--- /dev/null
+From c466488cf5d4102b0f751a980009f93c06dcb1d1 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 7 Sep 2021 20:12:42 +0800
+Subject: blk-throttle: fix UAF by deleteing timer in blk_throtl_exit()
+
+From: Li Jinlin <lijinlin3@huawei.com>
+
+[ Upstream commit 884f0e84f1e3195b801319c8ec3d5774e9bf2710 ]
+
+The pending timer has been set up in blk_throtl_init(). However, the
+timer is not deleted in blk_throtl_exit(). This means that the timer
+handler may still be running after freeing the timer, which would
+result in a use-after-free.
+
+Fix by calling del_timer_sync() to delete the timer in blk_throtl_exit().
+
+Signed-off-by: Li Jinlin <lijinlin3@huawei.com>
+Link: https://lore.kernel.org/r/20210907121242.2885564-1-lijinlin3@huawei.com
+Signed-off-by: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ block/blk-throttle.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/block/blk-throttle.c b/block/blk-throttle.c
+index 17bdd6b55beb..fbd08c4569ce 100644
+--- a/block/blk-throttle.c
++++ b/block/blk-throttle.c
+@@ -1588,6 +1588,7 @@ int blk_throtl_init(struct request_queue *q)
+ void blk_throtl_exit(struct request_queue *q)
+ {
+ BUG_ON(!q->td);
++ del_timer_sync(&q->td->service_queue.pending_timer);
+ throtl_shutdown_wq(q);
+ blkcg_deactivate_policy(q, &blkcg_policy_throtl);
+ kfree(q->td);
+--
+2.33.0
+
--- /dev/null
+From 2d0491979ad7323de9716c420cf1a123ca4a77db Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Thu, 2 Sep 2021 08:31:03 -0400
+Subject: ceph: lockdep annotations for try_nonblocking_invalidate
+
+From: Jeff Layton <jlayton@kernel.org>
+
+[ Upstream commit 3eaf5aa1cfa8c97c72f5824e2e9263d6cc977b03 ]
+
+Signed-off-by: Jeff Layton <jlayton@kernel.org>
+Reviewed-by: Ilya Dryomov <idryomov@gmail.com>
+Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/ceph/caps.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/fs/ceph/caps.c b/fs/ceph/caps.c
+index 9d74cd37b395..154c47282a34 100644
+--- a/fs/ceph/caps.c
++++ b/fs/ceph/caps.c
+@@ -1545,6 +1545,8 @@ static int __mark_caps_flushing(struct inode *inode,
+ * try to invalidate mapping pages without blocking.
+ */
+ static int try_nonblocking_invalidate(struct inode *inode)
++ __releases(ci->i_ceph_lock)
++ __acquires(ci->i_ceph_lock)
+ {
+ struct ceph_inode_info *ci = ceph_inode(inode);
+ u32 invalidating_gen = ci->i_rdcache_gen;
+--
+2.33.0
+
--- /dev/null
+From a9f78c39ad8cbf829913040108b119884e1ad6eb Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 30 Jul 2021 23:27:15 +0300
+Subject: dmaengine: acpi: Avoid comparison GSI with Linux vIRQ
+
+From: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
+
+[ Upstream commit 67db87dc8284070adb15b3c02c1c31d5cf51c5d6 ]
+
+Currently the CRST parsing relies on the fact that on most of x86 devices
+the IRQ mapping is 1:1 with Linux vIRQ. However, it may be not true for
+some. Fix this by converting GSI to Linux vIRQ before checking it.
