--- /dev/null
+From f16eb8a4b096514ac06fb25bf599dcc792899b3d Mon Sep 17 00:00:00 2001
+From: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
+Date: Mon, 11 Mar 2019 18:41:03 +0200
+Subject: ACPI / device_sysfs: Avoid OF modalias creation for removed device
+
+From: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
+
+commit f16eb8a4b096514ac06fb25bf599dcc792899b3d upstream.
+
+If SSDT overlay is loaded via ConfigFS and then unloaded the device,
+we would like to have OF modalias for, already gone. Thus, acpi_get_name()
+returns no allocated buffer for such case and kernel crashes afterwards:
+
+ ACPI: Host-directed Dynamic ACPI Table Unload
+ ads7950 spi-PRP0001:00: Dropping the link to regulator.0
+ BUG: unable to handle kernel NULL pointer dereference at 0000000000000000
+ #PF error: [normal kernel read fault]
+ PGD 80000000070d6067 P4D 80000000070d6067 PUD 70d0067 PMD 0
+ Oops: 0000 [#1] SMP PTI
+ CPU: 0 PID: 40 Comm: kworker/u4:2 Not tainted 5.0.0+ #96
+ Hardware name: Intel Corporation Merrifield/BODEGA BAY, BIOS 542 2015.01.21:18.19.48
+ Workqueue: kacpi_hotplug acpi_device_del_work_fn
+ RIP: 0010:create_of_modalias.isra.1+0x4c/0x150
+ Code: 00 00 48 89 44 24 18 31 c0 48 8d 54 24 08 48 c7 44 24 10 00 00 00 00 48 c7 44 24 08 ff ff ff ff e8 7a b0 03 00 48 8b 4c 24 10 <0f> b6 01 84 c0 74 27 48 c7 c7 00 09 f4 a5 0f b6 f0 8d 50 20 f6 04
+ RSP: 0000:ffffa51040297c10 EFLAGS: 00010246
+ RAX: 0000000000001001 RBX: 0000000000000785 RCX: 0000000000000000
+ RDX: 0000000000001001 RSI: 0000000000000286 RDI: ffffa2163dc042e0
+ RBP: ffffa216062b1196 R08: 0000000000001001 R09: ffffa21639873000
+ R10: ffffffffa606761d R11: 0000000000000001 R12: ffffa21639873218
+ R13: ffffa2163deb5060 R14: ffffa216063d1010 R15: 0000000000000000
+ FS: 0000000000000000(0000) GS:ffffa2163e000000(0000) knlGS:0000000000000000
+ CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+ CR2: 0000000000000000 CR3: 0000000007114000 CR4: 00000000001006f0
+ Call Trace:
+ __acpi_device_uevent_modalias+0xb0/0x100
+ spi_uevent+0xd/0x40
+
+ ...
+
+In order to fix above let create_of_modalias() check the status returned
+by acpi_get_name() and bail out in case of failure.
+
+Fixes: 8765c5ba1949 ("ACPI / scan: Rework modalias creation when "compatible" is present")
+Link: https://bugzilla.kernel.org/show_bug.cgi?id=201381
+Reported-by: Ferry Toth <fntoth@gmail.com>
+Tested-by: Ferry Toth<fntoth@gmail.com>
+Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
+Reviewed-by: Mika Westerberg <mika.westerberg@linux.intel.com>
+Cc: 4.1+ <stable@vger.kernel.org> # 4.1+
+Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/acpi/device_sysfs.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+--- a/drivers/acpi/device_sysfs.c
++++ b/drivers/acpi/device_sysfs.c
+@@ -202,11 +202,15 @@ static int create_of_modalias(struct acp
+ {
+ struct acpi_buffer buf = { ACPI_ALLOCATE_BUFFER };
+ const union acpi_object *of_compatible, *obj;
++ acpi_status status;
+ int len, count;
+ int i, nval;
+ char *c;
+
+- acpi_get_name(acpi_dev->handle, ACPI_SINGLE_NAME, &buf);
++ status = acpi_get_name(acpi_dev->handle, ACPI_SINGLE_NAME, &buf);
++ if (ACPI_FAILURE(status))
++ return -ENODEV;
++
+ /* DT strings are all in lower case */
+ for (c = buf.pointer; *c != '\0'; c++)
+ *c = tolower(*c);
--- /dev/null
+From 7b9b9edb49ad377b1e06abf14354c227e9ac4b06 Mon Sep 17 00:00:00 2001
+From: Pavel Shilovsky <piastryyy@gmail.com>
+Date: Wed, 13 Feb 2019 15:43:08 -0800
+Subject: CIFS: Do not reset lease state to NONE on lease break
+
+From: Pavel Shilovsky <piastryyy@gmail.com>
+
+commit 7b9b9edb49ad377b1e06abf14354c227e9ac4b06 upstream.
