--- /dev/null
+From 5c03e71b0004fb3d64ae0050e000cb30ec9aa3f2 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 16 Aug 2021 14:05:33 -0700
+Subject: ARC: export clear_user_page() for modules
+
+From: Randy Dunlap <rdunlap@infradead.org>
+
+[ Upstream commit 6b5ff0405e4190f23780362ea324b250bc495683 ]
+
+0day bot reports a build error:
+ ERROR: modpost: "clear_user_page" [drivers/media/v4l2-core/videobuf-dma-sg.ko] undefined!
+so export it in arch/arc/ to fix the build error.
+
+In most ARCHes, clear_user_page() is a macro. OTOH, in a few
+ARCHes it is a function and needs to be exported.
+PowerPC exported it in 2004. It looks like nds32 and nios2
+still need to have it exported.
+
+Fixes: 4102b53392d63 ("ARC: [mm] Aliasing VIPT dcache support 2/4")
+Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
+Reported-by: kernel test robot <lkp@intel.com>
+Cc: Guenter Roeck <linux@roeck-us.net>
+Cc: linux-snps-arc@lists.infradead.org
+Signed-off-by: Vineet Gupta <vgupta@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/arc/mm/cache.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/arch/arc/mm/cache.c b/arch/arc/mm/cache.c
+index a2fbea3ee07c..102418ac5ff4 100644
+--- a/arch/arc/mm/cache.c
++++ b/arch/arc/mm/cache.c
+@@ -1123,7 +1123,7 @@ void clear_user_page(void *to, unsigned long u_vaddr, struct page *page)
+ clear_page(to);
+ clear_bit(PG_dc_clean, &page->flags);
+ }
+-
++EXPORT_SYMBOL(clear_user_page);
+
+ /**********************************************************************
+ * Explicit Cache flush request from user space via syscall
+--
+2.30.2
+
--- /dev/null
+From c9100d4c76f4db72a06fc43a1ee2397b64bfc205 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 2 Aug 2021 16:13:52 +0200
+Subject: block, bfq: honor already-setup queue merges
+
+From: Paolo Valente <paolo.valente@linaro.org>
+
+[ Upstream commit 2d52c58b9c9bdae0ca3df6a1eab5745ab3f7d80b ]
+
+The function bfq_setup_merge prepares the merging between two
+bfq_queues, say bfqq and new_bfqq. To this goal, it assigns
+bfqq->new_bfqq = new_bfqq. Then, each time some I/O for bfqq arrives,
+the process that generated that I/O is disassociated from bfqq and
+associated with new_bfqq (merging is actually a redirection). In this
+respect, bfq_setup_merge increases new_bfqq->ref in advance, adding
+the number of processes that are expected to be associated with
+new_bfqq.
+
+Unfortunately, the stable-merging mechanism interferes with this
+setup. After bfqq->new_bfqq has been set by bfq_setup_merge, and
+before all the expected processes have been associated with
+bfqq->new_bfqq, bfqq may happen to be stably merged with a different
+queue than the current bfqq->new_bfqq. In this case, bfqq->new_bfqq
+gets changed. So, some of the processes that have been already
+accounted for in the ref counter of the previous new_bfqq will not be
+associated with that queue. This creates an unbalance, because those
+references will never be decremented.
+
+This commit fixes this issue by reestablishing the previous, natural
+behaviour: once bfqq->new_bfqq has been set, it will not be changed
+until all expected redirections have occurred.
+
+Signed-off-by: Davide Zini <davidezini2@gmail.com>
+Signed-off-by: Paolo Valente <paolo.valente@linaro.org>
+Link: https://lore.kernel.org/r/20210802141352.74353-2-paolo.valente@linaro.org
+Signed-off-by: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ block/bfq-iosched.c | 16 +++++++++++++---
+ 1 file changed, 13 insertions(+), 3 deletions(-)
+
+diff --git a/block/bfq-iosched.c b/block/bfq-iosched.c
+index 73bffd7af15c..8dee243e639f 100644
+--- a/block/bfq-iosched.c
++++ b/block/bfq-iosched.c
+@@ -2523,6 +2523,15 @@ bfq_setup_merge(struct bfq_queue *bfqq, struct bfq_queue *new_bfqq)
+ * are likely to increase the throughput.
+ */
+ bfqq->new_bfqq = new_bfqq;
++ /*
++ * The above assignment schedules the following redirections:
++ * each time some I/O for bfqq arrives, the process that
++ * generated that I/O is disassociated from bfqq and
++ * associated with new_bfqq. Here we increases new_bfqq->ref
++ * in advance, adding the number of processes that are
++ * expected to be associated with new_bfqq as they happen to
++ * issue I/O.
++ */
+ new_bfqq->ref += process_refs;
+ return new_bfqq;
+ }
+@@ -2582,6 +2591,10 @@ bfq_setup_cooperator(struct bfq_data *bfqd, struct bfq_queue *bfqq,
+ {
+ struct bfq_queue *in_service_bfqq, *new_bfqq;
+
++ /* if a merge has already been setup, then proceed with that first */
++ if (bfqq->new_bfqq)
++ return bfqq->new_bfqq;
++
+ /*
+ * Do not perform queue merging if the device is non
+ * rotational and performs internal queueing. In fact, such a
+@@ -2636,9 +2649,6 @@ bfq_setup_cooperator(struct bfq_data *bfqd, struct bfq_queue *bfqq,
+ if (bfq_too_late_for_merging(bfqq))
+ return NULL;
+
+- if (bfqq->new_bfqq)
+- return bfqq->new_bfqq;
+-
+ if (!io_struct || unlikely(bfqq == &bfqd->oom_bfqq))
+ return NULL;
+
+--
+2.30.2
+
--- /dev/null
+From 9d7b89c0089d3673df5228a042b72f13946061f7 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Thu, 10 Jun 2021 16:39:45 +0200
+Subject: dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation
+
+From: Miquel Raynal <miquel.raynal@bootlin.com>
+
+[ Upstream commit 778cb8e39f6ec252be50fc3850d66f3dcbd5dd5a ]
+
+"PAGESIZE / 512" is the number of ECC chunks.
+"ECC_BYTES" is the number of bytes needed to store a single ECC code.
+"2" is the space reserved by the bad block marker.
+
+"2 + (PAGESIZE / 512) * ECC_BYTES" should of course be lower or equal
+than the total number of OOB bytes, otherwise it won't fit.
+
+Fix the equation by substituting s/>=/<=/.
+
+Suggested-by: Ryan J. Barnett <ryan.barnett@collins.com>
+Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
+Acked-by: Rob Herring <robh@kernel.org>
+Link: https://lore.kernel.org/linux-mtd/20210610143945.3504781-1-miquel.raynal@bootlin.com
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ Documentation/devicetree/bindings/mtd/gpmc-nand.txt | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Documentation/devicetree/bindings/mtd/gpmc-nand.txt b/Documentation/devicetree/bindings/mtd/gpmc-nand.txt
+index 44919d48d241..c459f169a904 100644
+--- a/Documentation/devicetree/bindings/mtd/gpmc-nand.txt
++++ b/Documentation/devicetree/bindings/mtd/gpmc-nand.txt
+@@ -122,7 +122,7 @@ on various other factors also like;
+ so the device should have enough free bytes available its OOB/Spare
+ area to accommodate ECC for entire page. In general following expression
+ helps in determining if given device can accommodate ECC syndrome:
+- "2 + (PAGESIZE / 512) * ECC_BYTES" >= OOBSIZE"
++ "2 + (PAGESIZE / 512) * ECC_BYTES" <= OOBSIZE"
+ where
+ OOBSIZE number of bytes in OOB/spare area
+ PAGESIZE number of bytes in main-area of device page
+--
+2.30.2
+
--- /dev/null
+From cd270aba12b3aed8b4efcb99096f68096ccc92e0 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 3 Sep 2021 14:42:33 +0800
+Subject: ethtool: Fix an error code in cxgb2.c
+
+From: Yang Li <yang.lee@linux.alibaba.com>
+
+[ Upstream commit 7db8263a12155c7ae4ad97e850f1e499c73765fc ]
+
+When adapter->registered_device_map is NULL, the value of err is
+uncertain, we set err to -EINVAL to avoid ambiguity.
+
+Clean up smatch warning:
+drivers/net/ethernet/chelsio/cxgb/cxgb2.c:1114 init_one() warn: missing
+error code 'err'
+
+Reported-by: Abaci Robot <abaci@linux.alibaba.com>
+Signed-off-by: Yang Li <yang.lee@linux.alibaba.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/net/ethernet/chelsio/cxgb/cxgb2.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/drivers/net/ethernet/chelsio/cxgb/cxgb2.c b/drivers/net/ethernet/chelsio/cxgb/cxgb2.c
+index 0ccdde366ae1..540d99f59226 100644
+--- a/drivers/net/ethernet/chelsio/cxgb/cxgb2.c
++++ b/drivers/net/ethernet/chelsio/cxgb/cxgb2.c
+@@ -1153,6 +1153,7 @@ static int init_one(struct pci_dev *pdev, const struct pci_device_id *ent)
+ if (!adapter->registered_device_map) {
+ pr_err("%s: could not register any net devices\n",
+ pci_name(pdev));
++ err = -EINVAL;
+ goto out_release_adapter_res;
+ }
+
+--
+2.30.2
+
--- /dev/null
+From 2c205c50c5d935ae7624b905b2165ecd4c62d837 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 3 Sep 2021 15:03:43 -0700
+Subject: fq_codel: reject silly quantum parameters
+
+From: Eric Dumazet <edumazet@google.com>
+
+[ Upstream commit c7c5e6ff533fe1f9afef7d2fa46678987a1335a7 ]
+
+syzbot found that forcing a big quantum attribute would crash hosts fast,
+essentially using this:
+
+tc qd replace dev eth0 root fq_codel quantum 4294967295
+
+This is because fq_codel_dequeue() would have to loop
+~2^31 times in :
+
+ if (flow->deficit <= 0) {
+ flow->deficit += q->quantum;
+ list_move_tail(&flow->flowchain, &q->old_flows);
+ goto begin;
+ }
+
+SFQ max quantum is 2^19 (half a megabyte)
+Lets adopt a max quantum of one megabyte for FQ_CODEL.
