ff2e3ff("usb: dwc3: gadget: move requests to cancelled_list")
bba5f9878("usb: dwc3: gadget: introduce cancelled_list")
65e1f3403("usb: dwc3: gadget: extract dwc3_gadget_ep_skip_trbs()")
56092bd50("usb: dwc3: gadget: use num_trbs when skipping TRBs on->dequeue()")
2a2b1c4dc("usb: dwc3: gadget: track number of TRBs per request")
420b1237c("usb: dwc3: gadget: combine unaligned and zero flags")
62805d319("Revert "usb: dwc3: gadget: Clear req->needs_extra_trb flag on cleanup"")
[1]
a0608eec29("usb: dwc3: gadget: clear DWC3_EP_TRANSFER_STARTED on cmd complete")
d0e8b35e91("usb: dwc3: gadget: early giveback if End Transfer already completed")
Change-Id: I77c3490d2c1cf7c8233a7e797c6f217f737621a2
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
commit eb59bd17d2fa6e5e84fba61a5ebdea984222e6d5 upstream.
If a filesystem returns negative inode sizes, future reads on the file were
causing the cpu to spin on truncate_pagecache.
Create a helper to validate the attributes. This now does two things:
- check the file mode
- check if the file size fits in i_size without overflowing
Reported-by: Arijit Banerjee <arijit@rubrik.com>
Fixes: d8a5ba4545 ("[PATCH] FUSE - core")
Cc: <stable@vger.kernel.org> # v2.6.14
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit c634da718db9b2fac201df2ae1b1b095344ce5eb upstream.
When adding a new hard link, make sure that i_nlink doesn't overflow.
Fixes: ac45d61357 ("fuse: fix nlink after unlink")
Cc: <stable@vger.kernel.org> # v3.4
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 2a23f2b8adbe4bd584f936f7ac17a99750eed9d7 ]
Since they are of unsigned int type, it's allowed to read them
unlocked during reporting to userspace. Let's underline this fact
with READ_ONCE() macroses.
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
commit b24e7598db62386a95a3c8b9c75630c5d56fe077 upstream.
If writeback cache is enabled, then writes might get reordered with
chmod/chown/utimes. The problem with this is that performing the write in
the fuse daemon might itself change some of these attributes. In such case
the following sequence of operations will result in file ending up with the
wrong mode, for example:
int fd = open ("suid", O_WRONLY|O_CREAT|O_EXCL);
write (fd, "1", 1);
fchown (fd, 0, 0);
fchmod (fd, 04755);
close (fd);
This patch fixes this by flushing pending writes before performing
chown/chmod/utimes.
Reported-by: Giuseppe Scrivano <gscrivan@redhat.com>
Tested-by: Giuseppe Scrivano <gscrivan@redhat.com>
Fixes: 4d99ff8f12 ("fuse: Turn writeback cache on")
Cc: <stable@vger.kernel.org> # v3.15+
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
* refs/heads/tmp-40321f2:
Linux 4.19.79
nl80211: validate beacon head
cfg80211: Use const more consistently in for_each_element macros
cfg80211: add and use strongly typed element iteration macros
staging: erofs: detect potential multiref due to corrupted images
staging: erofs: add two missing erofs_workgroup_put for corrupted images
staging: erofs: some compressed cluster should be submitted for corrupted images
staging: erofs: fix an error handling in erofs_readdir()
coresight: etm4x: Use explicit barriers on enable/disable
vfs: Fix EOVERFLOW testing in put_compat_statfs64
arm64/speculation: Support 'mitigations=' cmdline option
arm64: Use firmware to detect CPUs that are not affected by Spectre-v2
arm64: Force SSBS on context switch
arm64: ssbs: Don't treat CPUs with SSBS as unaffected by SSB
arm64: add sysfs vulnerability show for speculative store bypass
arm64: add sysfs vulnerability show for spectre-v2
arm64: Always enable spectre-v2 vulnerability detection
arm64: Advertise mitigation of Spectre-v2, or lack thereof
arm64: Provide a command line to disable spectre_v2 mitigation
arm64: Always enable ssb vulnerability detection
arm64: enable generic CPU vulnerabilites support
arm64: add sysfs vulnerability show for meltdown
arm64: Add sysfs vulnerability show for spectre-v1
arm64: fix SSBS sanitization
arm64: docs: Document SSBS HWCAP
KVM: arm64: Set SCTLR_EL2.DSSBS if SSBD is forcefully disabled and !vhe
arm64: ssbd: Add support for PSTATE.SSBS rather than trapping to EL3
riscv: Avoid interrupts being erroneously enabled in handle_exception()
perf stat: Reset previous counts on repeat with interval
perf tools: Fix segfault in cpu_cache_level__read()
tick: broadcast-hrtimer: Fix a race in bc_set_next
tools lib traceevent: Do not free tep->cmdlines in add_new_comm() on failure
powerpc/book3s64/radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag
powerpc/pseries: Fix cpu_hotplug_lock acquisition in resize_hpt()
nbd: fix crash when the blksize is zero
KVM: nVMX: Fix consistency check on injected exception error code
KVM: PPC: Book3S HV: XIVE: Free escalation interrupts before disabling the VP
drm/radeon: Bail earlier when radeon.cik_/si_support=0 is passed
nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs
perf unwind: Fix libunwind build failure on i386 systems
kernel/elfcore.c: include proper prototypes
perf build: Add detection of java-11-openjdk-devel package
sched/core: Fix migration to invalid CPU in __set_cpus_allowed_ptr()
sched/membarrier: Fix private expedited registration check
sched/membarrier: Call sync_core only before usermode for same mm
libnvdimm/nfit_test: Fix acpi_handle redefinition
fuse: fix memleak in cuse_channel_open
libnvdimm/region: Initialize bad block for volatile namespaces
thermal_hwmon: Sanitize thermal_zone type
thermal: Fix use-after-free when unregistering thermal zone device
ntb: point to right memory window index
x86/purgatory: Disable the stackleak GCC plugin for the purgatory
pwm: stm32-lp: Add check in case requested period cannot be achieved
pNFS: Ensure we do clear the return-on-close layout stateid on fatal errors
drm/amdgpu: Check for valid number of registers to read
drm/amdgpu: Fix KFD-related kernel oops on Hawaii
netfilter: nf_tables: allow lookups in dynamic sets
watchdog: aspeed: Add support for AST2600
ceph: reconnect connection if session hang in opening state
ceph: fix directories inode i_blkbits initialization
xen/pci: reserve MCFG areas earlier
9p: avoid attaching writeback_fid on mmap with type PRIVATE
9p: Transport error uninitialized
fs: nfs: Fix possible null-pointer dereferences in encode_attrs()
ima: fix freeing ongoing ahash_request
ima: always return negative code for error
arm64: cpufeature: Detect SSBS and advertise to userspace
cfg80211: initialize on-stack chandefs
s390/cio: avoid calling strlen on null pointer
ieee802154: atusb: fix use-after-free at disconnect
xen/xenbus: fix self-deadlock after killing user process
Revert "locking/pvqspinlock: Don't wait if vCPU is preempted"
mmc: sdhci-of-esdhc: set DMA snooping based on DMA coherence
mmc: sdhci: improve ADMA error reporting
drm/i915/gvt: update vgpu workload head pointer correctly
drm/nouveau/kms/nv50-: Don't create MSTMs for eDP connectors
drm/msm/dsi: Fix return value check for clk_get_parent
drm/omap: fix max fclk divider for omap36xx
perf stat: Fix a segmentation fault when using repeat forever
watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout
PCI: Restore Resizable BAR size bits correctly for 1MB BARs
PCI: vmd: Fix shadow offsets to reflect spec changes
timer: Read jiffies once when forwarding base clk
usercopy: Avoid HIGHMEM pfn warning
tracing: Make sure variable reference alias has correct var_ref_idx
power: supply: sbs-battery: only return health when battery present
power: supply: sbs-battery: use correct flags field
MIPS: Treat Loongson Extensions as ASEs
crypto: ccree - use the full crypt length value
crypto: ccree - account for TEE not ready to report
crypto: caam - fix concurrency issue in givencrypt descriptor
crypto: cavium/zip - Add missing single_release()
crypto: skcipher - Unmap pages after an external error
crypto: qat - Silence smp_processor_id() warning
tools lib traceevent: Fix "robust" test of do_generate_dynamic_list_file
can: mcp251x: mcp251x_hw_reset(): allow more time after a reset
powerpc/book3s64/mm: Don't do tlbie fixup for some hardware revisions
powerpc/powernv/ioda: Fix race in TCE level allocation
powerpc/powernv: Restrict OPAL symbol map to only be readable by root
powerpc/mce: Schedule work from irq_work
powerpc/mce: Fix MCE handling for huge pages
ASoC: sgtl5000: Improve VAG power and mute control
ASoC: Define a set of DAPM pre/post-up events
PM / devfreq: tegra: Fix kHz to Hz conversion
nbd: fix max number of supported devs
KVM: nVMX: handle page fault in vmread fix
KVM: X86: Fix userspace set invalid CR4
KVM: PPC: Book3S HV: Don't lose pending doorbell request on migration on P9
KVM: PPC: Book3S HV: Check for MMU ready on piggybacked virtual cores
KVM: PPC: Book3S HV: Fix race in re-enabling XIVE escalation interrupts
s390/cio: exclude subchannels with no parent from pseudo check
s390/topology: avoid firing events before kobjs are created
KVM: s390: Test for bad access register and size at the start of S390_MEM_OP
s390/process: avoid potential reading of freed stack
ANDROID: cuttlefish_defconfig: Enable BPF_JIT and BPF_JIT_ALWAYS_ON
ANDROID: arm64: bpf: implement arch_bpf_jit_check_func
ANDROID: bpf: validate bpf_func when BPF_JIT is enabled with CFI
UPSTREAM: kcm: use BPF_PROG_RUN
Conflicts:
arch/arm64/include/asm/cpucaps.h
arch/arm64/include/asm/sysreg.h
arch/arm64/kernel/cpu_errata.c
arch/arm64/kernel/cpufeature.c
arch/arm64/kernel/process.c
drivers/mmc/host/sdhci.c
include/linux/ieee80211.h
kernel/sched/core.c
net/wireless/scan.c
Change-Id: I57a49ff57133edeaed48cb90e2b03fa453bf1451
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
* refs/heads/tmp-cd1eb9f:
Revert "net: qrtr: Stop rx_worker before freeing node"
Linux 4.19.77
drm/amd/display: Restore backlight brightness after system resume
mm/compaction.c: clear total_{migrate,free}_scanned before scanning a new zone
fuse: fix deadlock with aio poll and fuse_iqueue::waitq.lock
md/raid0: avoid RAID0 data corruption due to layout confusion.
CIFS: Fix oplock handling for SMB 2.1+ protocols
CIFS: fix max ea value size
i2c: riic: Clear NACK in tend isr
hwrng: core - don't wait on add_early_randomness()
quota: fix wrong condition in is_quota_modification()
ext4: fix punch hole for inline_data file systems
ext4: fix warning inside ext4_convert_unwritten_extents_endio
/dev/mem: Bail out upon SIGKILL.
cfg80211: Purge frame registrations on iftype change
md: only call set_in_sync() when it is expected to succeed.
md: don't report active array_state until after revalidate_disk() completes.