+
+Currently on lease break the client sets a caching level twice:
+when oplock is detected and when oplock is processed. While the
+1st attempt sets the level to the value provided by the server,
+the 2nd one resets the level to None unconditionally.
+This happens because the oplock/lease processing code was changed
+to avoid races between page cache flushes and oplock breaks.
+The commit c11f1df5003d534 ("cifs: Wait for writebacks to complete
+before attempting write.") fixed the races for oplocks but didn't
+apply the same changes for leases resulting in overwriting the
+server granted value to None. Fix this by properly processing
+lease breaks.
+
+Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
+Signed-off-by: Steve French <stfrench@microsoft.com>
+CC: Stable <stable@vger.kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/cifs/smb2misc.c | 17 ++++++++++++++---
+ fs/cifs/smb2ops.c | 15 ++++++++++++---
+ 2 files changed, 26 insertions(+), 6 deletions(-)
+
+--- a/fs/cifs/smb2misc.c
++++ b/fs/cifs/smb2misc.c
+@@ -474,7 +474,6 @@ smb2_tcon_has_lease(struct cifs_tcon *tc
+ __u8 lease_state;
+ struct list_head *tmp;
+ struct cifsFileInfo *cfile;
+- struct TCP_Server_Info *server = tcon->ses->server;
+ struct cifs_pending_open *open;
+ struct cifsInodeInfo *cinode;
+ int ack_req = le32_to_cpu(rsp->Flags &
+@@ -494,13 +493,25 @@ smb2_tcon_has_lease(struct cifs_tcon *tc
+ cifs_dbg(FYI, "lease key match, lease break 0x%x\n",
+ le32_to_cpu(rsp->NewLeaseState));
+
+- server->ops->set_oplock_level(cinode, lease_state, 0, NULL);
+-
+ if (ack_req)
+ cfile->oplock_break_cancelled = false;
+ else
+ cfile->oplock_break_cancelled = true;
+
++ set_bit(CIFS_INODE_PENDING_OPLOCK_BREAK, &cinode->flags);
++
++ /*
++ * Set or clear flags depending on the lease state being READ.
++ * HANDLE caching flag should be added when the client starts
++ * to defer closing remote file handles with HANDLE leases.
++ */
++ if (lease_state & SMB2_LEASE_READ_CACHING_HE)
++ set_bit(CIFS_INODE_DOWNGRADE_OPLOCK_TO_L2,
++ &cinode->flags);
++ else
++ clear_bit(CIFS_INODE_DOWNGRADE_OPLOCK_TO_L2,
++ &cinode->flags);
++
+ queue_work(cifsoplockd_wq, &cfile->oplock_break);
+ kfree(lw);
+ return true;
+--- a/fs/cifs/smb2ops.c
++++ b/fs/cifs/smb2ops.c
+@@ -1377,6 +1377,15 @@ smb2_downgrade_oplock(struct TCP_Server_
+ }
+
+ static void
++smb21_downgrade_oplock(struct TCP_Server_Info *server,
++ struct cifsInodeInfo *cinode, bool set_level2)
++{
++ server->ops->set_oplock_level(cinode,
++ set_level2 ? SMB2_LEASE_READ_CACHING_HE :
++ 0, 0, NULL);
++}
++
++static void
+ smb2_set_oplock_level(struct cifsInodeInfo *cinode, __u32 oplock,
+ unsigned int epoch, bool *purge_cache)
+ {
+@@ -1681,7 +1690,7 @@ struct smb_version_operations smb21_oper
+ .print_stats = smb2_print_stats,
+ .is_oplock_break = smb2_is_valid_oplock_break,
+ .handle_cancelled_mid = smb2_handle_cancelled_mid,
+- .downgrade_oplock = smb2_downgrade_oplock,
++ .downgrade_oplock = smb21_downgrade_oplock,
+ .need_neg = smb2_need_neg,
+ .negotiate = smb2_negotiate,
+ .negotiate_wsize = smb2_negotiate_wsize,
+@@ -1765,7 +1774,7 @@ struct smb_version_operations smb30_oper
+ .dump_share_caps = smb2_dump_share_caps,
+ .is_oplock_break = smb2_is_valid_oplock_break,
+ .handle_cancelled_mid = smb2_handle_cancelled_mid,
+- .downgrade_oplock = smb2_downgrade_oplock,
++ .downgrade_oplock = smb21_downgrade_oplock,