+
+Fixes: 4b549a2ef4be ("fq_codel: Fair Queue Codel AQM")
+Signed-off-by: Eric Dumazet <edumazet@google.com>
+Reported-by: syzbot <syzkaller@googlegroups.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ include/uapi/linux/pkt_sched.h | 2 ++
+ net/sched/sch_fq_codel.c | 12 ++++++++++--
+ 2 files changed, 12 insertions(+), 2 deletions(-)
+
+diff --git a/include/uapi/linux/pkt_sched.h b/include/uapi/linux/pkt_sched.h
+index edbbf4bfdd9e..4a245d7a5c8d 100644
+--- a/include/uapi/linux/pkt_sched.h
++++ b/include/uapi/linux/pkt_sched.h
+@@ -807,6 +807,8 @@ struct tc_codel_xstats {
+
+ /* FQ_CODEL */
+
++#define FQ_CODEL_QUANTUM_MAX (1 << 20)
++
+ enum {
+ TCA_FQ_CODEL_UNSPEC,
+ TCA_FQ_CODEL_TARGET,
+diff --git a/net/sched/sch_fq_codel.c b/net/sched/sch_fq_codel.c
+index 76d72c3f52ed..86fb2f953bd5 100644
+--- a/net/sched/sch_fq_codel.c
++++ b/net/sched/sch_fq_codel.c
+@@ -370,6 +370,7 @@ static int fq_codel_change(struct Qdisc *sch, struct nlattr *opt,
+ {
+ struct fq_codel_sched_data *q = qdisc_priv(sch);
+ struct nlattr *tb[TCA_FQ_CODEL_MAX + 1];
++ u32 quantum = 0;
+ int err;
+
+ if (!opt)
+@@ -387,6 +388,13 @@ static int fq_codel_change(struct Qdisc *sch, struct nlattr *opt,
+ q->flows_cnt > 65536)
+ return -EINVAL;
+ }
++ if (tb[TCA_FQ_CODEL_QUANTUM]) {
++ quantum = max(256U, nla_get_u32(tb[TCA_FQ_CODEL_QUANTUM]));
++ if (quantum > FQ_CODEL_QUANTUM_MAX) {
++ NL_SET_ERR_MSG(extack, "Invalid quantum");
++ return -EINVAL;
++ }
++ }
+ sch_tree_lock(sch);
+
+ if (tb[TCA_FQ_CODEL_TARGET]) {
+@@ -413,8 +421,8 @@ static int fq_codel_change(struct Qdisc *sch, struct nlattr *opt,
+ if (tb[TCA_FQ_CODEL_ECN])
+ q->cparams.ecn = !!nla_get_u32(tb[TCA_FQ_CODEL_ECN]);
+
+- if (tb[TCA_FQ_CODEL_QUANTUM])
+- q->quantum = max(256U, nla_get_u32(tb[TCA_FQ_CODEL_QUANTUM]));
++ if (quantum)
++ q->quantum = quantum;
+
+ if (tb[TCA_FQ_CODEL_DROP_BATCH_SIZE])
+ q->drop_batch_size = max(1U, nla_get_u32(tb[TCA_FQ_CODEL_DROP_BATCH_SIZE]));
+--
+2.30.2
+
--- /dev/null
+From 6e0c71a3561ccece64997547ae6563bd5f30b0ce Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Wed, 4 Aug 2021 13:22:58 +0200
+Subject: fuse: fix use after free in fuse_read_interrupt()
+
+From: Miklos Szeredi <mszeredi@redhat.com>
+
+[ Upstream commit e1e71c168813564be0f6ea3d6740a059ca42d177 ]
+
+There is a potential race between fuse_read_interrupt() and
+fuse_request_end().
+
+TASK1
+ in fuse_read_interrupt(): delete req->intr_entry (while holding
+ fiq->lock)
+
+TASK2
+ in fuse_request_end(): req->intr_entry is empty -> skip fiq->lock
+ wake up TASK3
+
+TASK3
+ request is freed
+
+TASK1
+ in fuse_read_interrupt(): dereference req->in.h.unique ***BAM***
+
+Fix by always grabbing fiq->lock if the request was ever interrupted
+(FR_INTERRUPTED set) thereby serializing with concurrent
+fuse_read_interrupt() calls.
+
+FR_INTERRUPTED is set before the request is queued on fiq->interrupts.
+Dequeing the request is done with list_del_init() but FR_INTERRUPTED is not
+cleared in this case.
+
+Reported-by: lijiazi <lijiazi@xiaomi.com>
+Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/fuse/dev.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c
+index 16aa55b73ccf..7205a89fbb5f 100644
+--- a/fs/fuse/dev.c
++++ b/fs/fuse/dev.c
+@@ -282,10 +282,10 @@ void fuse_request_end(struct fuse_conn *fc, struct fuse_req *req)
+
+ /*
+ * test_and_set_bit() implies smp_mb() between bit
+- * changing and below intr_entry check. Pairs with
++ * changing and below FR_INTERRUPTED check. Pairs with
+ * smp_mb() from queue_interrupt().
+ */
+- if (!list_empty(&req->intr_entry)) {
++ if (test_bit(FR_INTERRUPTED, &req->flags)) {
+ spin_lock(&fiq->lock);
+ list_del_init(&req->intr_entry);
+ spin_unlock(&fiq->lock);
+--
+2.30.2
+
--- /dev/null
+From ff3a77fbefda6af5f93ac446665be60a8d68fd2c Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Sun, 5 Sep 2021 11:21:09 -0400
+Subject: ip_gre: validate csum_start only on pull
+
+From: Willem de Bruijn <willemb@google.com>
+
+[ Upstream commit 8a0ed250f911da31a2aef52101bc707846a800ff ]
+
+The GRE tunnel device can pull existing outer headers in ipge_xmit.
+This is a rare path, apparently unique to this device. The below
+commit ensured that pulling does not move skb->data beyond csum_start.
+
+But it has a false positive if ip_summed is not CHECKSUM_PARTIAL and
+thus csum_start is irrelevant.
+
+Refine to exclude this. At the same time simplify and strengthen the
+test.
+
+Simplify, by moving the check next to the offending pull, making it
+more self documenting and removing an unnecessary branch from other
+code paths.
+
+Strengthen, by also ensuring that the transport header is correct and
+therefore the inner headers will be after skb_reset_inner_headers.
+The transport header is set to csum_start in skb_partial_csum_set.
+
+Link: https://lore.kernel.org/netdev/YS+h%2FtqCJJiQei+W@shredder/
+Fixes: 1d011c4803c7 ("ip_gre: add validation for csum_start")
+Reported-by: Ido Schimmel <idosch@idosch.org>
+Suggested-by: Alexander Duyck <alexander.duyck@gmail.com>
+Signed-off-by: Willem de Bruijn <willemb@google.com>
+Reviewed-by: Alexander Duyck <alexanderduyck@fb.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ net/ipv4/ip_gre.c | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
+index fd8298b8b1c5..c4989e5903e4 100644
+--- a/net/ipv4/ip_gre.c
++++ b/net/ipv4/ip_gre.c
+@@ -446,8 +446,6 @@ static void __gre_xmit(struct sk_buff *skb, struct net_device *dev,
+
+ static int gre_handle_offloads(struct sk_buff *skb, bool csum)
+ {
+- if (csum && skb_checksum_start(skb) < skb->data)
+- return -EINVAL;
+ return iptunnel_handle_offloads(skb, csum ? SKB_GSO_GRE_CSUM : SKB_GSO_GRE);
+ }
+
+@@ -605,15 +603,20 @@ static netdev_tx_t ipgre_xmit(struct sk_buff *skb,
+ }
+
+ if (dev->header_ops) {
++ const int pull_len = tunnel->hlen + sizeof(struct iphdr);
++
+ if (skb_cow_head(skb, 0))
+ goto free_skb;
+
+ tnl_params = (const struct iphdr *)skb->data;
+
++ if (pull_len > skb_transport_offset(skb))
++ goto free_skb;
++
+ /* Pull skb since ip_tunnel_xmit() needs skb->data pointing
+ * to gre header.
+ */
+- skb_pull(skb, tunnel->hlen + sizeof(struct iphdr));
++ skb_pull(skb, pull_len);
+ skb_reset_mac_header(skb);
+ } else {
+ if (skb_cow_head(skb, dev->needed_headroom))
+--
+2.30.2
+
--- /dev/null
+From c9757243add646f6fdfa6e458648280ebd8f08c8 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Wed, 18 Aug 2021 20:21:31 +0000
+Subject: KVM: arm64: Handle PSCI resets before userspace touches vCPU state
+
+From: Oliver Upton <oupton@google.com>
+
+[ Upstream commit 6826c6849b46aaa91300201213701eb861af4ba0 ]
+
+The CPU_ON PSCI call takes a payload that KVM uses to configure a
+destination vCPU to run. This payload is non-architectural state and not
+exposed through any existing UAPI. Effectively, we have a race between
+CPU_ON and userspace saving/restoring a guest: if the target vCPU isn't
+ran again before the VMM saves its state, the requested PC and context
+ID are lost. When restored, the target vCPU will be runnable and start
+executing at its old PC.
+
+We can avoid this race by making sure the reset payload is serviced
+before userspace can access a vCPU's state.
+
+Fixes: 358b28f09f0a ("arm/arm64: KVM: Allow a VCPU to fully reset itself")
+Signed-off-by: Oliver Upton <oupton@google.com>
+Signed-off-by: Marc Zyngier <maz@kernel.org>
+Link: https://lore.kernel.org/r/20210818202133.1106786-3-oupton@google.com
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ virt/kvm/arm/arm.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/virt/kvm/arm/arm.c b/virt/kvm/arm/arm.c
+index 4af85605730e..f7150fbeeb55 100644
+--- a/virt/kvm/arm/arm.c
++++ b/virt/kvm/arm/arm.c
+@@ -1141,6 +1141,14 @@ long kvm_arch_vcpu_ioctl(struct file *filp,
+ if (copy_from_user(®, argp, sizeof(reg)))
+ break;
+
++ /*
++ * We could owe a reset due to PSCI. Handle the pending reset
++ * here to ensure userspace register accesses are ordered after
++ * the reset.
++ */
++ if (kvm_check_request(KVM_REQ_VCPU_RESET, vcpu))
++ kvm_reset_vcpu(vcpu);
++
+ if (ioctl == KVM_SET_ONE_REG)
+ r = kvm_arm_set_reg(vcpu, ®);
+ else
+--
+2.30.2
+
--- /dev/null
+From f2ae8b8f387fe9bede42cd8e7081e3c6bb639713 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 29 Jun 2021 19:12:39 +0200
+Subject: mfd: axp20x: Update AXP288 volatile ranges
+
+From: Hans de Goede <hdegoede@redhat.com>
+
+[ Upstream commit f949a9ebce7a18005266b859a17f10c891bb13d7 ]
+
+On Cherry Trail devices with an AXP288 PMIC the external SD-card slot
+used the AXP's DLDO2 as card-voltage and either DLDO3 or GPIO1LDO
+(GPIO1 pin in low noise LDO mode) as signal-voltage.
+
+These regulators are turned on/off and in case of the signal-voltage
+also have their output-voltage changed by the _PS0 and _PS3 power-
+management ACPI methods on the MMC-controllers ACPI fwnode as well as
+by the _DSM ACPI method for changing the signal voltage.
+
+The AML code implementing these methods is directly accessing the
+PMIC through ACPI I2C OpRegion accesses, instead of using the special
+PMIC OpRegion handled by drivers/acpi/pmic/intel_pmic_xpower.c .
+
+This means that the contents of the involved PMIC registers can change
+without the change being made through the regmap interface, so regmap
+should not cache the contents of these registers.
+
+Mark the regulator power on/off, the regulator voltage control and the
+GPIO1 control registers as volatile, to avoid regmap caching them.