md/raid6: Set R5_ReadError when there is read failure on parity disk
Btrfs: fix race setting up and completing qgroup rescan workers
btrfs: qgroup: Fix reserved data space leak if we have multiple reserve calls
btrfs: qgroup: Fix the wrong target io_tree when freeing reserved data space
btrfs: Relinquish CPUs in btrfs_compare_trees
Btrfs: fix use-after-free when using the tree modification log
btrfs: fix allocation of free space cache v1 bitmap pages
ovl: filter of trusted xattr results in audit
ovl: Fix dereferencing possible ERR_PTR()
smb3: allow disabling requesting leases
block: fix null pointer dereference in blk_mq_rq_timed_out()
i40e: check __I40E_VF_DISABLE bit in i40e_sync_filters_subtask
memcg, kmem: do not fail __GFP_NOFAIL charges
memcg, oom: don't require __GFP_FS when invoking memcg OOM killer
gfs2: clear buf_in_tr when ending a transaction in sweep_bh_for_rgrps
efifb: BGRT: Improve efifb_bgrt_sanity_check
regulator: Defer init completion for a while after late_initcall
alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP
arm64: dts: rockchip: limit clock rate of MMC controllers for RK3328
arm64: tlb: Ensure we execute an ISB following walk cache invalidation
Revert "arm64: Remove unnecessary ISBs from set_{pte,pmd,pud}"
ARM: zynq: Use memcpy_toio instead of memcpy on smp bring-up
ARM: samsung: Fix system restart on S3C6410
ASoC: Intel: Fix use of potentially uninitialized variable
ASoC: Intel: Skylake: Use correct function to access iomem space
ASoC: Intel: NHLT: Fix debug print format
binfmt_elf: Do not move brk for INTERP-less ET_EXEC
media: don't drop front-end reference count for ->detach
media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table
KVM: x86: Manually calculate reserved bits when loading PDPTRS
KVM: x86: set ctxt->have_exception in x86_decode_insn()
KVM: x86: always stop emulation on page fault
parisc: Disable HP HSC-PCI Cards to prevent kernel crash
fuse: fix missing unlock_page in fuse_writepage()
powerpc/imc: Dont create debugfs files for cpu-less nodes
scsi: implement .cleanup_rq callback
blk-mq: add callback of .cleanup_rq
ALSA: hda/realtek - PCI quirk for Medion E4254
ceph: use ceph_evict_inode to cleanup inode's resource
Revert "ceph: use ceph_evict_inode to cleanup inode's resource"
randstruct: Check member structs in is_pure_ops_struct()
IB/hfi1: Define variables as unsigned long to fix KASAN warning
IB/mlx5: Free mpi in mp_slave mode
printk: Do not lose last line in kmsg buffer dump
scsi: qla2xxx: Fix Relogin to prevent modifying scan_state flag
scsi: scsi_dh_rdac: zero cdb in send_mode_select()
ALSA: firewire-tascam: check intermediate state of clock status and retry
ALSA: firewire-tascam: handle error code when getting current source of clock
iwlwifi: fw: don't send GEO_TX_POWER_LIMIT command to FW version 36
PM / devfreq: passive: fix compiler warning
media: omap3isp: Set device on omap3isp subdevs
btrfs: extent-tree: Make sure we only allocate extents from block groups with the same type
iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems
ALSA: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93
media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()
drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2)
ALSA: hda - Drop unsol event handler for Intel HDMI codecs
e1000e: add workaround for possible stalled packet
libertas: Add missing sentinel at end of if_usb.c fw_table
raid5: don't increment read_errors on EILSEQ return
mmc: dw_mmc: Re-store SDIO IRQs mask at system resume
mmc: core: Add helper function to indicate if SDIO IRQs is enabled
mmc: sdhci: Fix incorrect switch to HS mode
mmc: core: Clarify sdio_irq_pending flag for MMC_CAP2_SDIO_IRQ_NOTHREAD
raid5: don't set STRIPE_HANDLE to stripe which is in batch list
ASoC: dmaengine: Make the pcm->name equal to pcm->id if the name is not set
platform/x86: intel_pmc_core: Do not ioremap RAM
x86/cpu: Add Tiger Lake to Intel family
s390/crypto: xts-aes-s390 fix extra run-time crypto self tests finding
kprobes: Prohibit probing on BUG() and WARN() address
dmaengine: ti: edma: Do not reset reserved paRAM slots
md/raid1: fail run raid1 array when active disk less than one
hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap'
closures: fix a race on wakeup from closure_sync
ACPI / PCI: fix acpi_pci_irq_enable() memory leak
ACPI: custom_method: fix memory leaks
ARM: dts: exynos: Mark LDO10 as always-on on Peach Pit/Pi Chromebooks
libtraceevent: Change users plugin directory
iommu/iova: Avoid false sharing on fq_timer_on
libata/ahci: Drop PCS quirk for Denverton and beyond
iommu/amd: Silence warnings under memory pressure
ALSA: firewire-motu: add support for MOTU 4pre
nvme-multipath: fix ana log nsid lookup when nsid is not found
nvmet: fix data units read and written counters in SMART log
x86/mm/pti: Handle unaligned address gracefully in pti_clone_pagetable()
ASoC: fsl_ssi: Fix clock control issue in master mode
x86/mm/pti: Do not invoke PTI functions when PTI is disabled
arm64: kpti: ensure patched kernel text is fetched from PoU
x86/apic/vector: Warn when vector space exhaustion breaks affinity
sched/cpufreq: Align trace event behavior of fast switching
ACPI / CPPC: do not require the _PSD method
ASoC: es8316: fix headphone mixer volume table
media: ov9650: add a sanity check
perf trace beauty ioctl: Fix off-by-one error in cmd->string table
media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate()
media: cpia2_usb: fix memory leaks
media: saa7146: add cleanup in hexium_attach()
media: cec-notifier: clear cec_adap in cec_notifier_unregister
PM / devfreq: exynos-bus: Correct clock enable sequence
PM / devfreq: passive: Use non-devm notifiers
EDAC/amd64: Decode syndrome before translating address
EDAC/amd64: Recognize DRAM device type ECC capability
libperf: Fix alignment trap with xyarray contents in 'perf stat'
media: dvb-core: fix a memory leak bug
posix-cpu-timers: Sanitize bogus WARNONS
media: dvb-frontends: use ida for pll number
media: mceusb: fix (eliminate) TX IR signal length limit
nbd: add missing config put
led: triggers: Fix a memory leak bug
ASoC: sun4i-i2s: Don't use the oversample to calculate BCLK
tools headers: Fixup bitsperlong per arch includes
ASoC: uniphier: Fix double reset assersion when transitioning to suspend state
media: hdpvr: add terminating 0 at end of string
media: radio/si470x: kill urb on error
ARM: dts: imx7-colibri: disable HS400
ARM: dts: imx7d: cl-som-imx7: make ethernet work again
m68k: Prevent some compiler warnings in Coldfire builds
net: lpc-enet: fix printk format strings
media: imx: mipi csi-2: Don't fail if initial state times-out
media: omap3isp: Don't set streaming state on random subdevs
media: i2c: ov5645: Fix power sequence
media: vsp1: fix memory leak of dl on error return path
perf record: Support aarch64 random socket_id assignment
dmaengine: iop-adma: use correct printk format strings
media: rc: imon: Allow iMON RC protocol for ffdc 7e device
media: em28xx: modules workqueue not inited for 2nd device
media: fdp1: Reduce FCP not found message level to debug
media: mtk-mdp: fix reference count on old device tree
perf test vfs_getname: Disable ~/.perfconfig to get default output
perf config: Honour $PERF_CONFIG env var to specify alternate .perfconfig
media: gspca: zero usb_buf on error
idle: Prevent late-arriving interrupts from disrupting offline
sched/fair: Use rq_lock/unlock in online_fair_sched_group
firmware: arm_scmi: Check if platform has released shmem before using
efi: cper: print AER info of PCIe fatal error
EDAC, pnd2: Fix ioremap() size in dnv_rd_reg()
loop: Add LOOP_SET_DIRECT_IO to compat ioctl
ACPI / processor: don't print errors for processorIDs == 0xff
media: media/platform: fsl-viu.c: fix build for MICROBLAZE
md: don't set In_sync if array is frozen
md: don't call spare_active in md_reap_sync_thread if all member devices can't work
md/raid1: end bio when the device faulty
arm64/prefetch: fix a -Wtype-limits warning
ASoC: rsnd: don't call clk_get_rate() under atomic context
EDAC/altera: Use the proper type for the IRQ status bits
ia64:unwind: fix double free for mod->arch.init_unw_table
ALSA: usb-audio: Skip bSynchAddress endpoint check if it is invalid
base: soc: Export soc_device_register/unregister APIs
media: iguanair: add sanity checks
EDAC/mc: Fix grain_bits calculation
ALSA: i2c: ak4xxx-adda: Fix a possible null pointer dereference in build_adc_controls()
ALSA: hda - Show the fatal CORB/RIRB error more clearly
x86/apic: Soft disable APIC before initializing it
x86/reboot: Always use NMI fallback when shutdown via reboot vector IPI fails
sched/deadline: Fix bandwidth accounting at all levels after offline migration
x86/apic: Make apic_pending_intr_clear() more robust
sched/core: Fix CPU controller for !RT_GROUP_SCHED
sched/fair: Fix imbalance due to CPU affinity
time/tick-broadcast: Fix tick_broadcast_offline() lockdep complaint
media: i2c: ov5640: Check for devm_gpiod_get_optional() error
media: hdpvr: Add device num check and handling
media: exynos4-is: fix leaked of_node references
media: mtk-cir: lower de-glitch counter for rc-mm protocol
media: dib0700: fix link error for dibx000_i2c_set_speed
leds: leds-lp5562 allow firmware files up to the maximum length
dmaengine: bcm2835: Print error in case setting DMA mask fails
firmware: qcom_scm: Use proper types for dma mappings
ASoC: sgtl5000: Fix charge pump source assignment
ASoC: sgtl5000: Fix of unmute outputs on probe
ASoC: tlv320aic31xx: suppress error message for EPROBE_DEFER
regulator: lm363x: Fix off-by-one n_voltages for lm3632 ldo_vpos/ldo_vneg
ALSA: hda: Flush interrupts on disabling
nfp: flower: prevent memory leak in nfp_flower_spawn_phy_reprs
nfc: enforce CAP_NET_RAW for raw sockets
ieee802154: enforce CAP_NET_RAW for raw sockets
ax25: enforce CAP_NET_RAW for raw sockets
appletalk: enforce CAP_NET_RAW for raw sockets
mISDN: enforce CAP_NET_RAW for raw sockets
net/mlx5: Add device ID of upcoming BlueField-2
tcp: better handle TCP_USER_TIMEOUT in SYN_SENT state
net: sched: fix possible crash in tcf_action_destroy()
usbnet: sanity checking of packet sizes and device mtu
usbnet: ignore endpoints with invalid wMaxPacketSize
skge: fix checksum byte order
sch_netem: fix a divide by zero in tabledist()
ppp: Fix memory leak in ppp_write
openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC
nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs
net_sched: add max len check for TCA_KIND
net/sched: act_sample: don't push mac header on ip6gre ingress
net: qrtr: Stop rx_worker before freeing node
net/phy: fix DP83865 10 Mbps HDX loopback disable function
macsec: drop skb sk before calling gro_cells_receive
cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize
arcnet: provide a buffer big enough to actually receive packets
ANDROID: properly export new symbols with _GPL tag
Conflicts:
kernel/sched/cpufreq_schedutil.c
mm/compaction.c
Change-Id: I3f2cc4a1421480479b9040aa5eefe7e17437021d
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
[ Upstream commit 76e43c8ccaa35c30d5df853013561145a0f750a5 ]
When IOCB_CMD_POLL is used on the FUSE device, aio_poll() disables IRQs
and takes kioctx::ctx_lock, then fuse_iqueue::waitq.lock.
This may have to wait for fuse_iqueue::waitq.lock to be released by one
of many places that take it with IRQs enabled. Since the IRQ handler
may take kioctx::ctx_lock, lockdep reports that a deadlock is possible.
Fix it by protecting the state of struct fuse_iqueue with a separate
spinlock, and only accessing fuse_iqueue::waitq using the versions of
the waitqueue functions which do IRQ-safe locking internally.
Reproducer:
#include <fcntl.h>
#include <stdio.h>
#include <sys/mount.h>
#include <sys/stat.h>
#include <sys/syscall.h>
#include <unistd.h>
#include <linux/aio_abi.h>
int main()
{
char opts[128];
int fd = open("/dev/fuse", O_RDWR);
aio_context_t ctx = 0;
struct iocb cb = { .aio_lio_opcode = IOCB_CMD_POLL, .aio_fildes = fd };
struct iocb *cbp = &cb;
sprintf(opts, "fd=%d,rootmode=040000,user_id=0,group_id=0", fd);
mkdir("mnt", 0700);
mount("foo", "mnt", "fuse", 0, opts);
syscall(__NR_io_setup, 1, &ctx);
syscall(__NR_io_submit, ctx, 1, &cbp);
}
Beginning of lockdep output:
=====================================================
WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
5.3.0-rc5 #9 Not tainted
-----------------------------------------------------
syz_fuse/135 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
000000003590ceda (&fiq->waitq){+.+.}, at: spin_lock include/linux/spinlock.h:338 [inline]
000000003590ceda (&fiq->waitq){+.+.}, at: aio_poll fs/aio.c:1751 [inline]
000000003590ceda (&fiq->waitq){+.+.}, at: __io_submit_one.constprop.0+0x203/0x5b0 fs/aio.c:1825
and this task is already holding:
0000000075037284 (&(&ctx->ctx_lock)->rlock){..-.}, at: spin_lock_irq include/linux/spinlock.h:363 [inline]
0000000075037284 (&(&ctx->ctx_lock)->rlock){..-.}, at: aio_poll fs/aio.c:1749 [inline]
0000000075037284 (&(&ctx->ctx_lock)->rlock){..-.}, at: __io_submit_one.constprop.0+0x1f4/0x5b0 fs/aio.c:1825
which would create a new lock dependency:
(&(&ctx->ctx_lock)->rlock){..-.} -> (&fiq->waitq){+.+.}
but this new dependency connects a SOFTIRQ-irq-safe lock:
(&(&ctx->ctx_lock)->rlock){..-.}
[...]
Reported-by: syzbot+af05535bb79520f95431@syzkaller.appspotmail.com
Reported-by: syzbot+d86c4426a01f60feddc7@syzkaller.appspotmail.com
Fixes: bfe4037e72 ("aio: implement IOCB_CMD_POLL")
Cc: <stable@vger.kernel.org> # v4.19+
Cc: Christoph Hellwig <hch@lst.de>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit d5880c7a8620290a6c90ced7a0e8bd0ad9419601 upstream.
unlock_page() was missing in case of an already in-flight write against the
same page.