+
+Fixes: ee8209fd026b ("dma: acpi-dma: parse CSRT to extract additional resources")
+Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
+Link: https://lore.kernel.org/r/20210730202715.24375-1-andriy.shevchenko@linux.intel.com
+Signed-off-by: Vinod Koul <vkoul@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/dma/acpi-dma.c | 10 +++++++---
+ 1 file changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/drivers/dma/acpi-dma.c b/drivers/dma/acpi-dma.c
+index eed6bda01790..eef1b93828c2 100644
+--- a/drivers/dma/acpi-dma.c
++++ b/drivers/dma/acpi-dma.c
+@@ -72,10 +72,14 @@ static int acpi_dma_parse_resource_group(const struct acpi_csrt_group *grp,
+
+ si = (const struct acpi_csrt_shared_info *)&grp[1];
+
+- /* Match device by MMIO and IRQ */
++ /* Match device by MMIO */
+ if (si->mmio_base_low != lower_32_bits(mem) ||
+- si->mmio_base_high != upper_32_bits(mem) ||
+- si->gsi_interrupt != irq)
++ si->mmio_base_high != upper_32_bits(mem))
++ return 0;
++
++ /* Match device by Linux vIRQ */
++ ret = acpi_register_gsi(NULL, si->gsi_interrupt, si->interrupt_mode, si->interrupt_polarity);
++ if (ret != irq)
+ return 0;
+
+ dev_dbg(&adev->dev, "matches with %.4s%04X (rev %u)\n",
+--
+2.33.0
+
--- /dev/null
+From 8bbebb8f6ae58ef33691df9914702b5eb0b1b250 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 17 Nov 2015 13:34:26 +0200
+Subject: dmaengine: acpi-dma: check for 64-bit MMIO address
+
+From: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
+
+[ Upstream commit f94cf9f4c54a72ccbd2078bb0cedd3691a71c431 ]
+
+Currently the match DMA controller is done only for lower 32 bits of
+address which might be not true on 64-bit platform. Check upper portion
+as well.
+
+Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
+Signed-off-by: Vinod Koul <vinod.koul@intel.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/dma/acpi-dma.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/drivers/dma/acpi-dma.c b/drivers/dma/acpi-dma.c
+index 16d0daa058a5..eed6bda01790 100644
+--- a/drivers/dma/acpi-dma.c
++++ b/drivers/dma/acpi-dma.c
+@@ -15,6 +15,7 @@
+ #include <linux/device.h>
+ #include <linux/err.h>
+ #include <linux/module.h>
++#include <linux/kernel.h>
+ #include <linux/list.h>
+ #include <linux/mutex.h>
+ #include <linux/slab.h>
+@@ -72,7 +73,9 @@ static int acpi_dma_parse_resource_group(const struct acpi_csrt_group *grp,
+ si = (const struct acpi_csrt_shared_info *)&grp[1];
+
+ /* Match device by MMIO and IRQ */
+- if (si->mmio_base_low != mem || si->gsi_interrupt != irq)
++ if (si->mmio_base_low != lower_32_bits(mem) ||
++ si->mmio_base_high != upper_32_bits(mem) ||
++ si->gsi_interrupt != irq)
+ return 0;
+
+ dev_dbg(&adev->dev, "matches with %.4s%04X (rev %u)\n",
+--
+2.33.0
+
--- /dev/null
+From 4b1c311d12f105154a522955b4893193435c4fbd Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 9 Aug 2021 11:24:09 +0200
+Subject: dmaengine: ioat: depends on !UML
+
+From: Johannes Berg <johannes.berg@intel.com>
+
+[ Upstream commit bbac7a92a46f0876e588722ebe552ddfe6fd790f ]
+
+Now that UML has PCI support, this driver must depend also on
+!UML since it pokes at X86_64 architecture internals that don't
+exist on ARCH=um.
+
+Reported-by: Geert Uytterhoeven <geert@linux-m68k.org>
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Acked-by: Dave Jiang <dave.jiang@intel.com>
+Link: https://lore.kernel.org/r/20210809112409.a3a0974874d2.I2ffe3d11ed37f735da2f39884a74c953b258b995@changeid
+Signed-off-by: Vinod Koul <vkoul@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/dma/Kconfig | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/drivers/dma/Kconfig b/drivers/dma/Kconfig
+index e6cd1a32025a..f450f3d8f63a 100644
+--- a/drivers/dma/Kconfig
++++ b/drivers/dma/Kconfig
+@@ -239,7 +239,7 @@ config INTEL_IDMA64
+
+ config INTEL_IOATDMA
+ tristate "Intel I/OAT DMA support"
+- depends on PCI && X86_64
++ depends on PCI && X86_64 && !UML
+ select DMA_ENGINE
+ select DMA_ENGINE_RAID
+ select DCA
+--
+2.33.0
+
--- /dev/null
+From 1833078cd9a75350478717c30f097a090b366374 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 7 Sep 2021 20:00:15 -0700
+Subject: nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group
+
+From: Nanyong Sun <sunnanyong@huawei.com>
+
+[ Upstream commit 24f8cb1ed057c840728167dab33b32e44147c86f ]
+
+If kobject_init_and_add return with error, kobject_put() is needed here to
+avoid memory leak, because kobject_init_and_add may return error without
+freeing the memory associated with the kobject it allocated.