+
+Specifically this fixes an issue on some models where the i915 driver
+toggles another LDO using the same on/off register on/off through
+MIPI sequences (through intel_soc_pmic_exec_mipi_pmic_seq_element())
+which then writes back a cached on/off register-value where the
+card-voltage is off causing the external sdcard slot to stop working
+when the screen goes blank, or comes back on again.
+
+The regulator register-range now marked volatile also includes the
+buck regulator control registers. This is done on purpose these are
+normally not touched by the AML code, but they are updated directly
+by the SoC's PUNIT which means that they may also change without going
+through regmap.
+
+Note the AXP288 PMIC is only used on Bay- and Cherry-Trail platforms,
+so even though this is an ACPI specific problem there is no need to
+make the new volatile ranges conditional since these platforms always
+use ACPI.
+
+Fixes: dc91c3b6fe66 ("mfd: axp20x: Mark AXP20X_VBUS_IPSOUT_MGMT as volatile")
+Fixes: cd53216625a0 ("mfd: axp20x: Fix axp288 volatile ranges")
+Reported-and-tested-by: Clamshell <clamfly@163.com>
+Signed-off-by: Hans de Goede <hdegoede@redhat.com>
+Reviewed-by: Chen-Yu Tsai <wens@csie.org>
+Signed-off-by: Lee Jones <lee.jones@linaro.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/mfd/axp20x.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/drivers/mfd/axp20x.c b/drivers/mfd/axp20x.c
+index aa59496e4376..9db1000944c3 100644
+--- a/drivers/mfd/axp20x.c
++++ b/drivers/mfd/axp20x.c
+@@ -125,12 +125,13 @@ static const struct regmap_range axp288_writeable_ranges[] = {
+
+ static const struct regmap_range axp288_volatile_ranges[] = {
+ regmap_reg_range(AXP20X_PWR_INPUT_STATUS, AXP288_POWER_REASON),
++ regmap_reg_range(AXP22X_PWR_OUT_CTRL1, AXP22X_ALDO3_V_OUT),
+ regmap_reg_range(AXP288_BC_GLOBAL, AXP288_BC_GLOBAL),
+ regmap_reg_range(AXP288_BC_DET_STAT, AXP20X_VBUS_IPSOUT_MGMT),
+ regmap_reg_range(AXP20X_CHRG_BAK_CTRL, AXP20X_CHRG_BAK_CTRL),
+ regmap_reg_range(AXP20X_IRQ1_EN, AXP20X_IPSOUT_V_HIGH_L),
+ regmap_reg_range(AXP20X_TIMER_CTRL, AXP20X_TIMER_CTRL),
+- regmap_reg_range(AXP22X_GPIO_STATE, AXP22X_GPIO_STATE),
++ regmap_reg_range(AXP20X_GPIO1_CTRL, AXP22X_GPIO_STATE),
+ regmap_reg_range(AXP288_RT_BATT_V_H, AXP288_RT_BATT_V_L),
+ regmap_reg_range(AXP20X_FG_RES, AXP288_FG_CC_CAP_REG),
+ };
+--
+2.30.2
+
--- /dev/null
+From b567602d06ec36e2470b71fa05bc8daf1943b139 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 2 Aug 2021 01:33:13 +0200
+Subject: mfd: db8500-prcmu: Adjust map to reality
+
+From: Linus Walleij <linus.walleij@linaro.org>
+
+[ Upstream commit ec343111c056ec3847800302f6dbc57281f833fa ]
+
+These are the actual frequencies reported by the PLL, so let's
+report these. The roundoffs are inappropriate, we should round
+to the frequency that the clock will later report.
+
+Drop some whitespace at the same time.
+
+Cc: phone-devel@vger.kernel.org
+Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
+Signed-off-by: Lee Jones <lee.jones@linaro.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/mfd/db8500-prcmu.c | 14 ++++++--------
+ 1 file changed, 6 insertions(+), 8 deletions(-)
+
+diff --git a/drivers/mfd/db8500-prcmu.c b/drivers/mfd/db8500-prcmu.c
+index dfac6afa82ca..f1f2ad9ff0b3 100644
+--- a/drivers/mfd/db8500-prcmu.c
++++ b/drivers/mfd/db8500-prcmu.c
+@@ -1695,22 +1695,20 @@ static long round_clock_rate(u8 clock, unsigned long rate)
+ }
+
+ static const unsigned long db8500_armss_freqs[] = {
+- 200000000,
+- 400000000,
+- 800000000,
++ 199680000,
++ 399360000,
++ 798720000,
+ 998400000
+ };
+
+ /* The DB8520 has slightly higher ARMSS max frequency */
+ static const unsigned long db8520_armss_freqs[] = {
+- 200000000,
+- 400000000,
+- 800000000,
++ 199680000,
++ 399360000,
++ 798720000,
+ 1152000000
+ };
+
+-
+-
+ static long round_armss_rate(unsigned long rate)
+ {
+ unsigned long freq = 0;
+--
+2.30.2
+
--- /dev/null
+From 8f04daa3f2f5bbf5b8fcd105852eb5e1691715ae Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Sun, 25 Jul 2021 19:07:54 +0100
+Subject: mfd: Don't use irq_create_mapping() to resolve a mapping
+
+From: Marc Zyngier <maz@kernel.org>
+
+[ Upstream commit 9ff80e2de36d0554e3a6da18a171719fe8663c17 ]
+
+Although irq_create_mapping() is able to deal with duplicate
+mappings, it really isn't supposed to be a substitute for
+irq_find_mapping(), and can result in allocations that take place
+in atomic context if the mapping didn't exist.
+
+Fix the handful of MFD drivers that use irq_create_mapping() in
+interrupt context by using irq_find_mapping() instead.
+
+Cc: Linus Walleij <linus.walleij@linaro.org>
+Cc: Lee Jones <lee.jones@linaro.org>
+Cc: Maxime Coquelin <mcoquelin.stm32@gmail.com>
+Cc: Alexandre Torgue <alexandre.torgue@foss.st.com>
+Signed-off-by: Marc Zyngier <maz@kernel.org>
+Signed-off-by: Lee Jones <lee.jones@linaro.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/mfd/ab8500-core.c | 2 +-
+ drivers/mfd/stmpe.c | 4 ++--
+ drivers/mfd/tc3589x.c | 2 +-
+ drivers/mfd/wm8994-irq.c | 2 +-
+ 4 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/drivers/mfd/ab8500-core.c b/drivers/mfd/ab8500-core.c
+index 3e9dc92cb467..842de1f352df 100644
+--- a/drivers/mfd/ab8500-core.c
++++ b/drivers/mfd/ab8500-core.c
+@@ -493,7 +493,7 @@ static int ab8500_handle_hierarchical_line(struct ab8500 *ab8500,
+ if (line == AB8540_INT_GPIO43F || line == AB8540_INT_GPIO44F)
+ line += 1;
+
+- handle_nested_irq(irq_create_mapping(ab8500->domain, line));
++ handle_nested_irq(irq_find_mapping(ab8500->domain, line));
+ }
+
+ return 0;
+diff --git a/drivers/mfd/stmpe.c b/drivers/mfd/stmpe.c
+index 1aee3b3253fc..508349399f8a 100644
+--- a/drivers/mfd/stmpe.c
++++ b/drivers/mfd/stmpe.c
+@@ -1091,7 +1091,7 @@ static irqreturn_t stmpe_irq(int irq, void *data)
+
+ if (variant->id_val == STMPE801_ID ||
+ variant->id_val == STMPE1600_ID) {
+- int base = irq_create_mapping(stmpe->domain, 0);
++ int base = irq_find_mapping(stmpe->domain, 0);
+
+ handle_nested_irq(base);
+ return IRQ_HANDLED;
+@@ -1119,7 +1119,7 @@ static irqreturn_t stmpe_irq(int irq, void *data)
+ while (status) {
+ int bit = __ffs(status);
+ int line = bank * 8 + bit;
+- int nestedirq = irq_create_mapping(stmpe->domain, line);
++ int nestedirq = irq_find_mapping(stmpe->domain, line);
+
+ handle_nested_irq(nestedirq);
+ status &= ~(1 << bit);
+diff --git a/drivers/mfd/tc3589x.c b/drivers/mfd/tc3589x.c
+index 67c9995bb1aa..23cfbd050120 100644
+--- a/drivers/mfd/tc3589x.c
++++ b/drivers/mfd/tc3589x.c
+@@ -187,7 +187,7 @@ again:
+
+ while (status) {
+ int bit = __ffs(status);
+- int virq = irq_create_mapping(tc3589x->domain, bit);
++ int virq = irq_find_mapping(tc3589x->domain, bit);
+
+ handle_nested_irq(virq);
+ status &= ~(1 << bit);
+diff --git a/drivers/mfd/wm8994-irq.c b/drivers/mfd/wm8994-irq.c
+index 6c3a619e2628..651a028bc519 100644
+--- a/drivers/mfd/wm8994-irq.c
++++ b/drivers/mfd/wm8994-irq.c
+@@ -154,7 +154,7 @@ static irqreturn_t wm8994_edge_irq(int irq, void *data)
+ struct wm8994 *wm8994 = data;
+
+ while (gpio_get_value_cansleep(wm8994->pdata.irq_gpio))
+- handle_nested_irq(irq_create_mapping(wm8994->edge_irq, 0));
++ handle_nested_irq(irq_find_mapping(wm8994->edge_irq, 0));
+
+ return IRQ_HANDLED;
+ }
+--
+2.30.2
+
--- /dev/null
+From 5b26574c1fdf5fca7371a5108e8fa144b7a3d7af Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 16 Jul 2021 12:00:48 +0200
+Subject: mfd: tqmx86: Clear GPIO IRQ resource when no IRQ is set
+
+From: Matthias Schiffer <matthias.schiffer@ew.tq-group.com>
+
+[ Upstream commit a946506c48f3bd09363c9d2b0a178e55733bcbb6 ]
+
+The driver was registering IRQ 0 when no IRQ was set. This leads to
+warnings with newer kernels.
+
+Clear the resource flags, so no resource is registered at all in this
+case.
+
+Fixes: 2f17dd34ffed ("mfd: tqmx86: IO controller with I2C, Wachdog and GPIO")
+Signed-off-by: Matthias Schiffer <matthias.schiffer@ew.tq-group.com>
+Reviewed-by: Andrew Lunn <andrew@lunn.ch>
+Signed-off-by: Lee Jones <lee.jones@linaro.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/mfd/tqmx86.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/drivers/mfd/tqmx86.c b/drivers/mfd/tqmx86.c
+index 22d2f02d855c..ccc5a9ac788c 100644
+--- a/drivers/mfd/tqmx86.c
++++ b/drivers/mfd/tqmx86.c
+@@ -210,6 +210,8 @@ static int tqmx86_probe(struct platform_device *pdev)
+
+ /* Assumes the IRQ resource is first. */
+ tqmx_gpio_resources[0].start = gpio_irq;
++ } else {
++ tqmx_gpio_resources[0].flags = 0;
+ }
+
+ ocores_platfom_data.clock_khz = tqmx86_board_id_to_clk_rate(board_id);
+--
+2.30.2
+
--- /dev/null
+From 527f9b2d9913e8166e94de1ce3fbe9c2a989c7e5 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Sat, 21 Aug 2021 09:58:45 +0200
+Subject: mtd: rawnand: cafe: Fix a resource leak in the error handling path of
+ 'cafe_nand_probe()'
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
+
+[ Upstream commit 6b430c7595e4eb95fae8fb54adc3c3ce002e75ae ]
+
+A successful 'init_rs_non_canonical()' call should be balanced by a
+corresponding 'free_rs()' call in the error handling path of the probe, as
+already done in the remove function.