Signed-off-by: Vasily Averin <vvs@virtuozzo.com>
Fixes: ff17be0864 ("fuse: writepage: skip already in flight")
Cc: <stable@vger.kernel.org> # v3.13
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
* refs/heads/tmp-d1f7f3b:
Linux 4.19.51
ALSA: seq: Cover unsubscribe_port() in list_mutex
drm/vc4: fix fb references in async update
ovl: support stacked SEEK_HOLE/SEEK_DATA
ovl: check the capability before cred overridden
Revert "drm/nouveau: add kconfig option to turn off nouveau legacy contexts. (v3)"
Revert "Bluetooth: Align minimum encryption key size for LE and BR/EDR connections"
percpu: do not search past bitmap when allocating an area
gpio: vf610: Do not share irq_chip
soc: renesas: Identify R-Car M3-W ES1.3
usb: typec: fusb302: Check vconn is off when we start toggling
ARM: exynos: Fix undefined instruction during Exynos5422 resume
pwm: Fix deadlock warning when removing PWM device
ARM: dts: exynos: Always enable necessary APIO_1V8 and ABB_1V8 regulators on Arndale Octa
pwm: tiehrpwm: Update shadow register for disabling PWMs
dmaengine: idma64: Use actual device for DMA transfers
ice: Add missing case in print_link_msg for printing flow control
gpio: gpio-omap: add check for off wake capable gpios
PCI: xilinx: Check for __get_free_pages() failure
block, bfq: increase idling for weight-raised queues
video: imsttfb: fix potential NULL pointer dereferences
video: hgafb: fix potential NULL pointer dereference
scsi: qla2xxx: Reset the FCF_ASYNC_{SENT|ACTIVE} flags
PCI: rcar: Fix 64bit MSI message address handling
PCI: rcar: Fix a potential NULL pointer dereference
net: hns3: return 0 and print warning when hit duplicate MAC
power: supply: max14656: fix potential use-before-alloc
platform/x86: intel_pmc_ipc: adding error handling
ARM: OMAP2+: pm33xx-core: Do not Turn OFF CEFUSE as PPA may be using it
drm/amd/display: Use plane->color_space for dpp if specified
PCI: rpadlpar: Fix leaked device_node references in add/remove paths
ARM: dts: imx6qdl: Specify IMX6QDL_CLK_IPG as "ipg" clock to SDMA
ARM: dts: imx6sx: Specify IMX6SX_CLK_IPG as "ipg" clock to SDMA
ARM: dts: imx6ul: Specify IMX6UL_CLK_IPG as "ipg" clock to SDMA
ARM: dts: imx7d: Specify IMX7D_CLK_IPG as "ipg" clock to SDMA
ARM: dts: imx6sll: Specify IMX6SLL_CLK_IPG as "ipg" clock to SDMA
ARM: dts: imx6sx: Specify IMX6SX_CLK_IPG as "ahb" clock to SDMA
ARM: dts: imx53: Specify IMX5_CLK_IPG as "ahb" clock to SDMA
ARM: dts: imx50: Specify IMX5_CLK_IPG as "ahb" clock to SDMA
ARM: dts: imx51: Specify IMX5_CLK_IPG as "ahb" clock to SDMA
soc: rockchip: Set the proper PWM for rk3288
clk: rockchip: Turn on "aclk_dmac1" for suspend on rk3288
soc: mediatek: pwrap: Zero initialize rdata in pwrap_init_cipher
PCI: keystone: Prevent ARM32 specific code to be compiled for ARM64
platform/chrome: cros_ec_proto: check for NULL transfer function
i40e: Queues are reserved despite "Invalid argument" error
x86/PCI: Fix PCI IRQ routing table memory leak
net: thunderbolt: Unregister ThunderboltIP protocol handler when suspending
switchtec: Fix unintended mask of MRPC event
iommu/arm-smmu-v3: Don't disable SMMU in kdump kernel
vfio: Fix WARNING "do not call blocking ops when !TASK_RUNNING"
nfsd: avoid uninitialized variable warning
nfsd: allow fh_want_write to be called twice
fuse: retrieve: cap requested size to negotiated max_write
nvmem: sunxi_sid: Support SID on A83T and H5
nvmem: core: fix read buffer in place
ALSA: hda - Register irq handler after the chip initialization
netfilter: nf_flow_table: fix netdev refcnt leak
netfilter: nf_flow_table: check ttl value in flow offload data path
nvme-pci: shutdown on timeout during deletion
nvme-pci: unquiesce admin queue on shutdown
PCI: designware-ep: Use aligned ATU window for raising MSI interrupts
misc: pci_endpoint_test: Fix test_reg_bar to be updated in pci_endpoint_test
iommu/vt-d: Set intel_iommu_gfx_mapped correctly
blk-mq: move cancel of requeue_work into blk_mq_release
watchdog: fix compile time error of pretimeout governors
watchdog: imx2_wdt: Fix set_timeout for big timeout values
netfilter: nf_tables: fix base chain stat rcu_dereference usage
mips: Make sure dt memory regions are valid
netfilter: nf_conntrack_h323: restore boundary check correctness
netfilter: nf_flow_table: fix missing error check for rhashtable_insert_fast
mmc: mmci: Prevent polling for busy detection in IRQ context
ovl: do not generate duplicate fsnotify events for "fake" path
PCI: dwc: Free MSI IRQ page in dw_pcie_free_msi()
PCI: dwc: Free MSI in dw_pcie_host_init() error path
uml: fix a boot splat wrt use of cpu_all_mask
configfs: fix possible use-after-free in configfs_register_group
percpu: remove spurious lock dependency between percpu and sched
f2fs: fix to do checksum even if inode page is uptodate
f2fs: fix to do sanity check on valid block count of segment
f2fs: fix to use inline space only if inline_xattr is enable
f2fs: fix to avoid panic in dec_valid_block_count()
f2fs: fix to clear dirty inode in error path of f2fs_iget()
f2fs: fix to do sanity check on free nid
f2fs: fix to avoid panic in f2fs_remove_inode_page()
f2fs: fix to avoid panic in f2fs_inplace_write_data()
f2fs: fix to avoid panic in do_recover_data()
ntp: Allow TAI-UTC offset to be set to zero
mailbox: stm32-ipcc: check invalid irq
pwm: meson: Use the spin-lock only to protect register modifications
EDAC/mpc85xx: Prevent building as a module
bpf: fix undefined behavior in narrow load handling
drm/nouveau/kms/gv100-: fix spurious window immediate interlocks
objtool: Don't use ignore flag for fake jumps
drm/bridge: adv7511: Fix low refresh rate selection
drm/nouveau/kms/gf119-gp10x: push HeadSetControlOutputResource() mthd when encoders change
perf/x86/intel: Allow PEBS multi-entry in watermark mode
mfd: twl6040: Fix device init errors for ACCCTL register
drm/nouveau/disp/dp: respect sink limits when selecting failsafe link configuration
mfd: intel-lpss: Set the device in reset state when init
mfd: tps65912-spi: Add missing of table registration
drivers: thermal: tsens: Don't print error message on -EPROBE_DEFER
thermal: rcar_gen3_thermal: disable interrupt in .remove
kernel/sys.c: prctl: fix false positive in validate_prctl_map()
mm/slab.c: fix an infinite loop in leaks_show()
mm/cma_debug.c: fix the break condition in cma_maxchunk_get()
mm: page_mkclean vs MADV_DONTNEED race
mm/cma.c: fix the bitmap status to show failed allocation reason
initramfs: free initrd memory if opening /initrd.image fails
mm/cma.c: fix crash on CMA allocation if bitmap allocation fails
mem-hotplug: fix node spanned pages when we have a node with only ZONE_MOVABLE
hugetlbfs: on restore reserve error path retain subpool reservation
mm/hmm: select mmu notifier when selecting HMM
ARM: prevent tracing IPI_CPU_BACKTRACE
drm/pl111: Initialize clock spinlock early
ipc: prevent lockup on alloc_msg and free_msg
sysctl: return -EINVAL if val violates minmax
fs/fat/file.c: issue flush after the writeback of FAT
rapidio: fix a NULL pointer dereference when create_workqueue() fails
x86: Fix RETPOLINE_CFLAGS check
BACKPORT: kheaders: Do not regenerate archive if config is not changed
BACKPORT: kheaders: Move from proc to sysfs
BACKPORT: Provide in-kernel headers to make extending kernel easier
UPSTREAM: binder: check for overflow when alloc for security context
Conflicts:
arch/arm/kernel/smp.c
Change-Id: I3ea68f5be5910b6ae24d16194db149c24c36da36
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
* refs/heads/tmp-be7c1cb:
Linux 4.19.50
ethtool: check the return value of get_regs_len
ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled
TTY: serial_core, add ->install
drm/i915/gvt: Initialize intel_gvt_gtt_entry in stack
drm: don't block fb changes for async plane updates
drm/i915: Maintain consistent documentation subsection ordering
drm/i915/fbc: disable framebuffer compression on GeminiLake
drm/i915: Fix I915_EXEC_RING_MASK
drm/amdgpu: remove ATPX_DGPU_REQ_POWER_FOR_DISPLAYS check when hotplug-in
drm/radeon: prefer lower reference dividers
drm/amdgpu/psp: move psp version specific function pointers to early_init
drm: add non-desktop quirks to Sensics and OSVR headsets.
drm/nouveau: add kconfig option to turn off nouveau legacy contexts. (v3)
drm: add non-desktop quirk for Valve HMDs
drm/msm: fix fb references in async update
drm/gma500/cdv: Check vbt config bits when detecting lvds panels
test_firmware: Use correct snprintf() limit
genwqe: Prevent an integer overflow in the ioctl
Revert "MIPS: perf: ath79: Fix perfcount IRQ assignment"
MIPS: pistachio: Build uImage.gz by default
MIPS: Bounds check virt_addr_valid
xen-blkfront: switch kcalloc to kvcalloc for large array allocation
s390/mm: fix address space detection in exception handling
i2c: xiic: Add max_read_len quirk
x86/insn-eval: Fix use-after-free access to LDT entry
x86/power: Fix 'nosmt' vs hibernation triple fault during resume
pstore/ram: Run without kernel crash dump region
pstore: Set tfm to NULL on free_buf_for_compression
pstore: Convert buf_lock to semaphore
pstore: Remove needless lock during console writes
fuse: fallocate: fix return with locked inode
NFSv4.1: Fix bug only first CB_NOTIFY_LOCK is handled
NFSv4.1: Again fix a race where CB_NOTIFY_LOCK fails to wake a waiter
parisc: Use implicit space register selection for loading the coherence index of I/O pdirs
rcu: locking and unlocking need to always be at least barriers
mtd: spinand: macronix: Fix ECC Status Read
ipv6: fix EFAULT on sendto with icmpv6 and hdrincl
ipv6: use READ_ONCE() for inet->hdrincl as in ipv4
Revert "fib_rules: return 0 directly if an exactly same rule exists when NLM_F_EXCL not supplied"
pktgen: do not sleep with the thread lock held.
packet: unconditionally free po->rollover
net/tls: replace the sleeping lock around RX resync with a bit lock
net: sfp: read eeprom in maximum 16 byte increments
net: rds: fix memory leak in rds_ib_flush_mr_pool
net: mvpp2: Use strscpy to handle stat strings
net/mlx4_en: ethtool, Remove unsupported SFP EEPROM high pages query
net: ethernet: ti: cpsw_ethtool: fix ethtool ring param set
neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit
ipv6: fix the check before getting the cookie in rt6_get_cookie
ipv4: not do cache for local delivery if bc_forwarding is enabled
Fix memory leak in sctp_process_init
ethtool: fix potential userspace buffer overflow
Change-Id: Ic49494d073fe049a92a42dd95a84315b64a13c3e
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
* refs/heads/tmp-aa07ecb:
Revert "x86_64: Allow breakpoints to emulate call instructions"
Linux 4.19.46
fbdev: sm712fb: fix memory frequency by avoiding a switch/case fallthrough
bpf, lru: avoid messing with eviction heuristics upon syscall lookup
bpf: add map_lookup_elem_sys_only for lookups from syscall side
bpf: relax inode permission check for retrieving bpf program
Revert "selftests/bpf: skip verifier tests for unsupported program types"
driver core: Postpone DMA tear-down until after devres release for probe failure
md/raid: raid5 preserve the writeback action after the parity check
Revert "Don't jump to compute_result state from check_result state"
perf/x86/intel: Fix race in intel_pmu_disable_event()
perf bench numa: Add define for RUSAGE_THREAD if not present
ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour
x86/mm/mem_encrypt: Disable all instrumentation for early SME setup
sched/cpufreq: Fix kobject memleak
iwlwifi: mvm: check for length correctness in iwl_mvm_create_skb()
qmi_wwan: new Wistron, ZTE and D-Link devices
bpf: Fix preempt_enable_no_resched() abuse
power: supply: sysfs: prevent endless uevent loop with CONFIG_POWER_SUPPLY_DEBUG
KVM: arm/arm64: Ensure vcpu target is unset on reset failure
net: ieee802154: fix missing checks for regmap_update_bits
mac80211: Fix kernel panic due to use of txq after free
x86: kvm: hyper-v: deal with buggy TLB flush requests from WS2012
PCI: Fix issue with "pci=disable_acs_redir" parameter being ignored
apparmorfs: fix use-after-free on symlink traversal
securityfs: fix use-after-free on symlink traversal
power: supply: cpcap-battery: Fix division by zero
clk: sunxi-ng: nkmp: Avoid GENMASK(-1, 0)
xfrm4: Fix uninitialized memory read in _decode_session4
xfrm: Honor original L3 slave device in xfrmi policy lookup
esp4: add length check for UDP encapsulation
xfrm: clean up xfrm protocol checks
vti4: ipip tunnel deregistration fixes.