+
+Link: https://lkml.kernel.org/r/20210629022556.3985106-4-sunnanyong@huawei.com
+Link: https://lkml.kernel.org/r/1625651306-10829-4-git-send-email-konishi.ryusuke@gmail.com
+Signed-off-by: Nanyong Sun <sunnanyong@huawei.com>
+Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/nilfs2/sysfs.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/fs/nilfs2/sysfs.c b/fs/nilfs2/sysfs.c
+index d7d6791c408e..e8d4828287c3 100644
+--- a/fs/nilfs2/sysfs.c
++++ b/fs/nilfs2/sysfs.c
+@@ -101,8 +101,8 @@ static int nilfs_sysfs_create_##name##_group(struct the_nilfs *nilfs) \
+ err = kobject_init_and_add(kobj, &nilfs_##name##_ktype, parent, \
+ #name); \
+ if (err) \
+- return err; \
+- return 0; \
++ kobject_put(kobj); \
++ return err; \
+ } \
+ static void nilfs_sysfs_delete_##name##_group(struct the_nilfs *nilfs) \
+ { \
+--
+2.33.0
+
--- /dev/null
+From d95799bd2321ea6e84e2223b6987c43079291bf1 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 7 Sep 2021 20:00:09 -0700
+Subject: nilfs2: fix memory leak in nilfs_sysfs_create_device_group
+
+From: Nanyong Sun <sunnanyong@huawei.com>
+
+[ Upstream commit 5f5dec07aca7067216ed4c1342e464e7307a9197 ]
+
+Patch series "nilfs2: fix incorrect usage of kobject".
+
+This patchset from Nanyong Sun fixes memory leak issues and a NULL
+pointer dereference issue caused by incorrect usage of kboject in nilfs2
+sysfs implementation.
+
+This patch (of 6):
+
+Reported by syzkaller:
+
+ BUG: memory leak
+ unreferenced object 0xffff888100ca8988 (size 8):
+ comm "syz-executor.1", pid 1930, jiffies 4294745569 (age 18.052s)
+ hex dump (first 8 bytes):
+ 6c 6f 6f 70 31 00 ff ff loop1...
+ backtrace:
+ kstrdup+0x36/0x70 mm/util.c:60
+ kstrdup_const+0x35/0x60 mm/util.c:83
+ kvasprintf_const+0xf1/0x180 lib/kasprintf.c:48
+ kobject_set_name_vargs+0x56/0x150 lib/kobject.c:289
+ kobject_add_varg lib/kobject.c:384 [inline]
+ kobject_init_and_add+0xc9/0x150 lib/kobject.c:473
+ nilfs_sysfs_create_device_group+0x150/0x7d0 fs/nilfs2/sysfs.c:986
+ init_nilfs+0xa21/0xea0 fs/nilfs2/the_nilfs.c:637
+ nilfs_fill_super fs/nilfs2/super.c:1046 [inline]
+ nilfs_mount+0x7b4/0xe80 fs/nilfs2/super.c:1316
+ legacy_get_tree+0x105/0x210 fs/fs_context.c:592
+ vfs_get_tree+0x8e/0x2d0 fs/super.c:1498
+ do_new_mount fs/namespace.c:2905 [inline]
+ path_mount+0xf9b/0x1990 fs/namespace.c:3235
+ do_mount+0xea/0x100 fs/namespace.c:3248
+ __do_sys_mount fs/namespace.c:3456 [inline]
+ __se_sys_mount fs/namespace.c:3433 [inline]
+ __x64_sys_mount+0x14b/0x1f0 fs/namespace.c:3433
+ do_syscall_x64 arch/x86/entry/common.c:50 [inline]
+ do_syscall_64+0x3b/0x90 arch/x86/entry/common.c:80
+ entry_SYSCALL_64_after_hwframe+0x44/0xae
+
+If kobject_init_and_add return with error, then the cleanup of kobject
+is needed because memory may be allocated in kobject_init_and_add
+without freeing.
+
+And the place of cleanup_dev_kobject should use kobject_put to free the
+memory associated with the kobject. As the section "Kobject removal" of
+"Documentation/core-api/kobject.rst" says, kobject_del() just makes the
+kobject "invisible", but it is not cleaned up. And no more cleanup will
+do after cleanup_dev_kobject, so kobject_put is needed here.