+
+Update the error handling path accordingly.
+
+Fixes: 8c61b7a7f4d4 ("[MTD] [NAND] Use rslib for CAFÉ ECC")
+Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
+Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
+Link: https://lore.kernel.org/linux-mtd/fd313d3fb787458bcc73189e349f481133a2cdc9.1629532640.git.christophe.jaillet@wanadoo.fr
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/mtd/nand/raw/cafe_nand.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/drivers/mtd/nand/raw/cafe_nand.c b/drivers/mtd/nand/raw/cafe_nand.c
+index 2d1c22dc88c1..cc5009200cc2 100644
+--- a/drivers/mtd/nand/raw/cafe_nand.c
++++ b/drivers/mtd/nand/raw/cafe_nand.c
+@@ -757,7 +757,7 @@ static int cafe_nand_probe(struct pci_dev *pdev,
+ "CAFE NAND", mtd);
+ if (err) {
+ dev_warn(&pdev->dev, "Could not register IRQ %d\n", pdev->irq);
+- goto out_ior;
++ goto out_free_rs;
+ }
+
+ /* Disable master reset, enable NAND clock */
+@@ -801,6 +801,8 @@ static int cafe_nand_probe(struct pci_dev *pdev,
+ /* Disable NAND IRQ in global IRQ mask register */
+ cafe_writel(cafe, ~1 & cafe_readl(cafe, GLOBAL_IRQ_MASK), GLOBAL_IRQ_MASK);
+ free_irq(pdev->irq, mtd);
++ out_free_rs:
++ free_rs(cafe->rs);
+ out_ior:
+ pci_iounmap(pdev, cafe->mmio);
+ out_free_mtd:
+--
+2.30.2
+
--- /dev/null
+From 96264d3aff09e97d80c1cfba5317fa88a28c8e2f Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Thu, 2 Sep 2021 10:30:50 +0200
+Subject: net: dsa: b53: Fix calculating number of switch ports
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Rafał Miłecki <rafal@milecki.pl>
+
+[ Upstream commit cdb067d31c0fe4cce98b9d15f1f2ef525acaa094 ]
+
+It isn't true that CPU port is always the last one. Switches BCM5301x
+have 9 ports (port 6 being inactive) and they use port 5 as CPU by
+default (depending on design some other may be CPU ports too).
+
+A more reliable way of determining number of ports is to check for the
+last set bit in the "enabled_ports" bitfield.
+
+This fixes b53 internal state, it will allow providing accurate info to
+the DSA and is required to fix BCM5301x support.
+
+Fixes: 967dd82ffc52 ("net: dsa: b53: Add support for Broadcom RoboSwitch")
+Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
+Reviewed-by: Florian Fainelli <f.fainelli@gmail.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/net/dsa/b53/b53_common.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/drivers/net/dsa/b53/b53_common.c b/drivers/net/dsa/b53/b53_common.c
+index e78b683f7305..825d840cdb8c 100644
+--- a/drivers/net/dsa/b53/b53_common.c
++++ b/drivers/net/dsa/b53/b53_common.c
+@@ -2353,9 +2353,8 @@ static int b53_switch_init(struct b53_device *dev)
+ dev->cpu_port = 5;
+ }
+
+- /* cpu port is always last */
+- dev->num_ports = dev->cpu_port + 1;
+ dev->enabled_ports |= BIT(dev->cpu_port);
++ dev->num_ports = fls(dev->enabled_ports);
+
+ /* Include non standard CPU port built-in PHYs to be probed */
+ if (is539x(dev) || is531x5(dev)) {
+--
+2.30.2
+
--- /dev/null
+From 44c47affd11d95b3be1842587e6e4f235a780a6f Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 7 Sep 2021 20:29:40 +0900
+Subject: net: renesas: sh_eth: Fix freeing wrong tx descriptor
+
+From: Yoshihiro Shimoda <yoshihiro.shimoda.uh@renesas.com>
+
+[ Upstream commit 0341d5e3d1ee2a36dd5a49b5bef2ce4ad1cfa6b4 ]
+
+The cur_tx counter must be incremented after TACT bit of
+txdesc->status was set. However, a CPU is possible to reorder
+instructions and/or memory accesses between cur_tx and
+txdesc->status. And then, if TX interrupt happened at such a
+timing, the sh_eth_tx_free() may free the descriptor wrongly.
+So, add wmb() before cur_tx++.
+Otherwise NETDEV WATCHDOG timeout is possible to happen.
+
+Fixes: 86a74ff21a7a ("net: sh_eth: add support for Renesas SuperH Ethernet")
+Signed-off-by: Yoshihiro Shimoda <yoshihiro.shimoda.uh@renesas.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/net/ethernet/renesas/sh_eth.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/drivers/net/ethernet/renesas/sh_eth.c b/drivers/net/ethernet/renesas/sh_eth.c
+index 931a44fe7afe..50d85d037230 100644
+--- a/drivers/net/ethernet/renesas/sh_eth.c
++++ b/drivers/net/ethernet/renesas/sh_eth.c
+@@ -2567,6 +2567,7 @@ static int sh_eth_start_xmit(struct sk_buff *skb, struct net_device *ndev)
+ else
+ txdesc->status |= cpu_to_le32(TD_TACT);
+
++ wmb(); /* cur_tx must be incremented after TACT bit was set */
+ mdp->cur_tx++;
+
+ if (!(sh_eth_read(ndev, EDTRR) & mdp->cd->edtrr_trns))
+--
+2.30.2
+
--- /dev/null
+From 78874be5d3dd5d9c1ff8d6c69ce5a372f2202186 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Thu, 2 Sep 2021 12:51:22 +0200
+Subject: net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920
+
+From: Daniele Palmas <dnlplm@gmail.com>
+
+[ Upstream commit aabbdc67f3485b5db27ab4eba01e5fbf1ffea62c ]
+
+Add quirk CDC_MBIM_FLAG_AVOID_ALTSETTING_TOGGLE for Telit LN920
+0x1061 composition in order to avoid bind error.
+
+Signed-off-by: Daniele Palmas <dnlplm@gmail.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/net/usb/cdc_mbim.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/drivers/net/usb/cdc_mbim.c b/drivers/net/usb/cdc_mbim.c
+index eb100eb33de3..77ac5a721e7b 100644
+--- a/drivers/net/usb/cdc_mbim.c
++++ b/drivers/net/usb/cdc_mbim.c
+@@ -653,6 +653,11 @@ static const struct usb_device_id mbim_devs[] = {
+ .driver_info = (unsigned long)&cdc_mbim_info_avoid_altsetting_toggle,
+ },
+
++ /* Telit LN920 */
++ { USB_DEVICE_AND_INTERFACE_INFO(0x1bc7, 0x1061, USB_CLASS_COMM, USB_CDC_SUBCLASS_MBIM, USB_CDC_PROTO_NONE),
++ .driver_info = (unsigned long)&cdc_mbim_info_avoid_altsetting_toggle,
++ },
++
+ /* default entry */
+ { USB_INTERFACE_INFO(USB_CLASS_COMM, USB_CDC_SUBCLASS_MBIM, USB_CDC_PROTO_NONE),
+ .driver_info = (unsigned long)&cdc_mbim_info_zlp,
+--
+2.30.2
+
--- /dev/null
+From a048146c561dfee2f068cc078bf109f028f40343 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 3 Sep 2021 15:23:35 +0200
+Subject: netfilter: socket: icmp6: fix use-after-scope
+
+From: Benjamin Hesmans <benjamin.hesmans@tessares.net>
+
+[ Upstream commit 730affed24bffcd1eebd5903171960f5ff9f1f22 ]
+
+Bug reported by KASAN:
+
+BUG: KASAN: use-after-scope in inet6_ehashfn (net/ipv6/inet6_hashtables.c:40)
+Call Trace:
+(...)
+inet6_ehashfn (net/ipv6/inet6_hashtables.c:40)
+(...)
+nf_sk_lookup_slow_v6 (net/ipv6/netfilter/nf_socket_ipv6.c:91
+net/ipv6/netfilter/nf_socket_ipv6.c:146)
+
+It seems that this bug has already been fixed by Eric Dumazet in the
+past in:
+commit 78296c97ca1f ("netfilter: xt_socket: fix a stack corruption bug")
+
+But a variant of the same issue has been introduced in
+commit d64d80a2cde9 ("netfilter: x_tables: don't extract flow keys on early demuxed sks in socket match")
+
+`daddr` and `saddr` potentially hold a reference to ipv6_var that is no
+longer in scope when the call to `nf_socket_get_sock_v6` is made.
+
+Fixes: d64d80a2cde9 ("netfilter: x_tables: don't extract flow keys on early demuxed sks in socket match")
+Acked-by: Matthieu Baerts <matthieu.baerts@tessares.net>
+Signed-off-by: Benjamin Hesmans <benjamin.hesmans@tessares.net>
+Reviewed-by: Florian Westphal <fw@strlen.de>
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ net/ipv6/netfilter/nf_socket_ipv6.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/net/ipv6/netfilter/nf_socket_ipv6.c b/net/ipv6/netfilter/nf_socket_ipv6.c
+index b9df879c48d3..69c021704abd 100644
+--- a/net/ipv6/netfilter/nf_socket_ipv6.c
++++ b/net/ipv6/netfilter/nf_socket_ipv6.c
+@@ -99,7 +99,7 @@ struct sock *nf_sk_lookup_slow_v6(struct net *net, const struct sk_buff *skb,
+ {
+ __be16 uninitialized_var(dport), uninitialized_var(sport);
+ const struct in6_addr *daddr = NULL, *saddr = NULL;
+- struct ipv6hdr *iph = ipv6_hdr(skb);
++ struct ipv6hdr *iph = ipv6_hdr(skb), ipv6_var;
+ struct sk_buff *data_skb = NULL;
+ int doff = 0;
+ int thoff = 0, tproto;
+@@ -129,8 +129,6 @@ struct sock *nf_sk_lookup_slow_v6(struct net *net, const struct sk_buff *skb,
+ thoff + sizeof(*hp);
+
+ } else if (tproto == IPPROTO_ICMPV6) {
+- struct ipv6hdr ipv6_var;
+-
+ if (extract_icmp6_fields(skb, thoff, &tproto, &saddr, &daddr,
+ &sport, &dport, &ipv6_var))
+ return NULL;
+--
+2.30.2
+
--- /dev/null
+From ed6238b5f4d43a1b6bf102191093004c6e7bf0ee Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 7 Jun 2021 13:56:20 +0800
+Subject: NTB: Fix an error code in ntb_msit_probe()
+
+From: Yang Li <yang.lee@linux.alibaba.com>
+
+[ Upstream commit 319f83ac98d7afaabab84ce5281a819a358b9895 ]
+
+When the value of nm->isr_ctx is false, the value of ret is 0.