xfrm6_tunnel: Fix potential panic when unloading xfrm6_tunnel module
xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink
fuse: Add FOPEN_STREAM to use stream_open()
dm mpath: always free attached_handler_name in parse_path()
dm integrity: correctly calculate the size of metadata area
dm delay: fix a crash when invalid device is specified
dm zoned: Fix zone report handling
dm cache metadata: Fix loading discard bitset
PCI: Work around Pericom PCIe-to-PCI bridge Retrain Link erratum
PCI: Factor out pcie_retrain_link() function
PCI: rcar: Add the initialization of PCIe link in resume_noirq()
PCI/AER: Change pci_aer_init() stub to return void
PCI: Init PCIe feature bits for managed host bridge alloc
PCI: Mark Atheros AR9462 to avoid bus reset
PCI: Mark AMD Stoney Radeon R7 GPU ATS as broken
fbdev: sm712fb: fix crashes and garbled display during DPMS modesetting
fbdev: sm712fb: use 1024x768 by default on non-MIPS, fix garbled display
fbdev: sm712fb: fix support for 1024x768-16 mode
fbdev: sm712fb: fix crashes during framebuffer writes by correctly mapping VRAM
fbdev: sm712fb: fix boot screen glitch when sm712fb replaces VGA
fbdev: sm712fb: fix white screen of death on reboot, don't set CR3B-CR3F
fbdev: sm712fb: fix VRAM detection, don't set SR70/71/74/75
fbdev: sm712fb: fix brightness control on reboot, don't set SR30
fbdev/efifb: Ignore framebuffer memmap entries that lack any memory types
objtool: Allow AR to be overridden with HOSTAR
MIPS: perf: Fix build with CONFIG_CPU_BMIPS5000 enabled
perf intel-pt: Fix sample timestamp wrt non-taken branches
perf intel-pt: Fix improved sample timestamp
perf intel-pt: Fix instructions sampling rate
memory: tegra: Fix integer overflow on tick value calculation
tracing: Fix partial reading of trace event's id file
ftrace/x86_64: Emulate call function while updating in breakpoint handler
x86_64: Allow breakpoints to emulate call instructions
x86_64: Add gap to int3 to allow for call emulation
ceph: flush dirty inodes before proceeding with remount
iommu/tegra-smmu: Fix invalid ASID bits on Tegra30/114
ovl: fix missing upper fs freeze protection on copy up for ioctl
fuse: honor RLIMIT_FSIZE in fuse_file_fallocate
fuse: fix writepages on 32bit
udlfb: introduce a rendering mutex
udlfb: fix sleeping inside spinlock
udlfb: delete the unused parameter for dlfb_handle_damage
clk: rockchip: fix wrong clock definitions for rk3328
clk: mediatek: Disable tuner_en before change PLL rate
clk: tegra: Fix PLLM programming on Tegra124+ when PMC overrides divider
clk: hi3660: Mark clk_gate_ufs_subsys as critical
PNFS fallback to MDS if no deviceid found
NFS4: Fix v4.0 client state corruption when mount
media: imx: Clear fwnode link struct for each endpoint iteration
media: imx: csi: Allow unknown nearest upstream entities
media: ov6650: Fix sensor possibly not detected on probe
phy: ti-pipe3: fix missing bit-wise or operator when assigning val
cifs: fix strcat buffer overflow and reduce raciness in smb21_set_oplock_level()
of: fix clang -Wunsequenced for be32_to_cpu()
p54: drop device reference count if fails to enable device
intel_th: msu: Fix single mode with IOMMU
dcache: sort the freeing-without-RCU-delay mess for good.
md: add mddev->pers to avoid potential NULL pointer dereference
md: batch flush requests.
Revert "MD: fix lock contention for flush bios"
proc: prevent changes to overridden credentials
brd: re-enable __GFP_HIGHMEM in brd_insert_page()
stm class: Fix channel bitmap on 32-bit systems
stm class: Fix channel free in stm output free path
parisc: Rename LEVEL to PA_ASM_LEVEL to avoid name clash with DRBD code
parisc: Use PA_ASM_LEVEL in boot code
parisc: Skip registering LED when running in QEMU
parisc: Export running_on_qemu symbol for modules
net/mlx5e: Fix ethtool rxfh commands when CONFIG_MLX5_EN_RXNFC is disabled
net/mlx5: Imply MLXFW in mlx5_core
vsock/virtio: Initialize core virtio vsock before registering the driver
tipc: fix modprobe tipc failed after switch order of device registration
vsock/virtio: free packets during the socket release
tipc: switch order of device registration to fix a crash
rtnetlink: always put IFLA_LINK for links with a link-netnsid
ppp: deflate: Fix possible crash in deflate_init
nfp: flower: add rcu locks when accessing netdev for tunnels
net: usb: qmi_wwan: add Telit 0x1260 and 0x1261 compositions
net: test nouarg before dereferencing zerocopy pointers
net/mlx4_core: Change the error print to info print
net: avoid weird emergency message
net: Always descend into dsa/
ipv6: prevent possible fib6 leaks
ipv6: fix src addr routing with the exception table
Enable CONFIG_ION_SYSTEM_HEAP
ANDROID: Enable LTO and CFI
Revert "ANDROID: cuttlefish 4.19: enable CONFIG_CRYPTO_AES_NI_INTEL=y"
Conflicts:
drivers/hwtracing/stm/core.c
Change-Id: I7da86200695082b7ed40c5e6290c5b3203e094dd
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
[ Upstream commit 7640682e67b33cab8628729afec8ca92b851394f ]
FUSE filesystem server and kernel client negotiate during initialization
phase, what should be the maximum write size the client will ever issue.
Correspondingly the filesystem server then queues sys_read calls to read
requests with buffer capacity large enough to carry request header + that
max_write bytes. A filesystem server is free to set its max_write in
anywhere in the range between [1*page, fc->max_pages*page]. In particular
go-fuse[2] sets max_write by default as 64K, wheres default fc->max_pages
corresponds to 128K. Libfuse also allows users to configure max_write, but
by default presets it to possible maximum.
If max_write is < fc->max_pages*page, and in NOTIFY_RETRIEVE handler we
allow to retrieve more than max_write bytes, corresponding prepared
NOTIFY_REPLY will be thrown away by fuse_dev_do_read, because the
filesystem server, in full correspondence with server/client contract, will
be only queuing sys_read with ~max_write buffer capacity, and
fuse_dev_do_read throws away requests that cannot fit into server request
buffer. In turn the filesystem server could get stuck waiting indefinitely
for NOTIFY_REPLY since NOTIFY_RETRIEVE handler returned OK which is
understood by clients as that NOTIFY_REPLY was queued and will be sent
back.
Cap requested size to negotiate max_write to avoid the problem. This
aligns with the way NOTIFY_RETRIEVE handler works, which already
unconditionally caps requested retrieve size to fuse_conn->max_pages. This
way it should not hurt NOTIFY_RETRIEVE semantic if we return less data than
was originally requested.
Please see [1] for context where the problem of stuck filesystem was hit
for real, how the situation was traced and for more involving patch that
did not make it into the tree.
[1] https://marc.info/?l=linux-fsdevel&m=155057023600853&w=2
[2] https://github.com/hanwen/go-fuse
Signed-off-by: Kirill Smelkov <kirr@nexedi.com>
Cc: Han-Wen Nienhuys <hanwen@google.com>
Cc: Jakob Unterwurzacher <jakobunt@gmail.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
commit 35d6fcbb7c3e296a52136347346a698a35af3fda upstream.
Do the proper cleanup in case the size check fails.
Tested with xfstests:generic/228
Reported-by: kbuild test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Fixes: 0cbade024ba5 ("fuse: honor RLIMIT_FSIZE in fuse_file_fallocate")
Cc: Liu Bo <bo.liu@linux.alibaba.com>
Cc: <stable@vger.kernel.org> # v3.5
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
* refs/heads/tmp-dda1dd3:
Linux 4.19.39
leds: trigger: netdev: use memcpy in device_name_store
leds: pca9532: fix a potential NULL pointer dereference
ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK
iommu/amd: Reserve exclusion range in iova-domain
kconfig/[mn]conf: handle backspace (^H) key
perf machine: Update kernel map address and re-order properly
nvme-multipath: relax ANA state check
gpio: of: Fix of_gpiochip_add() error path
libata: fix using DMA buffers on stack
x86/mm: Don't exceed the valid physical address space
scsi: zfcp: reduce flood of fcrscn1 trace records on multi-element RSCN
ceph: fix use-after-free on symlink traversal
usb: u132-hcd: fix resource leak
x86/realmode: Don't leak the trampoline kernel address
leds: trigger: netdev: fix refcnt leak on interface rename
usb: usb251xb: fix to avoid potential NULL pointer dereference
scsi: qla4xxx: fix a potential NULL pointer dereference
scsi: aacraid: Insure we don't access PCIe space during AER/EEH
scsi: mpt3sas: Fix kernel panic during expander reset
ARM: davinci: fix build failure with allnoconfig
drm/meson: Uninstall IRQ handler
drm/meson: Fix invalid pointer in meson_drv_unbind()
gpio: aspeed: fix a potential NULL pointer dereference
drm: Fix drm_release() and device unplug
net: ethernet: ti: fix possible object reference leak
net: ibm: fix possible object reference leak
net: xilinx: fix possible object reference leak
NFS: Fix a typo in nfs_init_timeout_values()
drm/tegra: hub: Fix dereference before check
ARM: dts: imx6qdl: Fix typo in imx6qdl-icore-rqs.dtsi
net/sched: don't dereference a->goto_chain to read the chain index
net: macb: Add null check for PCLK and HCLK
staging: rtlwifi: Fix potential NULL pointer dereference of kzalloc
staging: rtl8712: uninitialized memory in read_bbreg_hdl()
staging: rtlwifi: rtl8822b: fix to avoid potential NULL pointer dereference
staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc
net: ks8851: Set initial carrier state to down
net: ks8851: Delay requesting IRQ until opened
net: ks8851: Reassert reset pin if chip ID check fails
net: ks8851: Dequeue RX packets explicitly
i2c: i801: Add support for Intel Comet Lake
ARM: dts: pfla02: increase phy reset duration
usb: gadget: net2272: Fix net2272_dequeue()
usb: gadget: net2280: Fix net2280_dequeue()
usb: gadget: net2280: Fix overrun of OUT messages
usb: dwc3: pci: add support for Comet Lake PCH ID
KVM: arm/arm64: vgic-its: Take the srcu lock when parsing the memslots
KVM: arm/arm64: vgic-its: Take the srcu lock when writing to guest memory
KVM: arm64: Reset the PMU in preemptible context
serial: ar933x_uart: Fix build failure with disabled console
sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init()
ARM: imx51: fix a leaked reference by adding missing of_node_put
s390/qeth: fix race when initializing the IP address table
netfilter: ip6t_srh: fix NULL pointer dereferences
netfilter: fix NETFILTER_XT_TARGET_TEE dependencies
netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING
netfilter: nft_set_rbtree: check for inactive element after flag mismatch
staging, mt7621-pci: fix build without pci support
staging: axis-fifo: add CONFIG_OF dependency
xsk: fix umem memory leak on cleanup
qlcnic: Avoid potential NULL pointer dereference
net: stmmac: don't set own bit too early for jumbo frames
ieee802154: hwsim: propagate genlmsg_reply return code
net: ieee802154: fix a potential NULL pointer dereference
s390: limit brk randomization to 32MB
ARM: dts: bcm283x: Fix hdmi hpd gpio pull
fs: prevent page refcount overflow in pipe_buf_get
mm: prevent get_user_pages() from overflowing page refcount
mm: add 'try_get_page()' helper function
mm: make page ref count overflow check tighter and more explicit
Revert "ACPICA: Clear status of GPEs before enabling them"
selinux: use kernel linux/socket.h for genheaders and mdp
Change-Id: I447ef70d6d79330b042f3e8117b3eb7925150a41
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
commit bbd84f33652f852ce5992d65db4d020aba21f882 upstream.