+ .need_neg = smb2_need_neg,
+ .negotiate = smb2_negotiate,
+ .negotiate_wsize = smb2_negotiate_wsize,
+@@ -1855,7 +1864,7 @@ struct smb_version_operations smb311_ope
+ .dump_share_caps = smb2_dump_share_caps,
+ .is_oplock_break = smb2_is_valid_oplock_break,
+ .handle_cancelled_mid = smb2_handle_cancelled_mid,
+- .downgrade_oplock = smb2_downgrade_oplock,
++ .downgrade_oplock = smb21_downgrade_oplock,
+ .need_neg = smb2_need_neg,
+ .negotiate = smb2_negotiate,
+ .negotiate_wsize = smb2_negotiate_wsize,
--- /dev/null
+From 6dfbd84684700cb58b34e8602c01c12f3d2595c8 Mon Sep 17 00:00:00 2001
+From: Pavel Shilovsky <piastryyy@gmail.com>
+Date: Mon, 4 Mar 2019 17:48:01 -0800
+Subject: CIFS: Fix read after write for files with read caching
+
+From: Pavel Shilovsky <piastryyy@gmail.com>
+
+commit 6dfbd84684700cb58b34e8602c01c12f3d2595c8 upstream.
+
+When we have a READ lease for a file and have just issued a write
+operation to the server we need to purge the cache and set oplock/lease
+level to NONE to avoid reading stale data. Currently we do that
+only if a write operation succedeed thus not covering cases when
+a request was sent to the server but a negative error code was
+returned later for some other reasons (e.g. -EIOCBQUEUED or -EINTR).
+Fix this by turning off caching regardless of the error code being
+returned.
+
+The patches fixes generic tests 075 and 112 from the xfs-tests.
+
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
+Signed-off-by: Steve French <stfrench@microsoft.com>
+Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/cifs/file.c | 12 +++++++-----
+ 1 file changed, 7 insertions(+), 5 deletions(-)
+
+--- a/fs/cifs/file.c
++++ b/fs/cifs/file.c
+@@ -2797,14 +2797,16 @@ cifs_strict_writev(struct kiocb *iocb, s
+ * these pages but not on the region from pos to ppos+len-1.
+ */
+ written = cifs_user_writev(iocb, from);
+- if (written > 0 && CIFS_CACHE_READ(cinode)) {
++ if (CIFS_CACHE_READ(cinode)) {
+ /*
+- * Windows 7 server can delay breaking level2 oplock if a write
+- * request comes - break it on the client to prevent reading
+- * an old data.
++ * We have read level caching and we have just sent a write
++ * request to the server thus making data in the cache stale.
++ * Zap the cache and set oplock/lease level to NONE to avoid
++ * reading stale data from the cache. All subsequent read
++ * operations will read new data from the server.
+ */
+ cifs_zap_mapping(inode);
+- cifs_dbg(FYI, "Set no oplock for inode=%p after a write operation\n",
++ cifs_dbg(FYI, "Set Oplock/Lease to NONE for inode=%p after write\n",
+ inode);
+ cinode->oplock = 0;
+ }
--- /dev/null
+From eaf46edf6ea89675bd36245369c8de5063a0272c Mon Sep 17 00:00:00 2001
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Date: Thu, 24 Jan 2019 17:33:45 +0100
+Subject: crypto: arm64/aes-ccm - fix logical bug in AAD MAC handling
+
+From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+
+commit eaf46edf6ea89675bd36245369c8de5063a0272c upstream.
+
+The NEON MAC calculation routine fails to handle the case correctly
+where there is some data in the buffer, and the input fills it up
+exactly. In this case, we enter the loop at the end with w8 == 0,
+while a negative value is assumed, and so the loop carries on until
+the increment of the 32-bit counter wraps around, which is quite
+obviously wrong.