+
+Link: https://lkml.kernel.org/r/1625651306-10829-1-git-send-email-konishi.ryusuke@gmail.com
+Link: https://lkml.kernel.org/r/1625651306-10829-2-git-send-email-konishi.ryusuke@gmail.com
+Reported-by: Hulk Robot <hulkci@huawei.com>
+Link: https://lkml.kernel.org/r/20210629022556.3985106-2-sunnanyong@huawei.com
+Signed-off-by: Nanyong Sun <sunnanyong@huawei.com>
+Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/nilfs2/sysfs.c | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/fs/nilfs2/sysfs.c b/fs/nilfs2/sysfs.c
+index c3b629eec294..69a8f302170e 100644
+--- a/fs/nilfs2/sysfs.c
++++ b/fs/nilfs2/sysfs.c
+@@ -1008,7 +1008,7 @@ int nilfs_sysfs_create_device_group(struct super_block *sb)
+ err = kobject_init_and_add(&nilfs->ns_dev_kobj, &nilfs_dev_ktype, NULL,
+ "%s", sb->s_id);
+ if (err)
+- goto free_dev_subgroups;
++ goto cleanup_dev_kobject;
+
+ err = nilfs_sysfs_create_mounted_snapshots_group(nilfs);
+ if (err)
+@@ -1045,9 +1045,7 @@ delete_mounted_snapshots_group:
+ nilfs_sysfs_delete_mounted_snapshots_group(nilfs);
+
+ cleanup_dev_kobject:
+- kobject_del(&nilfs->ns_dev_kobj);
+-
+-free_dev_subgroups:
++ kobject_put(&nilfs->ns_dev_kobj);
+ kfree(nilfs->ns_dev_subgroups);
+
+ failed_create_device_group:
+--
+2.33.0
+
--- /dev/null
+From ba3ec3adc367f51cce0df1c98ab24580477f27e7 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 7 Sep 2021 20:00:21 -0700
+Subject: nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group
+
+From: Nanyong Sun <sunnanyong@huawei.com>
+
+[ Upstream commit b2fe39c248f3fa4bbb2a20759b4fdd83504190f7 ]
+
+If kobject_init_and_add returns with error, kobject_put() is needed here
+to avoid memory leak, because kobject_init_and_add may return error
+without freeing the memory associated with the kobject it allocated.
+
+Link: https://lkml.kernel.org/r/20210629022556.3985106-6-sunnanyong@huawei.com
+Link: https://lkml.kernel.org/r/1625651306-10829-6-git-send-email-konishi.ryusuke@gmail.com
+Signed-off-by: Nanyong Sun <sunnanyong@huawei.com>
+Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/nilfs2/sysfs.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/fs/nilfs2/sysfs.c b/fs/nilfs2/sysfs.c
+index 8a0af1e378c1..73d872a24a21 100644
+--- a/fs/nilfs2/sysfs.c
++++ b/fs/nilfs2/sysfs.c
+@@ -217,9 +217,9 @@ int nilfs_sysfs_create_snapshot_group(struct nilfs_root *root)
+ }
+
+ if (err)
+- return err;
++ kobject_put(&root->snapshot_kobj);
+
+- return 0;
++ return err;
+ }
+
+ void nilfs_sysfs_delete_snapshot_group(struct nilfs_root *root)
+--
+2.33.0
+
--- /dev/null
+From ea33fb71bfecf1d73981686314cf89fa76594de9 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 7 Sep 2021 20:00:18 -0700
+Subject: nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group
+
+From: Nanyong Sun <sunnanyong@huawei.com>
+
+[ Upstream commit a3e181259ddd61fd378390977a1e4e2316853afa ]
+
+The kobject_put() should be used to cleanup the memory associated with the
+kobject instead of kobject_del. See the section "Kobject removal" of
+"Documentation/core-api/kobject.rst".