Starting from commit 9c225f2655 ("vfs: atomic f_pos accesses as per
POSIX") files opened even via nonseekable_open gate read and write via lock
and do not allow them to be run simultaneously. This can create read vs
write deadlock if a filesystem is trying to implement a socket-like file
which is intended to be simultaneously used for both read and write from
filesystem client. See commit 10dce8af3422 ("fs: stream_open - opener for
stream-like files so that read and write can run simultaneously without
deadlock") for details and e.g. commit 581d21a2d0 ("xenbus: fix deadlock
on writes to /proc/xen/xenbus") for a similar deadlock example on
/proc/xen/xenbus.
To avoid such deadlock it was tempting to adjust fuse_finish_open to use
stream_open instead of nonseekable_open on just FOPEN_NONSEEKABLE flags,
but grepping through Debian codesearch shows users of FOPEN_NONSEEKABLE,
and in particular GVFS which actually uses offset in its read and write
handlers
https://codesearch.debian.net/search?q=-%3Enonseekable+%3Dhttps://gitlab.gnome.org/GNOME/gvfs/blob/1.40.0-6-gcbc54396/client/gvfsfusedaemon.c#L1080https://gitlab.gnome.org/GNOME/gvfs/blob/1.40.0-6-gcbc54396/client/gvfsfusedaemon.c#L1247-1346https://gitlab.gnome.org/GNOME/gvfs/blob/1.40.0-6-gcbc54396/client/gvfsfusedaemon.c#L1399-1481
so if we would do such a change it will break a real user.
Add another flag (FOPEN_STREAM) for filesystem servers to indicate that the
opened handler is having stream-like semantics; does not use file position
and thus the kernel is free to issue simultaneous read and write request on
opened file handle.
This patch together with stream_open() should be added to stable kernels
starting from v3.14+. This will allow to patch OSSPD and other FUSE
filesystems that provide stream-like files to return FOPEN_STREAM |
FOPEN_NONSEEKABLE in open handler and this way avoid the deadlock on all
kernel versions. This should work because fuse_finish_open ignores unknown
open flags returned from a filesystem and so passing FOPEN_STREAM to a
kernel that is not aware of this flag cannot hurt. In turn the kernel that
is not aware of FOPEN_STREAM will be < v3.14 where just FOPEN_NONSEEKABLE
is sufficient to implement streams without read vs write deadlock.
Cc: stable@vger.kernel.org # v3.14+
Signed-off-by: Kirill Smelkov <kirr@nexedi.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 0cbade024ba501313da3b7e5dd2a188a6bc491b5 upstream.
fstests generic/228 reported this failure that fuse fallocate does not
honor what 'ulimit -f' has set.
This adds the necessary inode_newsize_ok() check.
Signed-off-by: Liu Bo <bo.liu@linux.alibaba.com>
Fixes: 05ba1f0823 ("fuse: add FALLOCATE operation")
Cc: <stable@vger.kernel.org> # v3.5
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 9de5be06d0a89ca97b5ab902694d42dfd2bb77d2 upstream.
Writepage requests were cropped to i_size & 0xffffffff, which meant that
mmaped writes to any file larger than 4G might be silently discarded.
Fix by storing the file size in a properly sized variable (loff_t instead
of size_t).
Reported-by: Antonio SJ Musumeci <trapexit@spawn.link>
Fixes: 6eaf4782eb ("fuse: writepages: crop secondary requests")
Cc: <stable@vger.kernel.org> # v3.13
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 15fab63e1e57be9fdb5eec1bbc5916e9825e9acb upstream.
Change pipe_buf_get() to return a bool indicating whether it succeeded
in raising the refcount of the page (if the thing in the pipe is a page).
This removes another mechanism for overflowing the page refcount. All
callers converted to handle a failure.
Reported-by: Jann Horn <jannh@google.com>
Signed-off-by: Matthew Wilcox <willy@infradead.org>
Cc: stable@kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
* refs/heads/tmp-6e0411b:
Revert "thermal: Fix locking in cooling device sysfs update cur_state"
Linux 4.19.21
ath9k: dynack: check da->enabled first in sampling routines
ath9k: dynack: make ewma estimation faster
perf/x86/intel: Delay memory deallocation until x86_pmu_dead_cpu()
IB/hfi1: Add limit test for RC/UC send via loopback
cacheinfo: Keep the old value if of_property_read_u32 fails
serial: sh-sci: Do not free irqs that have already been freed
serial: 8250_pci: Make PCI class test non fatal
serial: fix race between flush_to_ldisc and tty_open
perf tests evsel-tp-sched: Fix bitwise operator
perf/core: Don't WARN() for impossible ring-buffer sizes
x86/MCE: Initialize mce.bank in the case of a fatal error in mce_no_way_out()
perf/x86/intel/uncore: Add Node ID mask
cpu/hotplug: Fix "SMT disabled by BIOS" detection for KVM
KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221)
kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)
KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)
scsi: aic94xx: fix module loading
scsi: cxlflash: Prevent deadlock when adapter probe fails
staging: speakup: fix tty-operation NULL derefs
usb: gadget: musb: fix short isoc packets with inventra dma
usb: gadget: udc: net2272: Fix bitwise and boolean operations
usb: dwc3: gadget: Handle 0 xfer length for OUT EP
usb: phy: am335x: fix race condition in _probe
irqchip/gic-v3-its: Plug allocation race for devices sharing a DevID
futex: Handle early deadlock return correctly
dmaengine: imx-dma: fix wrong callback invoke
dmaengine: bcm2835: Fix abort of transactions
dmaengine: bcm2835: Fix interrupt race on RT
HID: debug: fix the ring buffer implementation
fuse: handle zero sized retrieve correctly
fuse: decrement NR_WRITEBACK_TEMP on the right page
fuse: call pipe_buf_release() under pipe lock
ALSA: hda/realtek - Headset microphone support for System76 darp5
ALSA: hda/realtek - Use a common helper for hp pin reference
ALSA: hda/realtek - Fix lose hp_pins for disable auto mute
ALSA: hda - Serialize codec registrations
ALSA: usb-audio: Add support for new T+A USB DAC
ALSA: compress: Fix stop handling on compressed capture streams
xfs: eof trim writeback mapping as soon as it is cached
net/mlx5e: FPGA, fix Innova IPsec TX offload data path performance
virtio_net: Account for tx bytes and packets on sending xdp_frames
skge: potential memory corruption in skge_get_regs()
sctp: walk the list of asoc safely
sctp: check and update stream->out_curr when allocating stream_out
rxrpc: bad unlock balance in rxrpc_recvmsg
Revert "net: phy: marvell: avoid pause mode on SGMII-to-Copper for 88e151x"
rds: fix refcount bug in rds_sock_addref
net: systemport: Fix WoL with password after deep sleep
net/mlx5e: Force CHECKSUM_UNNECESSARY for short ethernet frames
net: dsa: slave: Don't propagate flag changes on down slave interfaces
net: dsa: mv88e6xxx: Fix counting of ATU violations
net: dsa: Fix NULL checking in dsa_slave_set_eee()
net: dsa: Fix lockdep false positive splat
net: dp83640: expire old TX-skb
lib/test_rhashtable: Make test_insert_dup() allocate its hash table dynamically
enic: fix checksum validation for IPv6
dccp: fool proof ccid_hc_[rt]x_parse_options()
thermal: hwmon: inline helpers when CONFIG_THERMAL_HWMON is not set
xfs: fix inverted return from xfs_btree_sblock_verify_crc
xfs: fix PAGE_MASK usage in xfs_free_file_space
fs/xfs: fix f_ffree value for statfs when project quota is set
xfs: delalloc -> unwritten COW fork allocation can go wrong
xfs: fix transient reference count error in xfs_buf_resubmit_failed_buffers
xfs: fix shared extent data corruption due to missing cow reservation
xfs: fix overflow in xfs_attr3_leaf_verify
xfs: Fix error code in 'xfs_ioc_getbmap()'
xfs: cancel COW blocks before swapext
xfs: Fix xqmstats offsets in /proc/fs/xfs/xqmstat
scripts/gdb: fix lx-version string output
kernel/kcov.c: mark write_comp_data() as notrace
exec: load_script: don't blindly truncate shebang string
fs/epoll: drop ovflist branch prediction
kernel/hung_task.c: force console verbose before panic
proc/sysctl: fix return error for proc_doulongvec_minmax()
kernel/hung_task.c: break RCU locks based on jiffies
arm64/sve: ptrace: Fix SVE_PT_REGS_OFFSET definition
HID: lenovo: Add checks to fix of_led_classdev_register
thermal: generic-adc: Fix adc to temp interpolation
PCI: imx: Enable MSI from downstream components
kdb: Don't back trace on a cpu that didn't round up
thermal: bcm2835: enable hwmon explicitly
block/swim3: Fix -EBUSY error when re-opening device after unmount
fsl/fman: Use GFP_ATOMIC in {memac,tgec}_add_hash_mac_address()
gdrom: fix a memory leak bug
isdn: hisax: hfc_pci: Fix a possible concurrency use-after-free bug in HFCPCI_l1hw()
zram: fix lockdep warning of free block handling
mm/page_alloc.c: don't call kasan_free_pages() at deferred mem init
ocfs2: improve ocfs2 Makefile
ocfs2: don't clear bh uptodate for block read
arch/sh/boards/mach-kfr2r09/setup.c: fix struct mtd_oob_ops build warning
scripts/decode_stacktrace: only strip base path when a prefix of the path
perf python: Do not force closing original perf descriptor in evlist.get_pollfd()
cgroup: fix parsing empty mount option string
f2fs: fix sbi->extent_list corruption issue
niu: fix missing checks of niu_pci_eeprom_read
um: Avoid marking pages with "changed protection"
f2fs: fix use-after-free issue when accessing sbi->stat_info
cifs: check ntwrk_buf_start for NULL before dereferencing it
MIPS: ralink: Select CONFIG_CPU_MIPSR2_IRQ_VI on MT7620/8
crypto: ux500 - Use proper enum in hash_set_dma_transfer
crypto: ux500 - Use proper enum in cryp_set_dma_transfer
seq_buf: Make seq_buf_puts() null-terminate the buffer
hwmon: (lm80) fix a missing check of bus read in lm80 probe
hwmon: (lm80) fix a missing check of the status of SMBus read
perf build: Don't unconditionally link the libbfd feature test to -liberty and -lz
NFS: nfs_compare_mount_options always compare auth flavors.
kvm: Change offset in kvm_write_guest_offset_cached to unsigned
powerpc/fadump: Do not allow hot-remove memory from fadump reserved area.
KVM: x86: svm: report MSR_IA32_MCG_EXT_CTL as unsupported
pinctrl: meson: meson8b: fix the GPIO function for the GPIOAO pins
pinctrl: meson: meson8: fix the GPIO function for the GPIOAO pins
powerpc/mm: Fix reporting of kernel execute faults on the 8xx
fbdev: fbcon: Fix unregister crash when more than one framebuffer
ACPI/APEI: Clear GHES block_status before panic()
igb: Fix an issue that PME is not enabled during runtime suspend
ice: Do not enable NAPI on q_vectors that have no rings
i40e: define proper net_device::neigh_priv_len
fbdev: fbmem: behave better with small rotated displays and many CPUs
md: fix raid10 hang issue caused by barrier
video: clps711x-fb: release disp device node in probe()
drm/amd/display: validate extended dongle caps
drbd: Avoid Clang warning about pointless switch statment
drbd: skip spurious timeout (ping-timeo) when failing promote
drbd: disconnect, if the wrong UUIDs are attached on a connected peer
drbd: narrow rcu_read_lock in drbd_sync_handshake
mlx5: update timecounter at least twice per counter overflow
powerpc/powernv/ioda: Allocate indirect TCE levels of cached userspace addresses on demand
iwlwifi: mvm: fix setting HE ppe FW config
powerpc/perf: Fix thresholding counter data for unknown type
net: hns3: add max vector number check for pf
cw1200: Fix concurrency use-after-free bugs in cw1200_hw_scan()
scsi: smartpqi: increase fw status register read timeout
scsi: smartpqi: correct volume status
scsi: smartpqi: correct host serial num for ssa
mlxsw: spectrum: Properly cleanup LAG uppers when removing port from LAG
xfrm6_tunnel: Fix spi check in __xfrm6_tunnel_alloc_spi
mac80211: fix radiotap vendor presence bitmap handling
powerpc/uaccess: fix warning/error with access_ok()
drm/amd/display: fix YCbCr420 blank color
Bluetooth: hci_bcm: Handle deferred probing for the clock supply
drm/amd/display: Add retry to read ddc_clock pin
net: hns3: fix incomplete uninitialization of IRQ in the hns3_nic_uninit_vector_data()
percpu: convert spin_lock_irq to spin_lock_irqsave.
perf tools: Cast off_t to s64 to avoid warning on bionic libc
perf header: Fix up argument to ctime()
usb: musb: dsps: fix runtime pm for peripheral mode
usb: musb: dsps: fix otg state machine
arm64: KVM: Skip MMIO insn after emulation
livepatch: check kzalloc return values
tools/power/x86/intel_pstate_tracer: Fix non root execution for post processing a trace file
bnxt_en: Disable MSIX before re-reserving NQs/CMPL rings.