+
+So omit the loop altogether in this case, and exit right away.
+
+Reported-by: Eric Biggers <ebiggers@kernel.org>
+Fixes: a3fd82105b9d1 ("arm64/crypto: AES in CCM mode using ARMv8 Crypto ...")
+Cc: stable@vger.kernel.org
+Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm64/crypto/aes-ce-ccm-core.S | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/arch/arm64/crypto/aes-ce-ccm-core.S
++++ b/arch/arm64/crypto/aes-ce-ccm-core.S
+@@ -74,12 +74,13 @@ ENTRY(ce_aes_ccm_auth_data)
+ beq 10f
+ ext v0.16b, v0.16b, v0.16b, #1 /* rotate out the mac bytes */
+ b 7b
+-8: mov w7, w8
++8: cbz w8, 91f
++ mov w7, w8
+ add w8, w8, #16
+ 9: ext v1.16b, v1.16b, v1.16b, #1
+ adds w7, w7, #1
+ bne 9b
+- eor v0.16b, v0.16b, v1.16b
++91: eor v0.16b, v0.16b, v1.16b
+ st1 {v0.16b}, [x0]
+ 10: str w8, [x3]
+ ret
--- /dev/null
+From ba7d7433a0e998c902132bd47330e355a1eaa894 Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Sun, 6 Jan 2019 18:47:42 -0800
+Subject: crypto: hash - set CRYPTO_TFM_NEED_KEY if ->setkey() fails
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit ba7d7433a0e998c902132bd47330e355a1eaa894 upstream.
+
+Some algorithms have a ->setkey() method that is not atomic, in the
+sense that setting a key can fail after changes were already made to the
+tfm context. In this case, if a key was already set the tfm can end up
+in a state that corresponds to neither the old key nor the new key.
+
+It's not feasible to make all ->setkey() methods atomic, especially ones
+that have to key multiple sub-tfms. Therefore, make the crypto API set
+CRYPTO_TFM_NEED_KEY if ->setkey() fails and the algorithm requires a
+key, to prevent the tfm from being used until a new key is set.
+
+Note: we can't set CRYPTO_TFM_NEED_KEY for OPTIONAL_KEY algorithms, so
+->setkey() for those must nevertheless be atomic. That's fine for now
+since only the crc32 and crc32c algorithms set OPTIONAL_KEY, and it's
+not intended that OPTIONAL_KEY be used much.
+
+[Cc stable mainly because when introducing the NEED_KEY flag I changed
+ AF_ALG to rely on it; and unlike in-kernel crypto API users, AF_ALG
+ previously didn't have this problem. So these "incompletely keyed"
+ states became theoretically accessible via AF_ALG -- though, the
+ opportunities for causing real mischief seem pretty limited.]
+
+Fixes: 9fa68f620041 ("crypto: hash - prevent using keyed hashes without setting key")
+Cc: stable@vger.kernel.org
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ crypto/ahash.c | 28 +++++++++++++++++++---------
+ crypto/shash.c | 18 +++++++++++++-----
+ 2 files changed, 32 insertions(+), 14 deletions(-)
+
+--- a/crypto/ahash.c
++++ b/crypto/ahash.c
+@@ -189,6 +189,21 @@ static int ahash_setkey_unaligned(struct
+ return ret;
+ }
+
++static int ahash_nosetkey(struct crypto_ahash *tfm, const u8 *key,
++ unsigned int keylen)
++{
++ return -ENOSYS;
++}
++
++static void ahash_set_needkey(struct crypto_ahash *tfm)
++{
++ const struct hash_alg_common *alg = crypto_hash_alg_common(tfm);
++
++ if (tfm->setkey != ahash_nosetkey &&
++ !(alg->base.cra_flags & CRYPTO_ALG_OPTIONAL_KEY))
++ crypto_ahash_set_flags(tfm, CRYPTO_TFM_NEED_KEY);
++}
++
+ int crypto_ahash_setkey(struct crypto_ahash *tfm, const u8 *key,
+ unsigned int keylen)