+So, we set ret to -ENOMEM to indicate this error.
+
+Clean up smatch warning:
+drivers/ntb/test/ntb_msi_test.c:373 ntb_msit_probe() warn: missing
+error code 'ret'.
+
+Reported-by: Abaci Robot <abaci@linux.alibaba.com>
+Signed-off-by: Yang Li <yang.lee@linux.alibaba.com>
+Reviewed-by: Logan Gunthorpe <logang@deltatee.com>
+Signed-off-by: Jon Mason <jdmason@kudzu.us>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/ntb/test/ntb_msi_test.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/drivers/ntb/test/ntb_msi_test.c b/drivers/ntb/test/ntb_msi_test.c
+index 99d826ed9c34..662067dc9ce2 100644
+--- a/drivers/ntb/test/ntb_msi_test.c
++++ b/drivers/ntb/test/ntb_msi_test.c
+@@ -372,8 +372,10 @@ static int ntb_msit_probe(struct ntb_client *client, struct ntb_dev *ntb)
+ if (ret)
+ goto remove_dbgfs;
+
+- if (!nm->isr_ctx)
++ if (!nm->isr_ctx) {
++ ret = -ENOMEM;
+ goto remove_dbgfs;
++ }
+
+ ntb_link_enable(ntb, NTB_SPEED_AUTO, NTB_WIDTH_AUTO);
+
+--
+2.30.2
+
--- /dev/null
+From 378ac6fe9ff4264414adceea1ed68082b0669306 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 7 Jun 2021 16:40:36 +0800
+Subject: NTB: perf: Fix an error code in perf_setup_inbuf()
+
+From: Yang Li <yang.lee@linux.alibaba.com>
+
+[ Upstream commit 0097ae5f7af5684f961a5f803ff7ad3e6f933668 ]
+
+When the function IS_ALIGNED() returns false, the value of ret is 0.
+So, we set ret to -EINVAL to indicate this error.
+
+Clean up smatch warning:
+drivers/ntb/test/ntb_perf.c:602 perf_setup_inbuf() warn: missing error
+code 'ret'.
+
+Reported-by: Abaci Robot <abaci@linux.alibaba.com>
+Signed-off-by: Yang Li <yang.lee@linux.alibaba.com>
+Reviewed-by: Serge Semin <fancer.lancer@gmail.com>
+Signed-off-by: Jon Mason <jdmason@kudzu.us>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/ntb/test/ntb_perf.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/drivers/ntb/test/ntb_perf.c b/drivers/ntb/test/ntb_perf.c
+index 5ce4766a6c9e..251fe75798c1 100644
+--- a/drivers/ntb/test/ntb_perf.c
++++ b/drivers/ntb/test/ntb_perf.c
+@@ -597,6 +597,7 @@ static int perf_setup_inbuf(struct perf_peer *peer)
+ return -ENOMEM;
+ }
+ if (!IS_ALIGNED(peer->inbuf_xlat, xlat_align)) {
++ ret = -EINVAL;
+ dev_err(&perf->ntb->dev, "Unaligned inbuf allocated\n");
+ goto err_free_inbuf;
+ }
+--
+2.30.2
+
--- /dev/null
+From 15ee1f5b4c61d3fe28cbe1e06b63d10652f0108d Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 10 Aug 2021 17:54:25 +0530
+Subject: PCI: Add ACS quirks for Cavium multi-function devices
+
+From: George Cherian <george.cherian@marvell.com>
+
+[ Upstream commit 32837d8a8f63eb95dcb9cd005524a27f06478832 ]
+
+Some Cavium endpoints are implemented as multi-function devices without ACS
+capability, but they actually don't support peer-to-peer transactions.
+
+Add ACS quirks to declare DMA isolation for the following devices:
+
+ - BGX device found on Octeon-TX (8xxx)
+ - CGX device found on Octeon-TX2 (9xxx)
+ - RPM device found on Octeon-TX3 (10xxx)
+
+Link: https://lore.kernel.org/r/20210810122425.1115156-1-george.cherian@marvell.com
+Signed-off-by: George Cherian <george.cherian@marvell.com>
+Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/pci/quirks.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c
+index e230a7b5e70a..686298c0f6cd 100644
+--- a/drivers/pci/quirks.c
++++ b/drivers/pci/quirks.c
+@@ -4922,6 +4922,10 @@ static const struct pci_dev_acs_enabled {
+ { 0x10df, 0x720, pci_quirk_mf_endpoint_acs }, /* Emulex Skyhawk-R */
+ /* Cavium ThunderX */
+ { PCI_VENDOR_ID_CAVIUM, PCI_ANY_ID, pci_quirk_cavium_acs },
++ /* Cavium multi-function devices */
++ { PCI_VENDOR_ID_CAVIUM, 0xA026, pci_quirk_mf_endpoint_acs },
++ { PCI_VENDOR_ID_CAVIUM, 0xA059, pci_quirk_mf_endpoint_acs },
++ { PCI_VENDOR_ID_CAVIUM, 0xA060, pci_quirk_mf_endpoint_acs },
+ /* APM X-Gene */
+ { PCI_VENDOR_ID_AMCC, 0xE004, pci_quirk_xgene_acs },
+ /* Ampere Computing */
+--
+2.30.2
+
--- /dev/null
+From c70f02c8b73a3e59c684a032042233f6e2dca425 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Thu, 29 Jul 2021 14:17:47 +0200
+Subject: PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms
+
+From: Wasim Khan <wasim.khan@nxp.com>
+
+[ Upstream commit d08c8b855140e9f5240b3ffd1b8b9d435675e281 ]
+
+Root Ports in NXP LX2xx0 and LX2xx2, where each Root Port is a Root Complex
+with unique segment numbers, do provide isolation features to disable peer
+transactions and validate bus numbers in requests, but do not provide an
+actual PCIe ACS capability.
+
+Add ACS quirks for NXP LX2xx0 A/C/E/N and LX2xx2 A/C/E/N platforms.
+
+ LX2xx0A : without security features + CAN-FD
+ LX2160A (0x8d81) - 16 cores
+ LX2120A (0x8da1) - 12 cores
+ LX2080A (0x8d83) - 8 cores
+
+ LX2xx0C : security features + CAN-FD
+ LX2160C (0x8d80) - 16 cores
+ LX2120C (0x8da0) - 12 cores
+ LX2080C (0x8d82) - 8 cores
+
+ LX2xx0E : security features + CAN
+ LX2160E (0x8d90) - 16 cores
+ LX2120E (0x8db0) - 12 cores
+ LX2080E (0x8d92) - 8 cores
+
+ LX2xx0N : without security features + CAN
+ LX2160N (0x8d91) - 16 cores
+ LX2120N (0x8db1) - 12 cores
+ LX2080N (0x8d93) - 8 cores
+
+ LX2xx2A : without security features + CAN-FD
+ LX2162A (0x8d89) - 16 cores
+ LX2122A (0x8da9) - 12 cores
+ LX2082A (0x8d8b) - 8 cores
+
+ LX2xx2C : security features + CAN-FD
+ LX2162C (0x8d88) - 16 cores
+ LX2122C (0x8da8) - 12 cores
+ LX2082C (0x8d8a) - 8 cores
+
+ LX2xx2E : security features + CAN
+ LX2162E (0x8d98) - 16 cores
+ LX2122E (0x8db8) - 12 cores
+ LX2082E (0x8d9a) - 8 cores
+
+ LX2xx2N : without security features + CAN
+ LX2162N (0x8d99) - 16 cores
+ LX2122N (0x8db9) - 12 cores
+ LX2082N (0x8d9b) - 8 cores
+
+[bhelgaas: put PCI_VENDOR_ID_NXP definition next to PCI_VENDOR_ID_FREESCALE
+as a clue that they share the same Device ID namespace]
+Link: https://lore.kernel.org/r/20210729121747.1823086-1-wasim.khan@oss.nxp.com
+Link: https://lore.kernel.org/r/20210803180021.3252886-1-wasim.khan@oss.nxp.com
+Signed-off-by: Wasim Khan <wasim.khan@nxp.com>
+Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/pci/quirks.c | 45 +++++++++++++++++++++++++++++++++++++++++
+ include/linux/pci_ids.h | 3 ++-
+ 2 files changed, 47 insertions(+), 1 deletion(-)
+
+diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c
+index 34c68a7313db..e230a7b5e70a 100644
+--- a/drivers/pci/quirks.c
++++ b/drivers/pci/quirks.c
+@@ -4684,6 +4684,18 @@ static int pci_quirk_qcom_rp_acs(struct pci_dev *dev, u16 acs_flags)
+ PCI_ACS_SV | PCI_ACS_RR | PCI_ACS_CR | PCI_ACS_UF);
+ }
+
++/*
++ * Each of these NXP Root Ports is in a Root Complex with a unique segment
++ * number and does provide isolation features to disable peer transactions
++ * and validate bus numbers in requests, but does not provide an ACS
++ * capability.