i2c: sh_mobile: Add support for r8a774c0 (RZ/G2E)
perf probe: Fix unchecked usage of strncpy()
btrfs: use tagged writepage to mitigate livelock of snapshot
perf header: Fix unchecked usage of strncpy()
perf dso: Fix unchecked usage of strncpy()
perf test: Fix perf_event_attr test failure
tty: serial: samsung: Properly set flags in autoCTS mode
serial: sh-sci: Resume PIO in sci_rx_interrupt() on DMA failure
serial: sh-sci: Fix locking in sci_submit_rx()
btrfs: harden agaist duplicate fsid on scanned devices
usb: renesas_usbhs: add support for RZ/G2E
mmc: jz4740: Get CD/WP GPIOs from descriptors
mmc: sdhci-xenon: Fix timeout checks
mmc: sdhci-omap: Fix timeout checks
mmc: sdhci-of-esdhc: Fix timeout checks
memstick: Prevent memstick host from getting runtime suspended during card detection
mmc: meson-mx-sdio: check devm_kasprintf for failure
mmc: bcm2835: reset host on timeout
mmc: bcm2835: Recover from MMC_SEND_EXT_CSD
KVM: PPC: Book3S: Only report KVM_CAP_SPAPR_TCE_VFIO on powernv machines
ASoC: fsl: Fix SND_SOC_EUKREA_TLV320 build error on i.MX8M
ARM: pxa: avoid section mismatch warning
selftests/bpf: use __bpf_constant_htons in test_prog.c
switchtec: Fix SWITCHTEC_IOCTL_EVENT_IDX_ALL flags overwrite
udf: Fix BUG on corrupted inode
mlxsw: spectrum_acl: Limit priority value
phy: sun4i-usb: add support for missing USB PHY index
i2c-axxia: check for error conditions first
lightnvm: pblk: add lock protection to list operations
lightnvm: pblk: fix resubmission of overwritten write err lbas
drm/msm: dpu: Only check flush register against pending flushes
drm/msm/dsi: fix dsi clock names in DSI 10nm PLL driver
tee: optee: avoid possible double list_del()
OPP: Use opp_table->regulators to verify no regulator case
cpuidle: big.LITTLE: fix refcount leak
platform/x86: mlx-platform: Fix tachometer registers
clk: imx6sl: ensure MMDC CH0 handshake is bypassed
sata_rcar: fix deferred probing
iommu/arm-smmu-v3: Use explicit mb() when moving cons pointer
iommu/arm-smmu: Add support for qcom,smmu-v2 variant
iommu/arm-smmu-v3: Avoid memory corruption from Hisilicon MSI payloads
usb: dwc3: gadget: Disable CSP for stream OUT ep
ARM: dts: imx51-zii-rdu1: Do not specify "power-gpio" for hpa1
watchdog: renesas_wdt: don't set divider while watchdog is running
ARM: dts: Fix up the D-Link DIR-685 MTD partition info
media: coda: fix H.264 deblocking filter controls
mips: bpf: fix encoding bug for mm_srlv32_op
ARM: dts: Fix OMAP4430 SDP Ethernet startup
iommu/amd: Fix amd_iommu=force_isolation
pinctrl: sx150x: handle failure case of devm_kstrdup
gpio: mt7621: pass mediatek_gpio_bank_probe() failure up the stack
gpio: mt7621: report failure of devm_kasprintf()
usb: dwc3: trace: add missing break statement to make compiler happy
IB/hfi1: Unreserve a reserved request when it is completed
kobject: return error code if writing /sys/.../uevent fails
driver core: Move async_synchronize_full call
tipc: fix node keep alive interval calculation
drm/amdgpu/powerplay: fix clock stretcher limits on polaris (v2)
media: imx274: select REGMAP_I2C
clk: sunxi-ng: a33: Set CLK_SET_RATE_PARENT for all audio module clocks
usb: mtu3: fix the issue about SetFeature(U1/U2_Enable)
timekeeping: Use proper seqcount initializer
usb: hub: delay hub autosuspend if USB3 port is still link training
usb: dwc2: Disable power down feature on Samsung SoCs
usb: dwc3: Correct the logic for checking TRB full in __dwc3_prepare_one_trb()
xtensa: xtfpga.dtsi: fix dtc warnings about SPI
smack: fix access permissions for keyring
media: DaVinci-VPBE: fix error handling in vpbe_initialize()
media: i2c: TDA1997x: select CONFIG_HDMI
x86/fpu: Add might_fault() to user_insn()
ARM: dts: aspeed: add missing memory unit-address
ARM: dts: mmp2: fix TWSI2
drm/v3d: Fix prime imports of buffers from other drivers.
arm64: ftrace: don't adjust the LR value
mt76x0: dfs: fix IBI_R11 configuration on non-radar channels
s390/zcrypt: improve special ap message cmd handling
firmware/efi: Add NULL pointer checks in efivars API functions
thermal: Fix locking in cooling device sysfs update cur_state
Thermal: do not clear passive state during system sleep
arm64: io: Ensure value passed to __iormb() is held in a 64-bit register
perf: arm_spe: handle devm_kasprintf() failure
drm: Clear state->acquire_ctx before leaving drm_atomic_helper_commit_duplicated_state()
nfsd4: fix crash on writing v4_end_grace before nfsd startup
soc: bcm: brcmstb: Don't leak device tree node reference
sunvdc: Do not spin in an infinite loop when vio_ldc_send() returns EAGAIN
net: aquantia: return 'err' if set MPI_DEINIT state fails
arm64: io: Ensure calls to delay routines are ordered against prior readX()
i2c: sh_mobile: add support for r8a77990 (R-Car E3)
f2fs: fix wrong return value of f2fs_acl_create
f2fs: fix race between write_checkpoint and write_begin
f2fs: move dir data flush to write checkpoint process
staging: pi433: fix potential null dereference
ACPI: SPCR: Consider baud rate 0 as preconfigured state
media: adv*/tc358743/ths8200: fill in min width/height/pixelclock
iio: accel: kxcjk1013: Add KIOX010A ACPI Hardware-ID
iio: adc: meson-saradc: fix internal clock names
iio: adc: meson-saradc: check for devm_kasprintf failure
powerpc/32: Add .data..Lubsan_data*/.data..Lubsan_type* sections explicitly
dmaengine: xilinx_dma: Remove __aligned attribute on zynqmp_dma_desc_ll
ptp: Fix pass zero to ERR_PTR() in ptp_clock_register
clk: meson: meson8b: mark the CPU clock as CLK_IS_CRITICAL
clk: meson: meson8b: fix the width of the cpu_scale_div clock
clk: meson: meson8b: do not use cpu_div3 for cpu_scale_out_sel
staging: erofs: fix the definition of DBG_BUGON
media: mtk-vcodec: Release device nodes in mtk_vcodec_init_enc_pm()
media: video-i2c: avoid accessing released memory area when removing driver
media: rc: ensure close() is called on rc_unregister_device
soc/tegra: Don't leak device tree node reference
perf tools: Add Hygon Dhyana support
modpost: validate symbol names also in find_elf_symbol
net/mlx5: EQ, Use the right place to store/read IRQ affinity hint
bpf: libbpf: retry map creation without the name
drm/amd/display: calculate stream->phy_pix_clk before clock mapping
drm/amd/display: fix gamma not being applied correctly
ARM: OMAP2+: hwmod: Fix some section annotations
drm/rockchip: fix for mailbox read size
usbnet: smsc95xx: fix rx packet alignment
staging: iio: ad7780: update voltage on read
scsi: hisi_sas: change the time of SAS SSP connection
i40e: prevent overlapping tx_timeout recover
platform/chrome: don't report EC_MKBP_EVENT_SENSOR_FIFO as wakeup
vbox: fix link error with 'gcc -Og'
fpga: altera-cvp: fix 'bad IO access' on x86_64
Tools: hv: kvp: Fix a warning of buffer overflow with gcc 8.0.1
fpga: altera-cvp: Fix registration for CvP incapable devices
staging:iio:ad2s90: Make probe handle spi_setup failure
iwlwifi: fw: do not set sgi bits for HE connection
dpaa2-ptp: defer probe when portal allocation failed
MIPS: Boston: Disable EG20T prefetch
ptp: check gettime64 return code in PTP_SYS_OFFSET ioctl
serial: fsl_lpuart: clear parity enable bit when disable parity
drm/vc4: ->x_scaling[1] should never be set to VC4_SCALING_NONE
crypto: aes_ti - disable interrupts while accessing S-box
powerpc/pseries: add of_node_put() in dlpar_detach_node()
x86/PCI: Fix Broadcom CNB20LE unintended sign extension (redux)
dlm: Don't swamp the CPU with callbacks queued during recovery
clk: boston: fix possible memory leak in clk_boston_setup()
ARM: 8808/1: kexec:offline panic_smp_self_stop CPU
scsi: lpfc: Fix LOGO/PLOGI handling when triggerd by ABTS Timeout event
scsi: mpt3sas: Call sas_remove_host before removing the target devices
scsi: lpfc: Correct LCB RJT handling
ath9k: dynack: use authentication messages for 'late' ack
ath10k: assign 'n_cipher_suites' for WCN3990
wil6210: fix memory leak in wil_find_tx_bcast_2
wil6210: fix reset flow for Talyn-mb
nds32: Fix gcc 8.0 compiler option incompatible.
gpu: ipu-v3: image-convert: Prevent race between run and unprepare
genirq/affinity: Spread IRQs to all available NUMA nodes
drm/sun4i: Initialize registers in tcon-top driver
gpiolib: Fix possible use after free on label
ASoC: Intel: mrfld: fix uninitialized variable access
pinctrl: bcm2835: Use raw spinlock for RT compatibility
drm/vgem: Fix vgem_init to get drm device available.
staging: iio: adc: ad7280a: handle error from __ad7280_read32()
drm/bufs: Fix Spectre v1 vulnerability
devres: Align data[] to ARCH_KMALLOC_MINALIGN
ANDROID: Turn xt_owner module on
UPSTREAM: virt_wifi: fix error return code in virt_wifi_newlink()
Conflicts:
arch/arm64/include/asm/io.h
drivers/iommu/arm-smmu.c
drivers/thermal/thermal_core.c
Change-Id: Ic348640eaeb3501bfc61d0b6907b7fcbb83f5118
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
commit a2ebba824106dabe79937a9f29a875f837e1b6d4 upstream.
NR_WRITEBACK_TEMP is accounted on the temporary page in the request, not
the page cache page.
Fixes: 8b284dc472 ("fuse: writepages: handle same page rewrites")
Cc: <stable@vger.kernel.org> # v3.13
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 9509941e9c534920ccc4771ae70bd6cbbe79df1c upstream.
Some of the pipe_buf_release() handlers seem to assume that the pipe is
locked - in particular, anon_pipe_buf_release() accesses pipe->tmp_page
without taking any extra locks. From a glance through the callers of
pipe_buf_release(), it looks like FUSE is the only one that calls
pipe_buf_release() without having the pipe locked.
This bug should only lead to a memory leak, nothing terrible.
Fixes: dd3bb14f44 ("fuse: support splice() writing to fuse device")
Cc: stable@vger.kernel.org
Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
* refs/heads/tmp-a87fb6b:
Linux 4.19.11
x86/build: Fix compiler support check for CONFIG_RETPOLINE
dm zoned: Fix target BIO completion handling
drm/amdgpu: update SMC firmware image for polaris10 variants
drm/amdgpu: update smu firmware images for VI variants (v2)
drm/amdgpu: add some additional vega10 pci ids
drm/amdkfd: add new vega10 pci ids
drm/amdgpu/powerplay: Apply avfs cks-off voltages on VI
drm/i915/execlists: Apply a full mb before execution for Braswell
drm/i915/gvt: Fix tiled memory decoding bug on BDW
Revert "drm/rockchip: Allow driver to be shutdown on reboot/kexec"
drm/nouveau/kms/nv50-: also flush fb writes when rewinding push buffer
drm/nouveau/kms: Fix memory leak in nv50_mstm_del()
powerpc: Look for "stdout-path" when setting up legacy consoles
powerpc/msi: Fix NULL pointer access in teardown code
media: vb2: don't call __vb2_queue_cancel if vb2_start_streaming failed
tracing: Fix memory leak of instance function hash filters
tracing: Fix memory leak in set_trigger_filter()
tracing: Fix memory leak in create_filter()
dm: call blk_queue_split() to impose device limits on bios
dm cache metadata: verify cache has blocks in blocks_are_clean_separate_dirty()
dm thin: send event about thin-pool state change _after_ making it
ARM: dts: bcm2837: Fix polarity of wifi reset GPIOs
ARM: mmp/mmp2: fix cpu_is_mmp2() on mmp2-dt
fuse: continue to send FUSE_RELEASEDIR when FUSE_OPEN returns ENOSYS
mmc: sdhci: fix the timeout check window for clock and reset
mmc: sdhci-omap: Fix DCRC error handling during tuning
mmc: core: use mrq->sbc when sending CMD23 for RPMB
MMC: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310
ovl: fix missing override creds in link of a metacopy upper
ovl: fix decode of dir file handle with multi lower layers
block/bio: Do not zero user pages
arm64: dma-mapping: Fix FORCE_CONTIGUOUS buffer clearing
userfaultfd: check VM_MAYWRITE was set after verifying the uffd is registered
fs/iomap.c: get/put the page in iomap_page_create/release()
scripts/spdxcheck.py: always open files in binary mode
aio: fix spectre gadget in lookup_ioctx
pinctrl: sunxi: a83t: Fix IRQ offset typo for PH11
drm/msm: fix address space warning
ARM: dts: qcom-apq8064-arrow-sd-600eval fix graph_endpoint warning
i2c: aspeed: fix build warning
slimbus: ngd: mark PM functions as __maybe_unused
staging: olpc_dcon: add a missing dependency
scsi: raid_attrs: fix unused variable warning
sched/pelt: Fix warning and clean up IRQ PELT config
FROMGIT: dm verity: log the hash algorithm implementation
FROMGIT: dm crypt: log the encryption algorithm implementation
ANDROID: sched: Clean-up SchedTune documentation
ANDROID: sched/events: Fix out of bound memory access
Conflicts:
drivers/gpu/drm/msm/disp/dpu1/dpu_dbg.c
drivers/slimbus/qcom-ngd-ctrl.c
init/Kconfig
Change-Id: I52e910e1330e8cac1103c32e0cd0fc43ddeac744
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
commit 2e64ff154ce6ce9a8dc0f9556463916efa6ff460 upstream.