+ {
+@@ -200,20 +215,16 @@ int crypto_ahash_setkey(struct crypto_ah
+ else
+ err = tfm->setkey(tfm, key, keylen);
+
+- if (err)
++ if (unlikely(err)) {
++ ahash_set_needkey(tfm);
+ return err;
++ }
+
+ crypto_ahash_clear_flags(tfm, CRYPTO_TFM_NEED_KEY);
+ return 0;
+ }
+ EXPORT_SYMBOL_GPL(crypto_ahash_setkey);
+
+-static int ahash_nosetkey(struct crypto_ahash *tfm, const u8 *key,
+- unsigned int keylen)
+-{
+- return -ENOSYS;
+-}
+-
+ static inline unsigned int ahash_align_buffer_size(unsigned len,
+ unsigned long mask)
+ {
+@@ -482,8 +493,7 @@ static int crypto_ahash_init_tfm(struct
+
+ if (alg->setkey) {
+ hash->setkey = alg->setkey;
+- if (!(alg->halg.base.cra_flags & CRYPTO_ALG_OPTIONAL_KEY))
+- crypto_ahash_set_flags(hash, CRYPTO_TFM_NEED_KEY);
++ ahash_set_needkey(hash);
+ }
+ if (alg->export)
+ hash->export = alg->export;
+--- a/crypto/shash.c
++++ b/crypto/shash.c
+@@ -52,6 +52,13 @@ static int shash_setkey_unaligned(struct
+ return err;
+ }
+
++static void shash_set_needkey(struct crypto_shash *tfm, struct shash_alg *alg)
++{
++ if (crypto_shash_alg_has_setkey(alg) &&
++ !(alg->base.cra_flags & CRYPTO_ALG_OPTIONAL_KEY))
++ crypto_shash_set_flags(tfm, CRYPTO_TFM_NEED_KEY);
++}
++
+ int crypto_shash_setkey(struct crypto_shash *tfm, const u8 *key,
+ unsigned int keylen)
+ {
+@@ -64,8 +71,10 @@ int crypto_shash_setkey(struct crypto_sh
+ else
+ err = shash->setkey(tfm, key, keylen);
+
+- if (err)
++ if (unlikely(err)) {
++ shash_set_needkey(tfm, shash);
+ return err;
++ }
+
+ crypto_shash_clear_flags(tfm, CRYPTO_TFM_NEED_KEY);
+ return 0;
+@@ -367,7 +376,8 @@ int crypto_init_shash_ops_async(struct c
+ crt->final = shash_async_final;
+ crt->finup = shash_async_finup;
+ crt->digest = shash_async_digest;
+- crt->setkey = shash_async_setkey;
++ if (crypto_shash_alg_has_setkey(alg))
++ crt->setkey = shash_async_setkey;
+
+ crypto_ahash_set_flags(crt, crypto_shash_get_flags(shash) &
+ CRYPTO_TFM_NEED_KEY);
+@@ -389,9 +399,7 @@ static int crypto_shash_init_tfm(struct
+
+ hash->descsize = alg->descsize;
+
+- if (crypto_shash_alg_has_setkey(alg) &&
+- !(alg->base.cra_flags & CRYPTO_ALG_OPTIONAL_KEY))
+- crypto_shash_set_flags(hash, CRYPTO_TFM_NEED_KEY);
++ shash_set_needkey(hash, alg);
+
+ return 0;
+ }
libnvdimm-label-clear-updating-flag-after-label-set-update.patch
libnvdimm-pmem-honor-force_raw-for-legacy-pmem-regions.patch
libnvdimm-fix-altmap-reservation-size-calculation.patch
+crypto-hash-set-crypto_tfm_need_key-if-setkey-fails.patch
+crypto-arm64-aes-ccm-fix-logical-bug-in-aad-mac-handling.patch
+cifs-do-not-reset-lease-state-to-none-on-lease-break.patch
+cifs-fix-read-after-write-for-files-with-read-caching.patch
+tracing-use-strncpy-instead-of-memcpy-for-string-keys-in-hist-triggers.patch
+tracing-do-not-free-iter-trace-in-fail-path-of-tracing_open_pipe.patch
+acpi-device_sysfs-avoid-of-modalias-creation-for-removed-device.patch
--- /dev/null
+From e7f0c424d0806b05d6f47be9f202b037eb701707 Mon Sep 17 00:00:00 2001
+From: "zhangyi (F)" <yi.zhang@huawei.com>
+Date: Wed, 13 Feb 2019 20:29:06 +0800
+Subject: tracing: Do not free iter->trace in fail path of tracing_open_pipe()
+
+From: zhangyi (F) <yi.zhang@huawei.com>
+
+commit e7f0c424d0806b05d6f47be9f202b037eb701707 upstream.