++ */
++static int pci_quirk_nxp_rp_acs(struct pci_dev *dev, u16 acs_flags)
++{
++ return pci_acs_ctrl_enabled(acs_flags,
++ PCI_ACS_SV | PCI_ACS_RR | PCI_ACS_CR | PCI_ACS_UF);
++}
++
+ static int pci_quirk_al_acs(struct pci_dev *dev, u16 acs_flags)
+ {
+ if (pci_pcie_type(dev) != PCI_EXP_TYPE_ROOT_PORT)
+@@ -4930,6 +4942,39 @@ static const struct pci_dev_acs_enabled {
+ { PCI_VENDOR_ID_ZHAOXIN, 0x3038, pci_quirk_mf_endpoint_acs },
+ { PCI_VENDOR_ID_ZHAOXIN, 0x3104, pci_quirk_mf_endpoint_acs },
+ { PCI_VENDOR_ID_ZHAOXIN, 0x9083, pci_quirk_mf_endpoint_acs },
++ /* NXP root ports, xx=16, 12, or 08 cores */
++ /* LX2xx0A : without security features + CAN-FD */
++ { PCI_VENDOR_ID_NXP, 0x8d81, pci_quirk_nxp_rp_acs },
++ { PCI_VENDOR_ID_NXP, 0x8da1, pci_quirk_nxp_rp_acs },
++ { PCI_VENDOR_ID_NXP, 0x8d83, pci_quirk_nxp_rp_acs },
++ /* LX2xx0C : security features + CAN-FD */
++ { PCI_VENDOR_ID_NXP, 0x8d80, pci_quirk_nxp_rp_acs },
++ { PCI_VENDOR_ID_NXP, 0x8da0, pci_quirk_nxp_rp_acs },
++ { PCI_VENDOR_ID_NXP, 0x8d82, pci_quirk_nxp_rp_acs },
++ /* LX2xx0E : security features + CAN */
++ { PCI_VENDOR_ID_NXP, 0x8d90, pci_quirk_nxp_rp_acs },
++ { PCI_VENDOR_ID_NXP, 0x8db0, pci_quirk_nxp_rp_acs },
++ { PCI_VENDOR_ID_NXP, 0x8d92, pci_quirk_nxp_rp_acs },
++ /* LX2xx0N : without security features + CAN */
++ { PCI_VENDOR_ID_NXP, 0x8d91, pci_quirk_nxp_rp_acs },
++ { PCI_VENDOR_ID_NXP, 0x8db1, pci_quirk_nxp_rp_acs },
++ { PCI_VENDOR_ID_NXP, 0x8d93, pci_quirk_nxp_rp_acs },
++ /* LX2xx2A : without security features + CAN-FD */
++ { PCI_VENDOR_ID_NXP, 0x8d89, pci_quirk_nxp_rp_acs },
++ { PCI_VENDOR_ID_NXP, 0x8da9, pci_quirk_nxp_rp_acs },
++ { PCI_VENDOR_ID_NXP, 0x8d8b, pci_quirk_nxp_rp_acs },
++ /* LX2xx2C : security features + CAN-FD */
++ { PCI_VENDOR_ID_NXP, 0x8d88, pci_quirk_nxp_rp_acs },
++ { PCI_VENDOR_ID_NXP, 0x8da8, pci_quirk_nxp_rp_acs },
++ { PCI_VENDOR_ID_NXP, 0x8d8a, pci_quirk_nxp_rp_acs },
++ /* LX2xx2E : security features + CAN */
++ { PCI_VENDOR_ID_NXP, 0x8d98, pci_quirk_nxp_rp_acs },
++ { PCI_VENDOR_ID_NXP, 0x8db8, pci_quirk_nxp_rp_acs },
++ { PCI_VENDOR_ID_NXP, 0x8d9a, pci_quirk_nxp_rp_acs },
++ /* LX2xx2N : without security features + CAN */
++ { PCI_VENDOR_ID_NXP, 0x8d99, pci_quirk_nxp_rp_acs },
++ { PCI_VENDOR_ID_NXP, 0x8db9, pci_quirk_nxp_rp_acs },
++ { PCI_VENDOR_ID_NXP, 0x8d9b, pci_quirk_nxp_rp_acs },
+ /* Zhaoxin Root/Downstream Ports */
+ { PCI_VENDOR_ID_ZHAOXIN, PCI_ANY_ID, pci_quirk_zhaoxin_pcie_ports_acs },
+ { 0 }
+diff --git a/include/linux/pci_ids.h b/include/linux/pci_ids.h
+index 0ad57693f392..42588645478d 100644
+--- a/include/linux/pci_ids.h
++++ b/include/linux/pci_ids.h
+@@ -2476,7 +2476,8 @@
+ #define PCI_VENDOR_ID_TDI 0x192E
+ #define PCI_DEVICE_ID_TDI_EHCI 0x0101
+
+-#define PCI_VENDOR_ID_FREESCALE 0x1957
++#define PCI_VENDOR_ID_FREESCALE 0x1957 /* duplicate: NXP */
++#define PCI_VENDOR_ID_NXP 0x1957 /* duplicate: FREESCALE */
+ #define PCI_DEVICE_ID_MPC8308 0xc006
+ #define PCI_DEVICE_ID_MPC8315E 0x00b4
+ #define PCI_DEVICE_ID_MPC8315 0x00b5
+--
+2.30.2
+
--- /dev/null
+From db50bab909259bc5b79a5f46ae9c21cf485f160f Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Thu, 12 Aug 2021 10:00:04 +0300
+Subject: PCI: Fix pci_dev_str_match_path() alloc while atomic bug
+
+From: Dan Carpenter <dan.carpenter@oracle.com>
+
+[ Upstream commit 7eb6ea4148579b85540a41d57bcec315b8af8ff8 ]
+
+pci_dev_str_match_path() is often called with a spinlock held so the
+allocation has to be atomic. The call tree is:
+
+ pci_specified_resource_alignment() <-- takes spin_lock();
+ pci_dev_str_match()
+ pci_dev_str_match_path()
+
+Fixes: 45db33709ccc ("PCI: Allow specifying devices using a base bus and path of devfns")
+Link: https://lore.kernel.org/r/20210812070004.GC31863@kili
+Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
+Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
+Reviewed-by: Logan Gunthorpe <logang@deltatee.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/pci/pci.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c
+index 91b2733ded17..b9550cd4280c 100644
+--- a/drivers/pci/pci.c
++++ b/drivers/pci/pci.c
+@@ -224,7 +224,7 @@ static int pci_dev_str_match_path(struct pci_dev *dev, const char *path,
+
+ *endptr = strchrnul(path, ';');
+
+- wpath = kmemdup_nul(path, *endptr - path, GFP_KERNEL);
++ wpath = kmemdup_nul(path, *endptr - path, GFP_ATOMIC);
+ if (!wpath)
+ return -ENOMEM;
+
+--
+2.30.2
+
--- /dev/null
+From eb36f693fc7c6801ba58ff0a1fe63cd054f9cd9b Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Wed, 18 Aug 2021 11:57:51 -0500
+Subject: PCI: ibmphp: Fix double unmap of io_mem
+
+From: Vishal Aslot <os.vaslot@gmail.com>
+
+[ Upstream commit faa2e05ad0dccf37f995bcfbb8d1980d66c02c11 ]
+
+ebda_rsrc_controller() calls iounmap(io_mem) on the error path. Its caller,
+ibmphp_access_ebda(), also calls iounmap(io_mem) on good and error paths.
+
+Remove the iounmap(io_mem) invocation from ebda_rsrc_controller().
+
+[bhelgaas: remove item from TODO]
+Link: https://lore.kernel.org/r/20210818165751.591185-1-os.vaslot@gmail.com
+Signed-off-by: Vishal Aslot <os.vaslot@gmail.com>
+Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/pci/hotplug/TODO | 3 ---
+ drivers/pci/hotplug/ibmphp_ebda.c | 5 +----
+ 2 files changed, 1 insertion(+), 7 deletions(-)
+
+diff --git a/drivers/pci/hotplug/TODO b/drivers/pci/hotplug/TODO
+index a32070be5adf..cc6194aa24c1 100644
+--- a/drivers/pci/hotplug/TODO
++++ b/drivers/pci/hotplug/TODO
+@@ -40,9 +40,6 @@ ibmphp:
+
+ * The return value of pci_hp_register() is not checked.
+
+-* iounmap(io_mem) is called in the error path of ebda_rsrc_controller()
+- and once more in the error path of its caller ibmphp_access_ebda().
+-
+ * The various slot data structures are difficult to follow and need to be
+ simplified. A lot of functions are too large and too complex, they need
+ to be broken up into smaller, manageable pieces. Negative examples are
+diff --git a/drivers/pci/hotplug/ibmphp_ebda.c b/drivers/pci/hotplug/ibmphp_ebda.c
+index 11a2661dc062..7fb75401ad8a 100644
+--- a/drivers/pci/hotplug/ibmphp_ebda.c
++++ b/drivers/pci/hotplug/ibmphp_ebda.c
+@@ -714,8 +714,7 @@ static int __init ebda_rsrc_controller(void)
+ /* init hpc structure */
+ hpc_ptr = alloc_ebda_hpc(slot_num, bus_num);
+ if (!hpc_ptr) {
+- rc = -ENOMEM;
+- goto error_no_hpc;
++ return -ENOMEM;
+ }
+ hpc_ptr->ctlr_id = ctlr_id;
+ hpc_ptr->ctlr_relative_id = ctlr;
+@@ -910,8 +909,6 @@ error:
+ kfree(tmp_slot);
+ error_no_slot:
+ free_ebda_hpc(hpc_ptr);
+-error_no_hpc:
+- iounmap(io_mem);
+ return rc;
+ }
+
+--
+2.30.2
+
--- /dev/null
+From 567435a5eb21377627e4cd3c7b6a8d55a01c487d Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 13 Aug 2021 18:36:19 +0300
+Subject: PCI: Sync __pci_register_driver() stub for CONFIG_PCI=n
+
+From: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
+
+[ Upstream commit 817f9916a6e96ae43acdd4e75459ef4f92d96eb1 ]
+
+The CONFIG_PCI=y case got a new parameter long time ago. Sync the stub as
+well.
+
+[bhelgaas: add parameter names]
+Fixes: 725522b5453d ("PCI: add the sysfs driver name to all modules")
+Link: https://lore.kernel.org/r/20210813153619.89574-1-andriy.shevchenko@linux.intel.com
+Reported-by: kernel test robot <lkp@intel.com>
+Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
+Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ include/linux/pci.h | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/include/linux/pci.h b/include/linux/pci.h
+index 6a6a819c5b49..9a937f8b2783 100644
+--- a/include/linux/pci.h
++++ b/include/linux/pci.h
+@@ -1688,8 +1688,9 @@ static inline int pci_enable_device(struct pci_dev *dev) { return -EIO; }
+ static inline void pci_disable_device(struct pci_dev *dev) { }
+ static inline int pci_assign_resource(struct pci_dev *dev, int i)
+ { return -EBUSY; }
+-static inline int __pci_register_driver(struct pci_driver *drv,
+- struct module *owner)
++static inline int __must_check __pci_register_driver(struct pci_driver *drv,
++ struct module *owner,
++ const char *mod_name)
+ { return 0; }
+ static inline int pci_register_driver(struct pci_driver *drv)
+ { return 0; }
+--
+2.30.2
+
--- /dev/null
+From 89a75b260522b25d5fe61c9c90545fc2af93cf8c Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 23 Aug 2021 21:43:40 +0800
+Subject: perf unwind: Do not overwrite
+ FEATURE_CHECK_LDFLAGS-libunwind-{x86,aarch64}
+
+From: Li Huafei <lihuafei1@huawei.com>
+
+[ Upstream commit cdf32b44678c382a31dc183d9a767306915cda7b ]
+
+When setting LIBUNWIND_DIR, we first set
+
+ FEATURE_CHECK_LDFLAGS-libunwind-{aarch64,x86} = -L$(LIBUNWIND_DIR)/lib.
+
+<committer note>
+This happens a bit before, the overwritting, in:
+
+ libunwind_arch_set_flags = $(eval $(libunwind_arch_set_flags_code))
+ define libunwind_arch_set_flags_code
+ FEATURE_CHECK_CFLAGS-libunwind-$(1) = -I$(LIBUNWIND_DIR)/include
+ FEATURE_CHECK_LDFLAGS-libunwind-$(1) = -L$(LIBUNWIND_DIR)/lib
+ endef
+
+ ifdef LIBUNWIND_DIR
+ LIBUNWIND_CFLAGS = -I$(LIBUNWIND_DIR)/include
+ LIBUNWIND_LDFLAGS = -L$(LIBUNWIND_DIR)/lib
+ LIBUNWIND_ARCHS = x86 x86_64 arm aarch64 debug-frame-arm debug-frame-aarch64
+ $(foreach libunwind_arch,$(LIBUNWIND_ARCHS),$(call libunwind_arch_set_flags,$(libunwind_arch)))
+ endif
+
+Look at that 'foreach' on all the LIBUNWIND_ARCHS.