When FUSE_OPEN returns ENOSYS, the no_open bit is set on the connection.
Because the FUSE_RELEASE and FUSE_RELEASEDIR paths share code, this
incorrectly caused the FUSE_RELEASEDIR request to be dropped and never sent
to userspace.
Pass an isdir bool to distinguish between FUSE_RELEASE and FUSE_RELEASEDIR
inside of fuse_file_put.
Fixes: 7678ac5061 ("fuse: support clients that don't implement 'open'")
Cc: <stable@vger.kernel.org> # v3.14
Signed-off-by: Chad Austin <chadaustin@fb.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
* refs/heads/tmp-73aa1c8:
Revert "drm/msm: dpu: Allow planes to extend past active display"
Revert "drm/msm/disp/dpu: Use proper define for drm_encoder_init() 'encoder_type'"
Linux 4.19.3
Revert "ACPICA: AML interpreter: add region addresses in global list during initialization"
CONFIG_XEN_PV breaks xen_create_contiguous_region on ARM
drm/i915: Fix hpd handling for pins with two encoders
drm/i915: Fix NULL deref when re-enabling HPD IRQs on systems with MST
drm/i915: Fix possible race in intel_dp_add_mst_connector()
drm/i915/execlists: Force write serialisation into context image vs execution
drm/i915/ringbuffer: Delay after EMIT_INVALIDATE for gen4/gen5
drm/i915: Mark pin flags as u64
drm/i915: Don't oops during modeset shutdown after lpe audio deinit
drm/i915: Compare user's 64b GTT offset even on 32b
drm/i915: Fix ilk+ watermarks when disabling pipes
drm/i915: Fix error handling for the NV12 fb dimensions check
drm/i915: Mark up GTT sizes as u64
drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values
drm/i915/icl: Fix the macros for DFLEXDPMLE register bits
drm/i915/dp: Restrict link retrain workaround to external monitors
drm/i915/dp: Fix link retraining comment in intel_dp_long_pulse()
drm/i915: Large page offsets for pread/pwrite
drm/i915: Skip vcpi allocation for MSTB ports that are gone
drm/i915: Don't unset intel_connector->mst_port
drm/i915: Restore vblank interrupts earlier
drm/i915: Use the correct crtc when sanitizing plane mapping
drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel's native mode
drm: panel-orientation-quirks: Add quirk for Acer One 10 (S1003)
drm/dp_mst: Check if primary mstb is null
drm/etnaviv: fix bogus fence complete check in timeout handler
drm/amd/powerplay: Enable/Disable NBPSTATE on On/OFF of UVD
drm/nouveau: Fix nv50_mstc->best_encoder()
drm/nouveau: Check backlight IDs are >= 0, not > 0
drm/amdgpu: Suppress keypresses from ACPI_VIDEO events
drm/amdgpu: add missing CHIP_HAINAN in amdgpu_ucode_get_load_type
drm/amdgpu: Fix typo in amdgpu_vmid_mgr_init
drm/rockchip: Allow driver to be shutdown on reboot/kexec
scripts/spdxcheck.py: make python3 compliant
mm: don't reclaim inodes with many attached pages
efi/arm/libstub: Pack FDT after populating it
mm/swapfile.c: use kvzalloc for swap_info_struct allocation
hugetlbfs: fix kernel BUG at fs/hugetlbfs/inode.c:444!
lib/ubsan.c: don't mark __ubsan_handle_builtin_unreachable as noreturn
crypto: user - fix leaking uninitialized memory to userspace
libata: blacklist SAMSUNG MZ7TD256HAFV-000L9 SSD
gfs2: Fix metadata read-ahead during truncate (2)
gfs2: Put bitmap buffers in put_super
selinux: check length properly in SCTP bind hook
fuse: fix possibly missed wake-up after abort
fuse: fix leaked notify reply
fuse: fix use-after-free in fuse_direct_IO()
rtc: hctosys: Add missing range error reporting
nfsd: COPY and CLONE operations require the saved filehandle to be set
NFSv4: Don't exit the state manager without clearing NFS4CLNT_MANAGER_RUNNING
sunrpc: correct the computation for page_ptr when truncating
kdb: print real address of pointers instead of hashed addresses
kdb: use correct pointer when 'btc' calls 'btt'
ARM: cpuidle: Don't register the driver when back-end init returns -ENXIO
uapi: fix linux/kfd_ioctl.h userspace compilation errors
mnt: fix __detach_mounts infinite loop
mount: Prevent MNT_DETACH from disconnecting locked mounts
mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts
mount: Retest MNT_LOCKED in do_umount
ext4: fix buffer leak in __ext4_read_dirblock() on error path
ext4: fix buffer leak in ext4_expand_extra_isize_ea() on error path
ext4: fix buffer leak in ext4_xattr_move_to_block() on error path
ext4: release bs.bh before re-using in ext4_xattr_block_find()
ext4: fix buffer leak in ext4_xattr_get_block() on error path
ext4: fix possible leak of s_journal_flag_rwsem in error path
ext4: fix possible leak of sbi->s_group_desc_leak in error path
ext4: avoid possible double brelse() in add_new_gdb() on error path
ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing
ext4: avoid buffer leak in ext4_orphan_add() after prior errors
ext4: avoid buffer leak on shutdown in ext4_mark_iloc_dirty()
ext4: fix possible inode leak in the retry loop of ext4_resize_fs()
ext4: missing !bh check in ext4_xattr_inode_write()
ext4: avoid potential extra brelse in setup_new_flex_group_blocks()
ext4: add missing brelse() add_new_gdb_meta_bg()'s error path
ext4: add missing brelse() in set_flexbg_block_bitmap()'s error path
ext4: add missing brelse() update_backups()'s error path
clockevents/drivers/i8253: Add support for PIT shutdown quirk
btrfs: tree-checker: Fix misleading group system information
Btrfs: fix data corruption due to cloning of eof block
Btrfs: fix infinite loop on inode eviction after deduplication of eof block
Btrfs: fix cur_offset in the error case for nocow
Btrfs: fix missing data checksums after a ranged fsync (msync)
btrfs: fix pinned underflow after transaction aborted
watchdog/core: Add missing prototypes for weak functions
arch/alpha, termios: implement BOTHER, IBSHIFT and termios2
termios, tty/tty_baudrate.c: fix buffer overrun
x86/hyper-v: Enable PIT shutdown quirk
x86/cpu/vmware: Do not trace vmware_sched_clock()
of, numa: Validate some distance map rules
perf intel-pt: Insert callchain context into synthesized callchains
perf intel-pt/bts: Calculate cpumode for synthesized samples
perf callchain: Honour the ordering of PERF_CONTEXT_{USER,KERNEL,etc}
perf stat: Handle different PMU names with common prefix
perf cs-etm: Correct CPU mode for samples
hwmon: (core) Fix double-free in __hwmon_device_register()
mtd: docg3: don't set conflicting BCH_CONST_PARAMS option
mtd: nand: Fix nanddev_neraseblocks()
mtd: spi-nor: cadence-quadspi: Return error code in cqspi_direct_read_execute()
bonding/802.3ad: fix link_failure_count tracking
ARM: 8809/1: proc-v7: fix Thumb annotation of cpu_v7_hvc_switch_mm
netfilter: conntrack: fix calculation of next bucket number in early_drop
memory_hotplug: cond_resched in __remove_pages
mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings
ocfs2: free up write context when direct IO failed
ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry
soc: ti: QMSS: Fix usage of irq_set_affinity_hint
Revert "powerpc/8xx: Use L1 entry APG to handle _PAGE_ACCESSED for CONFIG_SWAP"
SCSI: fix queue cleanup race before queue initialization is done
scsi: qla2xxx: Initialize port speed to avoid setting lower speed
vhost/scsi: truncate T10 PI iov_iter to prot_bytes
crypto: hisilicon - Fix reference after free of memories on error path
crypto: hisilicon - Fix NULL dereference for same dst and src
reset: hisilicon: fix potential NULL pointer dereference
acpi, nfit: Fix ARS overflow continuation
acpi/nfit, x86/mce: Validate a MCE's address before using it
acpi/nfit, x86/mce: Handle only uncorrectable machine checks
mach64: fix image corruption due to reading accelerator registers
mach64: fix display corruption on big endian machines
thermal: core: Fix use-after-free in thermal_cooling_device_destroy_sysfs
Revert "ceph: fix dentry leak in splice_dentry()"
libceph: bump CEPH_MSG_MAX_DATA_LEN
clk: rockchip: Fix static checker warning in rockchip_ddrclk_get_parent call
clk: rockchip: fix wrong mmc sample phase shift for rk3328
clk: sunxi-ng: h6: fix bus clocks' divider position
clk: at91: Fix division by zero in PLL recalc_rate()
clk: s2mps11: Fix matching when built as module and DT node contains compatible
um: Drop own definition of PTRACE_SYSEMU/_SINGLESTEP
xtensa: fix boot parameters address translation
xtensa: make sure bFLT stack is 16 byte aligned
xtensa: add NOTES section to the linker script
MIPS: Loongson-3: Fix BRIDGE irq delivery problem
MIPS: Loongson-3: Fix CPU UART irq delivery problem
zram: close udev startup race condition as default groups
clk: meson: axg: mark fdiv2 and fdiv3 as critical
clk: meson-gxbb: set fclk_div3 as CLK_IS_CRITICAL
arm64: dts: stratix10: fix multicast filtering
arm64: dts: stratix10: Support Ethernet Jumbo frame
drm/msm: fix OF child-node lookup
fuse: set FR_SENT while locked
fuse: fix blocked_waitq wakeup
fuse: Fix use-after-free in fuse_dev_do_write()
fuse: Fix use-after-free in fuse_dev_do_read()
vfs: fix FIGETBSZ ioctl on an overlayfs file
scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured
scsi: qla2xxx: Fix duplicate switch database entries
scsi: qla2xxx: Fix NVMe Target discovery
scsi: qla2xxx: Fix NVMe session hang on unload
scsi: qla2xxx: Fix for double free of SRB structure
scsi: qla2xxx: Fix re-using LoopID when handle is in use
scsi: qla2xxx: Reject bsg request if chip is down.
scsi: qla2xxx: shutdown chip if reset fail
scsi: qla2xxx: Fix early srb free on abort
scsi: qla2xxx: Remove stale debug trace message from tcm_qla2xxx
scsi: qla2xxx: Fix process response queue for ISP26XX and above
scsi: qla2xxx: Fix incorrect port speed being set for FC adapters
serial: sh-sci: Fix could not remove dev_attr_rx_fifo_timeout
ovl: automatically enable redirect_dir on metacopy=on
ovl: check whiteout in ovl_create_over_whiteout()
ovl: fix recursive oi->lock in ovl_link()
ovl: fix error handling in ovl_verify_set_fh()
cdrom: fix improper type cast, which can leat to information leak.