+
+Commit d716ff71dd12 ("tracing: Remove taking of trace_types_lock in
+pipe files") use the current tracer instead of the copy in
+tracing_open_pipe(), but it forget to remove the freeing sentence in
+the error path.
+
+There's an error path that can call kfree(iter->trace) after the iter->trace
+was assigned to tr->current_trace, which would be bad to free.
+
+Link: http://lkml.kernel.org/r/1550060946-45984-1-git-send-email-yi.zhang@huawei.com
+
+Cc: stable@vger.kernel.org
+Fixes: d716ff71dd12 ("tracing: Remove taking of trace_types_lock in pipe files")
+Signed-off-by: zhangyi (F) <yi.zhang@huawei.com>
+Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ kernel/trace/trace.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+--- a/kernel/trace/trace.c
++++ b/kernel/trace/trace.c
+@@ -5057,7 +5057,6 @@ out:
+ return ret;
+
+ fail:
+- kfree(iter->trace);
+ kfree(iter);
+ __trace_array_put(tr);
+ mutex_unlock(&trace_types_lock);
--- /dev/null
+From 9f0bbf3115ca9f91f43b7c74e9ac7d79f47fc6c2 Mon Sep 17 00:00:00 2001
+From: Tom Zanussi <tom.zanussi@linux.intel.com>
+Date: Mon, 4 Feb 2019 15:07:24 -0600
+Subject: tracing: Use strncpy instead of memcpy for string keys in hist triggers
+
+From: Tom Zanussi <tom.zanussi@linux.intel.com>
+
+commit 9f0bbf3115ca9f91f43b7c74e9ac7d79f47fc6c2 upstream.
+
+Because there may be random garbage beyond a string's null terminator,
+it's not correct to copy the the complete character array for use as a
+hist trigger key. This results in multiple histogram entries for the
+'same' string key.
+
+So, in the case of a string key, use strncpy instead of memcpy to
+avoid copying in the extra bytes.
+
+Before, using the gdbus entries in the following hist trigger as an
+example:
+
+ # echo 'hist:key=comm' > /sys/kernel/debug/tracing/events/sched/sched_waking/trigger
+ # cat /sys/kernel/debug/tracing/events/sched/sched_waking/hist
+
+ ...
+
+ { comm: ImgDecoder #4 } hitcount: 203
+ { comm: gmain } hitcount: 213
+ { comm: gmain } hitcount: 216
+ { comm: StreamTrans #73 } hitcount: 221
+ { comm: mozStorage #3 } hitcount: 230
+ { comm: gdbus } hitcount: 233
+ { comm: StyleThread#5 } hitcount: 253
+ { comm: gdbus } hitcount: 256
+ { comm: gdbus } hitcount: 260
+ { comm: StyleThread#4 } hitcount: 271
+
+ ...
+
+ # cat /sys/kernel/debug/tracing/events/sched/sched_waking/hist | egrep gdbus | wc -l
+ 51
+
+After:
+
+ # cat /sys/kernel/debug/tracing/events/sched/sched_waking/hist | egrep gdbus | wc -l
+ 1
+
+Link: http://lkml.kernel.org/r/50c35ae1267d64eee975b8125e151e600071d4dc.1549309756.git.tom.zanussi@linux.intel.com
+
+Cc: Namhyung Kim <namhyung@kernel.org>
+Cc: stable@vger.kernel.org
+Fixes: 79e577cbce4c4 ("tracing: Support string type key properly")
+Signed-off-by: Tom Zanussi <tom.zanussi@linux.intel.com>
+Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ kernel/trace/trace_events_hist.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/kernel/trace/trace_events_hist.c
++++ b/kernel/trace/trace_events_hist.c
+@@ -871,9 +871,10 @@ static inline void add_to_key(char *comp
+ /* ensure NULL-termination */
+ if (size > key_field->size - 1)
+ size = key_field->size - 1;
+- }
+
+- memcpy(compound_key + key_field->offset, key, size);
++ strncpy(compound_key + key_field->offset, (char *)key, size);
++ } else
++ memcpy(compound_key + key_field->offset, key, size);
+ }
+
+ static void event_hist_trigger(struct event_trigger_data *data, void *rec)
projects / thirdparty / kernel / stable-queue.git / commitdiff