+
+Link: https://lkml.kernel.org/r/20210629022556.3985106-5-sunnanyong@huawei.com
+Link: https://lkml.kernel.org/r/1625651306-10829-5-git-send-email-konishi.ryusuke@gmail.com
+Signed-off-by: Nanyong Sun <sunnanyong@huawei.com>
+Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/nilfs2/sysfs.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/fs/nilfs2/sysfs.c b/fs/nilfs2/sysfs.c
+index e8d4828287c3..8a0af1e378c1 100644
+--- a/fs/nilfs2/sysfs.c
++++ b/fs/nilfs2/sysfs.c
+@@ -106,7 +106,7 @@ static int nilfs_sysfs_create_##name##_group(struct the_nilfs *nilfs) \
+ } \
+ static void nilfs_sysfs_delete_##name##_group(struct the_nilfs *nilfs) \
+ { \
+- kobject_del(&nilfs->ns_##parent_name##_subgroups->sg_##name##_kobj); \
++ kobject_put(&nilfs->ns_##parent_name##_subgroups->sg_##name##_kobj); \
+ }
+
+ /************************************************************************
+--
+2.33.0
+
--- /dev/null
+From 3391c812786f7efa273d8c4d0189d678aed694ea Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 7 Sep 2021 20:00:23 -0700
+Subject: nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group
+
+From: Nanyong Sun <sunnanyong@huawei.com>
+
+[ Upstream commit 17243e1c3072b8417a5ebfc53065d0a87af7ca77 ]
+
+kobject_put() should be used to cleanup the memory associated with the
+kobject instead of kobject_del(). See the section "Kobject removal" of
+"Documentation/core-api/kobject.rst".
+
+Link: https://lkml.kernel.org/r/20210629022556.3985106-7-sunnanyong@huawei.com
+Link: https://lkml.kernel.org/r/1625651306-10829-7-git-send-email-konishi.ryusuke@gmail.com
+Signed-off-by: Nanyong Sun <sunnanyong@huawei.com>
+Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/nilfs2/sysfs.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/fs/nilfs2/sysfs.c b/fs/nilfs2/sysfs.c
+index 73d872a24a21..49a148ebbcda 100644
+--- a/fs/nilfs2/sysfs.c
++++ b/fs/nilfs2/sysfs.c
+@@ -224,7 +224,7 @@ int nilfs_sysfs_create_snapshot_group(struct nilfs_root *root)
+
+ void nilfs_sysfs_delete_snapshot_group(struct nilfs_root *root)
+ {
+- kobject_del(&root->snapshot_kobj);
++ kobject_put(&root->snapshot_kobj);
+ }
+
+ /************************************************************************
+--
+2.33.0
+
--- /dev/null
+From e5ac40aa1459015f3903925bd3a19020ad83df00 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 7 Sep 2021 20:00:12 -0700
+Subject: nilfs2: fix NULL pointer in nilfs_##name##_attr_release
+
+From: Nanyong Sun <sunnanyong@huawei.com>
+
+[ Upstream commit dbc6e7d44a514f231a64d9d5676e001b660b6448 ]
+
+In nilfs_##name##_attr_release, kobj->parent should not be referenced
+because it is a NULL pointer. The release() method of kobject is always
+called in kobject_put(kobj), in the implementation of kobject_put(), the
+kobj->parent will be assigned as NULL before call the release() method.
+So just use kobj to get the subgroups, which is more efficient and can fix
+a NULL pointer reference problem.
+
+Link: https://lkml.kernel.org/r/20210629022556.3985106-3-sunnanyong@huawei.com
+Link: https://lkml.kernel.org/r/1625651306-10829-3-git-send-email-konishi.ryusuke@gmail.com
+Signed-off-by: Nanyong Sun <sunnanyong@huawei.com>
+Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/nilfs2/sysfs.c | 8 +++-----
+ 1 file changed, 3 insertions(+), 5 deletions(-)
+
+diff --git a/fs/nilfs2/sysfs.c b/fs/nilfs2/sysfs.c
+index 69a8f302170e..d7d6791c408e 100644
+--- a/fs/nilfs2/sysfs.c
++++ b/fs/nilfs2/sysfs.c
+@@ -73,11 +73,9 @@ static const struct sysfs_ops nilfs_##name##_attr_ops = { \
+ #define NILFS_DEV_INT_GROUP_TYPE(name, parent_name) \
+ static void nilfs_##name##_attr_release(struct kobject *kobj) \
+ { \
+- struct nilfs_sysfs_##parent_name##_subgroups *subgroups; \
+- struct the_nilfs *nilfs = container_of(kobj->parent, \
+- struct the_nilfs, \
+- ns_##parent_name##_kobj); \
+- subgroups = nilfs->ns_##parent_name##_subgroups; \
++ struct nilfs_sysfs_##parent_name##_subgroups *subgroups = container_of(kobj, \
++ struct nilfs_sysfs_##parent_name##_subgroups, \
++ sg_##name##_kobj); \
+ complete(&subgroups->sg_##name##_kobj_unregister); \
+ } \
+ static struct kobj_type nilfs_##name##_ktype = { \
+--
+2.33.0
+
--- /dev/null
+From fd6f215738403ea738a6eac2cda0509e2dd0332e Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Wed, 8 Sep 2021 08:30:41 -0700
+Subject: parisc: Move pci_dev_is_behind_card_dino to where it is used
+
+From: Guenter Roeck <linux@roeck-us.net>
+
+[ Upstream commit 907872baa9f1538eed02ec737b8e89eba6c6e4b9 ]
+
+parisc build test images fail to compile with the following error.