media: ov5640: fix restore of last mode set
drm/amdgpu: fix integer overflow test in amdgpu_bo_list_create()
9p: clear dangling pointers in p9stat_free
media: ov5640: fix mode change regression
ARM: dts: imx6ull: keep IMX6UL_ prefix for signals on both i.MX6UL and i.MX6ULL
udf: Prevent write-unsupported filesystem to be remounted read-write
9p locks: fix glock.client_id leak in do_lock
staging: most: video: fix registration of an empty comp core_component
drm/amdgpu: Fix SDMA TO after GPU reset v3
drm: rcar-du: Update Gen3 output limitations
staging:iio:ad7606: fix voltage scales
powerpc/selftests: Wait all threads to join
media: tvp5150: fix width alignment during set_selection()
sc16is7xx: Fix for multi-channel stall
serial: 8250_of: Fix for lack of interrupt support
staging: erofs: fix a missing endian conversion
MIPS/PCI: Call pcie_bus_configure_settings() to set MPS/MRRS
powerpc/memtrace: Remove memory in chunks
powerpc/boot: Ensure _zimage_start is a weak symbol
MIPS: kexec: Mark CPU offline before disabling local IRQ
media: coda: don't overwrite h.264 profile_idc on decoder instance
media: pci: cx23885: handle adding to list failure
drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer pointer
drm/amd/display: fix gamma not being applied
drm/amd/display: Raise dispclk value for dce120 by 15%
drm/omap: fix memory barrier bug in DMM driver
powerpc/mm: Don't report hugepage tables as memory leaks when using kmemleak
drm/msm: dpu: Allow planes to extend past active display
drm/msm/disp/dpu: Use proper define for drm_encoder_init() 'encoder_type'
drm/msm/gpu: fix parameters in function msm_gpu_crashstate_capture
powerpc/nohash: fix undefined behaviour when testing page size support
ARM: imx_v6_v7_defconfig: Select CONFIG_TMPFS_POSIX_ACL
drm/amdgpu/powerplay: fix missing break in switch statements
drm/nouveau/secboot/acr: fix memory leak
tracing/kprobes: Check the probe on unloaded module correctly
tty: check name length in tty_find_polling_driver()
powerpc/eeh: Fix possible null deref in eeh_dump_dev_log()
powerpc/Makefile: Fix PPC_BOOK3S_64 ASFLAGS
Input: wm97xx-ts - fix exit path
drm/amd/display: fix bug of accessing invalid memory
powerpc/mm: fix always true/false warning in slice.c
powerpc/mm: Fix page table dump to work on Radix
powerpc/64/module: REL32 relocation range check
powerpc/traps: restore recoverability of machine_check interrupts
Change-Id: Id971c3ddeb610be8aee4ff531ec3fb20ad0db58d
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
commit 2d84a2d19b6150c6dbac1e6ebad9c82e4c123772 upstream.
In current fuse_drop_waiting() implementation it's possible that
fuse_wait_aborted() will not be woken up in the unlikely case that
fuse_abort_conn() + fuse_wait_aborted() runs in between checking
fc->connected and calling atomic_dec(&fc->num_waiting).
Do the atomic_dec_and_test() unconditionally, which also provides the
necessary barrier against reordering with the fc->connected check.
The explicit smp_mb() in fuse_wait_aborted() is not actually needed, since
the spin_unlock() in fuse_abort_conn() provides the necessary RELEASE
barrier after resetting fc->connected. However, this is not a performance
sensitive path, and adding the explicit barrier makes it easier to
document.
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Fixes: b8f95e5d13 ("fuse: umount should wait for all requests")
Cc: <stable@vger.kernel.org> #v4.19
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 7fabaf303458fcabb694999d6fa772cc13d4e217 upstream.
fuse_request_send_notify_reply() may fail if the connection was reset for
some reason (e.g. fs was unmounted). Don't leak request reference in this
case. Besides leaking memory, this resulted in fc->num_waiting not being
decremented and hence fuse_wait_aborted() left in a hanging and unkillable
state.
Fixes: 2d45ba381a ("fuse: add retrieve request")
Fixes: b8f95e5d13 ("fuse: umount should wait for all requests")
Reported-and-tested-by: syzbot+6339eda9cb4ebbc4c37b@syzkaller.appspotmail.com
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Cc: <stable@vger.kernel.org> #v2.6.36
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit ebacb81273599555a7a19f7754a1451206a5fc4f upstream.
In async IO blocking case the additional reference to the io is taken for
it to survive fuse_aio_complete(). In non blocking case this additional
reference is not needed, however we still reference io to figure out
whether to wait for completion or not. This is wrong and will lead to
use-after-free. Fix it by storing blocking information in separate
variable.
This was spotted by KASAN when running generic/208 fstest.
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Reported-by: Zorro Lang <zlang@redhat.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Fixes: 744742d692 ("fuse: Add reference counting for fuse_io_priv")
Cc: <stable@vger.kernel.org> # v4.6
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 4c316f2f3ff315cb48efb7435621e5bfb81df96d upstream.
Otherwise fuse_dev_do_write() could come in and finish off the request, and
the set_bit(FR_SENT, ...) could trigger the WARN_ON(test_bit(FR_SENT, ...))
in request_end().
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Reported-by: syzbot+ef054c4d3f64cd7f7cec@syzkaller.appspotmai
Fixes: 46c34a348b ("fuse: no fc->lock for pqueue parts")
Cc: <stable@vger.kernel.org> # v4.2
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 908a572b80f6e9577b45e81b3dfe2e22111286b8 upstream.
Using waitqueue_active() is racy. Make sure we issue a wake_up()
unconditionally after storing into fc->blocked. After that it's okay to
optimize with waitqueue_active() since the first wake up provides the
necessary barrier for all waiters, not the just the woken one.
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Fixes: 3c18ef8117 ("fuse: optimize wake_up")
Cc: <stable@vger.kernel.org> # v3.10
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
page allocated in fuse_dentry_canonical_path to be handled in
fuse_dev_do_write is allocated using __get_free_pages(GFP_KERNEL).
This may not return a page with data filled with 0. Now this
page may not have a null terminator at all.
If this happens and userspace fuse daemon screws up by passing a string
to kernel which is not NULL terminated (or did not fill anything),
then inside fuse driver in kernel when we try to do
strlen(fuse_dev_write->kern_path->getname_kernel)
on that page data -> it may give us issue with kernel paging request.
Unable to handle kernel paging request at virtual address
------------[ cut here ]------------
<..>
PC is at strlen+0x10/0x90
LR is at getname_kernel+0x2c/0xf4
<..>
strlen+0x10/0x90
kern_path+0x28/0x4c
fuse_dev_do_write+0x5b8/0x694
fuse_dev_write+0x74/0x94
do_iter_readv_writev+0x80/0xb8
do_readv_writev+0xec/0x1cc
vfs_writev+0x54/0x64
SyS_writev+0x64/0xe4
el0_svc_naked+0x24/0x28
To avoid this we should ensure in case of FUSE_CANONICAL_PATH,
the page is null terminated.
Change-Id: I33ca7cc76b4472eaa982c67bb20685df451121f5
Signed-off-by: Ritesh Harjani <riteshh@codeaurora.org>
Bug: 75984715
[Daniel - small edit, using args size ]
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Allows FUSE to report to inotify that it is acting
as a layered filesystem. The userspace component
returns a string representing the location of the
underlying file. If the string cannot be resolved
into a path, the top level path is returned instead.
bug: 23904372
Change-Id: Iabdca0bbedfbff59e9c820c58636a68ef9683d9f
Signed-off-by: Daniel Rosenberg <drosen@google.com>
This contains various bug fixes and cleanups.
-----BEGIN PGP SIGNATURE-----
iHUEABYIAB0WIQSQHSd0lITzzeNWNm3h3BK/laaZPAUCW3xvGwAKCRDh3BK/laaZ
PKECAP9qUpdtQ5RaIL/y9OGZzJLSZbBZuK3LGNY2u2B3EfrSjgEAvhkhXyOQgvVi
kgYLNszbg/C+w8U4Xc5GWB6cjNm6rwE=
=GJI7
-----END PGP SIGNATURE-----
Merge tag 'fuse-update-4.19' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse
Pull fuse update from Miklos Szeredi:
"Various bug fixes and cleanups"
* tag 'fuse-update-4.19' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse:
fuse: reduce allocation size for splice_write
fuse: use kvmalloc to allocate array of pipe_buffer structs.
fuse: convert last timespec use to timespec64
fs: fuse: Adding new return type vm_fault_t
fuse: simplify fuse_abort_conn()
fuse: Add missed unlock_page() to fuse_readpages_fill()
fuse: Don't access pipe->buffers without pipe_lock()
fuse: fix initial parallel dirops
fuse: Fix oops at process_init_reply()
fuse: umount should wait for all requests
fuse: fix unlocked access to processing queue
fuse: fix double request_end()
Pull core signal handling updates from Eric Biederman:
"It was observed that a periodic timer in combination with a
sufficiently expensive fork could prevent fork from every completing.
This contains the changes to remove the need for that restart.
This set of changes is split into several parts:
- The first part makes PIDTYPE_TGID a proper pid type instead
something only for very special cases. The part starts using
PIDTYPE_TGID enough so that in __send_signal where signals are
actually delivered we know if the signal is being sent to a a group
of processes or just a single process.
- With that prep work out of the way the logic in fork is modified so
that fork logically makes signals received while it is running
appear to be received after the fork completes"
* 'siginfo-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace: (22 commits)
signal: Don't send signals to tasks that don't exist
signal: Don't restart fork when signals come in.
fork: Have new threads join on-going signal group stops
fork: Skip setting TIF_SIGPENDING in ptrace_init_task
signal: Add calculate_sigpending()
fork: Unconditionally exit if a fatal signal is pending
fork: Move and describe why the code examines PIDNS_ADDING
signal: Push pid type down into complete_signal.
signal: Push pid type down into __send_signal
signal: Push pid type down into send_signal
signal: Pass pid type into do_send_sig_info
signal: Pass pid type into send_sigio_to_task & send_sigurg_to_task
signal: Pass pid type into group_send_sig_info
signal: Pass pid and pid type into send_sigqueue
posix-timers: Noralize good_sigevent
signal: Use PIDTYPE_TGID to clearly store where file signals will be sent
pid: Implement PIDTYPE_TGID
pids: Move the pgrp and session pid pointers from task_struct to signal_struct
kvm: Don't open code task_pid in kvm_vcpu_ioctl
pids: Compute task_tgid using signal->leader_pid
...
Pull vfs icache updates from Al Viro:
- NFS mkdir/open_by_handle race fix
- analogous solution for FUSE, replacing the one currently in mainline
- new primitive to be used when discarding halfway set up inodes on
failed object creation; gives sane warranties re icache lookups not
returning such doomed by still not freed inodes. A bunch of
filesystems switched to that animal.
- Miklos' fix for last cycle regression in iget5_locked(); -stable will
need a slightly different variant, unfortunately.
- misc bits and pieces around things icache-related (in adfs and jfs).
* 'work.mkdir' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
jfs: don't bother with make_bad_inode() in ialloc()
adfs: don't put inodes into icache
new helper: inode_fake_hash()
vfs: don't evict uninitialized inode
jfs: switch to discard_new_inode()
ext2: make sure that partially set up inodes won't be returned by ext2_iget()
udf: switch to discard_new_inode()
ufs: switch to discard_new_inode()
btrfs: switch to discard_new_inode()
new primitive: discard_new_inode()
kill d_instantiate_no_diralias()
nfs_instantiate(): prevent multiple aliases for directory inode
The only user is fuse_create_new_entry(), and there it's used to
mitigate the same mkdir/open-by-handle race as in nfs_mkdir().
The same solution applies - unhash the mkdir argument, then
call d_splice_alias() and if that returns a reference to preexisting
alias, dput() and report success. ->mkdir() argument left unhashed
negative with the preexisting alias moved in the right place is just
fine from the ->mkdir() callers point of view.
Cc: Miklos Szeredi <miklos@szeredi.hu>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
The 'bufs' array contains 'pipe->buffers' elements, but the
fuse_dev_splice_write() uses only 'pipe->nrbufs' elements.
So reduce the allocation size to 'pipe->nrbufs' elements.
Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
The amount of pipe->buffers is basically controlled by userspace by
fcntl(... F_SETPIPE_SZ ...) so it could be large. High order allocations
could be slow (if memory is heavily fragmented) or may fail if the order
is larger than PAGE_ALLOC_COSTLY_ORDER.
Since the 'bufs' doesn't need to be physically contiguous, use
the kvmalloc_array() to allocate memory. If high order
page isn't available, the kvamalloc*() will fallback to 0-order.
Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
All of fuse uses 64-bit timestamps with the exception of the
fuse_change_attributes(), so let's convert this one as well.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Use new return type vm_fault_t for fault handler in struct
vm_operations_struct. For now, this is just documenting that the function
returns a VM_FAULT value rather than an errno. Once all instances are
converted, vm_fault_t will become a distinct type.
commit 1c8f422059 ("mm: change return type to vm_fault_t")
Signed-off-by: Souptick Joarder <jrdr.linux@gmail.com>
Reviewed-by: Matthew Wilcox <mawilcox@microsoft.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
The above error path returns with page unlocked, so this place seems also
to behave the same.
Fixes: f8dbdf8182 ("fuse: rework fuse_readpages()")
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Ivaylo Georgiev
Miklos Szeredi
Kirill Tkhai
zhengbin
Eric Biggers
Vasily Averin
Kirill Smelkov
Liu Bo
Matthew Wilcox
Jann Horn
Chad Austin
Blagovest Kolenichev
Lukas Czerner
Sami Tolvanen
Ritesh Harjani
Daniel Rosenberg
Linus Torvalds
Al Viro
Andrey Ryabinin
Arnd Bergmann
Souptick Joarder