+</>
+
+After commit 5c4d7c82c0dc ("perf unwind: Do not put libunwind-{x86,aarch64}
+in FEATURE_TESTS_BASIC"), FEATURE_CHECK_LDFLAGS-libunwind-{x86,aarch64} is
+overwritten. As a result, the remote libunwind libraries cannot be searched
+from $(LIBUNWIND_DIR)/lib directory during feature check tests. Fix it with
+variable appending.
+
+Before this patch:
+
+ perf$ make VF=1 LIBUNWIND_DIR=/opt/libunwind_aarch64
+ BUILD: Doing 'make -j16' parallel build
+ <SNIP>
+ ...
+ ... libopencsd: [ OFF ]
+ ... libunwind-x86: [ OFF ]
+ ... libunwind-x86_64: [ OFF ]
+ ... libunwind-arm: [ OFF ]
+ ... libunwind-aarch64: [ OFF ]
+ ... libunwind-debug-frame: [ OFF ]
+ ... libunwind-debug-frame-arm: [ OFF ]
+ ... libunwind-debug-frame-aarch64: [ OFF ]
+ ... cxx: [ OFF ]
+ <SNIP>
+
+ perf$ cat ../build/feature/test-libunwind-aarch64.make.output
+ /usr/bin/ld: cannot find -lunwind-aarch64
+ /usr/bin/ld: cannot find -lunwind-aarch64
+ collect2: error: ld returned 1 exit status
+
+After this patch:
+
+ perf$ make VF=1 LIBUNWIND_DIR=/opt/libunwind_aarch64
+ BUILD: Doing 'make -j16' parallel build
+ <SNIP>
+ ... libopencsd: [ OFF ]
+ ... libunwind-x86: [ OFF ]
+ ... libunwind-x86_64: [ OFF ]
+ ... libunwind-arm: [ OFF ]
+ ... libunwind-aarch64: [ on ]
+ ... libunwind-debug-frame: [ OFF ]
+ ... libunwind-debug-frame-arm: [ OFF ]
+ ... libunwind-debug-frame-aarch64: [ OFF ]
+ ... cxx: [ OFF ]
+ <SNIP>
+
+ perf$ cat ../build/feature/test-libunwind-aarch64.make.output
+
+ perf$ ldd ./perf
+ linux-vdso.so.1 (0x00007ffdf07da000)
+ libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f30953dc000)
+ librt.so.1 => /lib/x86_64-linux-gnu/librt.so.1 (0x00007f30951d4000)
+ libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f3094e36000)
+ libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f3094c32000)
+ libelf.so.1 => /usr/lib/x86_64-linux-gnu/libelf.so.1 (0x00007f3094a18000)
+ libdw.so.1 => /usr/lib/x86_64-linux-gnu/libdw.so.1 (0x00007f30947cc000)
+ libunwind-x86_64.so.8 => /usr/lib/x86_64-linux-gnu/libunwind-x86_64.so.8 (0x00007f30945ad000)
+ libunwind.so.8 => /usr/lib/x86_64-linux-gnu/libunwind.so.8 (0x00007f3094392000)
+ liblzma.so.5 => /lib/x86_64-linux-gnu/liblzma.so.5 (0x00007f309416c000)
+ libunwind-aarch64.so.8 => not found
+ libslang.so.2 => /lib/x86_64-linux-gnu/libslang.so.2 (0x00007f3093c8a000)
+ libpython2.7.so.1.0 => /usr/local/lib/libpython2.7.so.1.0 (0x00007f309386b000)
+ libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f309364e000)
+ libnuma.so.1 => /usr/lib/x86_64-linux-gnu/libnuma.so.1 (0x00007f3093443000)
+ libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f3093052000)
+ /lib64/ld-linux-x86-64.so.2 (0x00007f3096097000)
+ libbz2.so.1.0 => /lib/x86_64-linux-gnu/libbz2.so.1.0 (0x00007f3092e42000)
+ libutil.so.1 => /lib/x86_64-linux-gnu/libutil.so.1 (0x00007f3092c3f000)
+
+Fixes: 5c4d7c82c0dceccf ("perf unwind: Do not put libunwind-{x86,aarch64} in FEATURE_TESTS_BASIC")
+Signed-off-by: Li Huafei <lihuafei1@huawei.com>
+Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
+Cc: He Kuang <hekuang@huawei.com>
+Cc: Jiri Olsa <jolsa@redhat.com>
+Cc: Mark Rutland <mark.rutland@arm.com>
+Cc: Namhyung Kim <namhyung@kernel.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Cc: Zhang Jinhao <zhangjinhao2@huawei.com>
+Link: http://lore.kernel.org/lkml/20210823134340.60955-1-lihuafei1@huawei.com
+Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ tools/perf/Makefile.config | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/tools/perf/Makefile.config b/tools/perf/Makefile.config
+index 9832affd5d54..c75c9b03d6e7 100644
+--- a/tools/perf/Makefile.config
++++ b/tools/perf/Makefile.config
+@@ -118,10 +118,10 @@ FEATURE_CHECK_LDFLAGS-libunwind = $(LIBUNWIND_LDFLAGS) $(LIBUNWIND_LIBS)
+ FEATURE_CHECK_CFLAGS-libunwind-debug-frame = $(LIBUNWIND_CFLAGS)
+ FEATURE_CHECK_LDFLAGS-libunwind-debug-frame = $(LIBUNWIND_LDFLAGS) $(LIBUNWIND_LIBS)
+
+-FEATURE_CHECK_LDFLAGS-libunwind-arm = -lunwind -lunwind-arm
+-FEATURE_CHECK_LDFLAGS-libunwind-aarch64 = -lunwind -lunwind-aarch64
+-FEATURE_CHECK_LDFLAGS-libunwind-x86 = -lunwind -llzma -lunwind-x86
+-FEATURE_CHECK_LDFLAGS-libunwind-x86_64 = -lunwind -llzma -lunwind-x86_64
++FEATURE_CHECK_LDFLAGS-libunwind-arm += -lunwind -lunwind-arm
++FEATURE_CHECK_LDFLAGS-libunwind-aarch64 += -lunwind -lunwind-aarch64
++FEATURE_CHECK_LDFLAGS-libunwind-x86 += -lunwind -llzma -lunwind-x86
++FEATURE_CHECK_LDFLAGS-libunwind-x86_64 += -lunwind -llzma -lunwind-x86_64
+
+ FEATURE_CHECK_LDFLAGS-libcrypto = -lcrypto
+
+--
+2.30.2
+
--- /dev/null
+From b196e1b585990b0fddd7745b9eb79243245eff0f Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 3 Sep 2021 15:35:43 +0800
+Subject: qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom
+
+From: Dinghao Liu <dinghao.liu@zju.edu.cn>
+
+[ Upstream commit 9ddbc2a00d7f63fa9748f4278643193dac985f2d ]
+
+Previous commit 68233c583ab4 removes the qlcnic_rom_lock()
+in qlcnic_pinit_from_rom(), but remains its corresponding
+unlock function, which is odd. I'm not very sure whether the
+lock is missing, or the unlock is redundant. This bug is
+suggested by a static analysis tool, please advise.
+
+Fixes: 68233c583ab4 ("qlcnic: updated reset sequence")
+Signed-off-by: Dinghao Liu <dinghao.liu@zju.edu.cn>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/net/ethernet/qlogic/qlcnic/qlcnic_init.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/drivers/net/ethernet/qlogic/qlcnic/qlcnic_init.c b/drivers/net/ethernet/qlogic/qlcnic/qlcnic_init.c
+index c48a0e2d4d7e..6a009d51ec51 100644
+--- a/drivers/net/ethernet/qlogic/qlcnic/qlcnic_init.c
++++ b/drivers/net/ethernet/qlogic/qlcnic/qlcnic_init.c
+@@ -440,7 +440,6 @@ int qlcnic_pinit_from_rom(struct qlcnic_adapter *adapter)
+ QLCWR32(adapter, QLCNIC_CRB_PEG_NET_4 + 0x3c, 1);
+ msleep(20);
+
+- qlcnic_rom_unlock(adapter);
+ /* big hammer don't reset CAM block on reset */
+ QLCWR32(adapter, QLCNIC_ROMUSB_GLB_SW_RESET, 0xfeffffff);
+
+--
+2.30.2
+
net-hns3-disable-mac-in-flr-process.patch
net-hns3-fix-the-timing-issue-of-vf-clearing-interrupt-sources.patch
mm-memory_hotplug-use-unsigned-long-for-pfn-in-zone_for_pfn_range.patch
+dt-bindings-mtd-gpmc-fix-the-ecc-bytes-vs.-oob-bytes.patch
+mfd-db8500-prcmu-adjust-map-to-reality.patch
+pci-add-acs-quirks-for-nxp-lx2xx0-and-lx2xx2-platfor.patch
+fuse-fix-use-after-free-in-fuse_read_interrupt.patch
+mfd-don-t-use-irq_create_mapping-to-resolve-a-mappin.patch
+tracing-probes-reject-events-which-have-the-same-nam.patch
+pci-add-acs-quirks-for-cavium-multi-function-devices.patch
+set-fc_nlinfo-in-nh_create_ipv4-nh_create_ipv6.patch
+net-usb-cdc_mbim-avoid-altsetting-toggling-for-telit.patch
+block-bfq-honor-already-setup-queue-merges.patch
+pci-ibmphp-fix-double-unmap-of-io_mem.patch
+ethtool-fix-an-error-code-in-cxgb2.c.patch
+ntb-fix-an-error-code-in-ntb_msit_probe.patch
+ntb-perf-fix-an-error-code-in-perf_setup_inbuf.patch
+mfd-axp20x-update-axp288-volatile-ranges.patch
+pci-fix-pci_dev_str_match_path-alloc-while-atomic-bu.patch
+mfd-tqmx86-clear-gpio-irq-resource-when-no-irq-is-se.patch
+kvm-arm64-handle-psci-resets-before-userspace-touche.patch
+pci-sync-__pci_register_driver-stub-for-config_pci-n.patch
+mtd-rawnand-cafe-fix-a-resource-leak-in-the-error-ha.patch
+arc-export-clear_user_page-for-modules.patch
+perf-unwind-do-not-overwrite-feature_check_ldflags-l.patch
+net-dsa-b53-fix-calculating-number-of-switch-ports.patch
+netfilter-socket-icmp6-fix-use-after-scope.patch
+fq_codel-reject-silly-quantum-parameters.patch
+qlcnic-remove-redundant-unlock-in-qlcnic_pinit_from_.patch
+ip_gre-validate-csum_start-only-on-pull.patch
+net-renesas-sh_eth-fix-freeing-wrong-tx-descriptor.patch
--- /dev/null
+From 2e72a518699eb1d4072e16a49776c49bdba70b4b Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Thu, 2 Sep 2021 05:20:14 +0000
+Subject: Set fc_nlinfo in nh_create_ipv4, nh_create_ipv6
+
+From: Ryoga Saito <contact@proelbtn.com>
+
+[ Upstream commit 9aca491e0dccf8a9d84a5b478e5eee3c6ea7803b ]
+
+This patch fixes kernel NULL pointer dereference when creating nexthop
+which is bound with SRv6 decapsulation. In the creation of nexthop,
+__seg6_end_dt_vrf_build is called. __seg6_end_dt_vrf_build expects
+fc_lninfo in fib6_config is set correctly, but it isn't set in
+nh_create_ipv6, which causes kernel crash.