+
+drivers/parisc/dino.c:160:12: error:
+ 'pci_dev_is_behind_card_dino' defined but not used
+
+Move the function just ahead of its only caller to avoid the error.
+
+Fixes: 5fa1659105fa ("parisc: Disable HP HSC-PCI Cards to prevent kernel crash")
+Cc: Helge Deller <deller@gmx.de>
+Signed-off-by: Guenter Roeck <linux@roeck-us.net>
+Signed-off-by: Helge Deller <deller@gmx.de>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/parisc/dino.c | 18 +++++++++---------
+ 1 file changed, 9 insertions(+), 9 deletions(-)
+
+diff --git a/drivers/parisc/dino.c b/drivers/parisc/dino.c
+index 8524faf28acb..88e760c88aba 100644
+--- a/drivers/parisc/dino.c
++++ b/drivers/parisc/dino.c
+@@ -160,15 +160,6 @@ struct dino_device
+ (struct dino_device *)__pdata; })
+
+
+-/* Check if PCI device is behind a Card-mode Dino. */
+-static int pci_dev_is_behind_card_dino(struct pci_dev *dev)
+-{
+- struct dino_device *dino_dev;
+-
+- dino_dev = DINO_DEV(parisc_walk_tree(dev->bus->bridge));
+- return is_card_dino(&dino_dev->hba.dev->id);
+-}
+-
+ /*
+ * Dino Configuration Space Accessor Functions
+ */
+@@ -452,6 +443,15 @@ static void quirk_cirrus_cardbus(struct pci_dev *dev)
+ DECLARE_PCI_FIXUP_ENABLE(PCI_VENDOR_ID_CIRRUS, PCI_DEVICE_ID_CIRRUS_6832, quirk_cirrus_cardbus );
+
+ #ifdef CONFIG_TULIP
++/* Check if PCI device is behind a Card-mode Dino. */
++static int pci_dev_is_behind_card_dino(struct pci_dev *dev)
++{
++ struct dino_device *dino_dev;
++
++ dino_dev = DINO_DEV(parisc_walk_tree(dev->bus->bridge));
++ return is_card_dino(&dino_dev->hba.dev->id);
++}
++
+ static void pci_fixup_tulip(struct pci_dev *dev)
+ {
+ if (!pci_dev_is_behind_card_dino(dev))
+--
+2.33.0
+
prctl-allow-to-setup-brk-for-et_dyn-executables.patch
profiling-fix-shift-out-of-bounds-bugs.patch
pwm-mxs-don-t-modify-hw-state-in-.probe-after-the-pwm-chip-was-registered.patch
+dmaengine-acpi-dma-check-for-64-bit-mmio-address.patch
+dmaengine-acpi-avoid-comparison-gsi-with-linux-virq.patch
+parisc-move-pci_dev_is_behind_card_dino-to-where-it-.patch
+dmaengine-ioat-depends-on-uml.patch
+ceph-lockdep-annotations-for-try_nonblocking_invalid.patch
+nilfs2-fix-memory-leak-in-nilfs_sysfs_create_device_.patch
+nilfs2-fix-null-pointer-in-nilfs_-name-_attr_release.patch
+nilfs2-fix-memory-leak-in-nilfs_sysfs_create_-name-_.patch
+nilfs2-fix-memory-leak-in-nilfs_sysfs_delete_-name-_.patch
+nilfs2-fix-memory-leak-in-nilfs_sysfs_create_snapsho.patch
+nilfs2-fix-memory-leak-in-nilfs_sysfs_delete_snapsho.patch
+blk-throttle-fix-uaf-by-deleteing-timer-in-blk_throt.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