+
+Here is steps to reproduce kernel crash:
+
+1. modprobe vrf
+2. ip -6 nexthop add encap seg6local action End.DT4 vrftable 1 dev eth0
+
+We got the following message:
+
+[ 901.370336] BUG: kernel NULL pointer dereference, address: 0000000000000ba0
+[ 901.371658] #PF: supervisor read access in kernel mode
+[ 901.372672] #PF: error_code(0x0000) - not-present page
+[ 901.373672] PGD 0 P4D 0
+[ 901.374248] Oops: 0000 [#1] SMP PTI
+[ 901.374944] CPU: 0 PID: 8593 Comm: ip Not tainted 5.14-051400-generic #202108310811-Ubuntu
+[ 901.376404] Hardware name: Red Hat KVM, BIOS 1.11.1-4.module_el8.2.0+320+13f867d7 04/01/2014
+[ 901.377907] RIP: 0010:vrf_ifindex_lookup_by_table_id+0x19/0x90 [vrf]
+[ 901.379182] Code: c1 e9 72 ff ff ff e8 96 49 01 c2 66 0f 1f 44 00 00 0f 1f 44 00 00 55 48 89 e5 41 56 41 55 41 89 f5 41 54 53 8b 05 47 4c 00 00 <48> 8b 97 a0 0b 00 00 48 8b 1c c2 e8 57 27 53 c1 4c 8d a3 88 00 00
+[ 901.382652] RSP: 0018:ffffbf2d02043590 EFLAGS: 00010282
+[ 901.383746] RAX: 000000000000000b RBX: ffff990808255e70 RCX: ffffbf2d02043aa8
+[ 901.385436] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000000
+[ 901.386924] RBP: ffffbf2d020435b0 R08: 00000000000000c0 R09: ffff990808255e40
+[ 901.388537] R10: ffffffff83b08c90 R11: 0000000000000009 R12: 0000000000000000
+[ 901.389937] R13: 0000000000000001 R14: 0000000000000000 R15: 000000000000000b
+[ 901.391226] FS: 00007fe49381f740(0000) GS:ffff99087dc00000(0000) knlGS:0000000000000000
+[ 901.392737] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+[ 901.393803] CR2: 0000000000000ba0 CR3: 000000000e3e8003 CR4: 0000000000770ef0
+[ 901.395122] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
+[ 901.396496] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
+[ 901.397833] PKRU: 55555554
+[ 901.398578] Call Trace:
+[ 901.399144] l3mdev_ifindex_lookup_by_table_id+0x3b/0x70
+[ 901.400179] __seg6_end_dt_vrf_build+0x34/0xd0
+[ 901.401067] seg6_end_dt4_build+0x16/0x20
+[ 901.401904] seg6_local_build_state+0x271/0x430
+[ 901.402797] lwtunnel_build_state+0x81/0x130
+[ 901.403645] fib_nh_common_init+0x82/0x100
+[ 901.404465] ? sock_def_readable+0x4b/0x80
+[ 901.405285] fib6_nh_init+0x115/0x7c0
+[ 901.406033] nh_create_ipv6.isra.0+0xe1/0x140
+[ 901.406932] rtm_new_nexthop+0x3b7/0xeb0
+[ 901.407828] rtnetlink_rcv_msg+0x152/0x3a0
+[ 901.408663] ? rtnl_calcit.isra.0+0x130/0x130
+[ 901.409535] netlink_rcv_skb+0x55/0x100
+[ 901.410319] rtnetlink_rcv+0x15/0x20
+[ 901.411026] netlink_unicast+0x1a8/0x250
+[ 901.411813] netlink_sendmsg+0x238/0x470
+[ 901.412602] ? _copy_from_user+0x2b/0x60
+[ 901.413394] sock_sendmsg+0x65/0x70
+[ 901.414112] ____sys_sendmsg+0x218/0x290
+[ 901.414929] ? copy_msghdr_from_user+0x5c/0x90
+[ 901.415814] ___sys_sendmsg+0x81/0xc0
+[ 901.416559] ? fsnotify_destroy_marks+0x27/0xf0
+[ 901.417447] ? call_rcu+0xa4/0x230
+[ 901.418153] ? kmem_cache_free+0x23f/0x410
+[ 901.418972] ? dentry_free+0x37/0x70
+[ 901.419705] ? mntput_no_expire+0x4c/0x260
+[ 901.420574] __sys_sendmsg+0x62/0xb0
+[ 901.421297] __x64_sys_sendmsg+0x1f/0x30
+[ 901.422057] do_syscall_64+0x5c/0xc0
+[ 901.422756] ? syscall_exit_to_user_mode+0x27/0x50
+[ 901.423675] ? __x64_sys_close+0x12/0x40
+[ 901.424462] ? do_syscall_64+0x69/0xc0
+[ 901.425219] ? irqentry_exit_to_user_mode+0x9/0x20
+[ 901.426149] ? irqentry_exit+0x19/0x30
+[ 901.426901] ? exc_page_fault+0x89/0x160
+[ 901.427709] ? asm_exc_page_fault+0x8/0x30
+[ 901.428536] entry_SYSCALL_64_after_hwframe+0x44/0xae
+[ 901.429514] RIP: 0033:0x7fe493945747
+[ 901.430248] Code: 64 89 02 48 c7 c0 ff ff ff ff eb bb 0f 1f 80 00 00 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10
+[ 901.433549] RSP: 002b:00007ffe9932cf68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
+[ 901.434981] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe493945747
+[ 901.436303] RDX: 0000000000000000 RSI: 00007ffe9932cfe0 RDI: 0000000000000003
+[ 901.437607] RBP: 00000000613053f7 R08: 0000000000000001 R09: 00007ffe9932d07c
+[ 901.438990] R10: 000055f4a903a010 R11: 0000000000000246 R12: 0000000000000001
+[ 901.440340] R13: 0000000000000001 R14: 000055f4a802b163 R15: 000055f4a8042020
+[ 901.441630] Modules linked in: vrf nls_utf8 isofs nls_iso8859_1 dm_multipath scsi_dh_rdac scsi_dh_emc scsi_dh_alua intel_rapl_msr intel_rapl_common isst_if_mbox_msr isst_if_common nfit rapl input_leds joydev serio_raw qemu_fw_cfg mac_hid sch_fq_codel drm virtio_rng ip_tables x_tables autofs4 btrfs blake2b_generic zstd_compress raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel crypto_simd virtio_net net_failover cryptd psmouse virtio_blk failover i2c_piix4 pata_acpi floppy
+[ 901.450808] CR2: 0000000000000ba0
+[ 901.451514] ---[ end trace c27b934b99ade304 ]---
+[ 901.452403] RIP: 0010:vrf_ifindex_lookup_by_table_id+0x19/0x90 [vrf]
+[ 901.453626] Code: c1 e9 72 ff ff ff e8 96 49 01 c2 66 0f 1f 44 00 00 0f 1f 44 00 00 55 48 89 e5 41 56 41 55 41 89 f5 41 54 53 8b 05 47 4c 00 00 <48> 8b 97 a0 0b 00 00 48 8b 1c c2 e8 57 27 53 c1 4c 8d a3 88 00 00
+[ 901.456910] RSP: 0018:ffffbf2d02043590 EFLAGS: 00010282
+[ 901.457912] RAX: 000000000000000b RBX: ffff990808255e70 RCX: ffffbf2d02043aa8
+[ 901.459238] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000000
+[ 901.460552] RBP: ffffbf2d020435b0 R08: 00000000000000c0 R09: ffff990808255e40
+[ 901.461882] R10: ffffffff83b08c90 R11: 0000000000000009 R12: 0000000000000000
+[ 901.463208] R13: 0000000000000001 R14: 0000000000000000 R15: 000000000000000b
+[ 901.464529] FS: 00007fe49381f740(0000) GS:ffff99087dc00000(0000) knlGS:0000000000000000
+[ 901.466058] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+[ 901.467189] CR2: 0000000000000ba0 CR3: 000000000e3e8003 CR4: 0000000000770ef0
+[ 901.468515] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
+[ 901.469858] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
+[ 901.471139] PKRU: 55555554
+
+Signed-off-by: Ryoga Saito <contact@proelbtn.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ net/ipv4/nexthop.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/net/ipv4/nexthop.c b/net/ipv4/nexthop.c
+index f5f4369c131c..858bb10d8341 100644
+--- a/net/ipv4/nexthop.c
++++ b/net/ipv4/nexthop.c
+@@ -1183,6 +1183,7 @@ static int nh_create_ipv4(struct net *net, struct nexthop *nh,
+ .fc_gw4 = cfg->gw.ipv4,
+ .fc_gw_family = cfg->gw.ipv4 ? AF_INET : 0,
+ .fc_flags = cfg->nh_flags,
++ .fc_nlinfo = cfg->nlinfo,
+ .fc_encap = cfg->nh_encap,
+ .fc_encap_type = cfg->nh_encap_type,
+ };
+@@ -1218,6 +1219,7 @@ static int nh_create_ipv6(struct net *net, struct nexthop *nh,
+ .fc_ifindex = cfg->nh_ifindex,
+ .fc_gateway = cfg->gw.ipv6,
+ .fc_flags = cfg->nh_flags,
++ .fc_nlinfo = cfg->nlinfo,
+ .fc_encap = cfg->nh_encap,
+ .fc_encap_type = cfg->nh_encap_type,
+ };
+--
+2.30.2
+
--- /dev/null
+From a2b2a7a010dbee4bd8e18577cd734bb8ec3f2c14 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Thu, 19 Aug 2021 19:26:02 +0900
+Subject: tracing/probes: Reject events which have the same name of existing
+ one
+
+From: Masami Hiramatsu <mhiramat@kernel.org>
+
+[ Upstream commit 8e242060c6a4947e8ae7d29794af6a581db08841 ]
+
+Since kprobe_events and uprobe_events only check whether the
+other same-type probe event has the same name or not, if the
+user gives the same name of the existing tracepoint event (or
+the other type of probe events), it silently fails to create
+the tracefs entry (but registered.) as below.
+
+/sys/kernel/tracing # ls events/task/task_rename
+enable filter format hist id trigger
+/sys/kernel/tracing # echo p:task/task_rename vfs_read >> kprobe_events
+[ 113.048508] Could not create tracefs 'task_rename' directory
+/sys/kernel/tracing # cat kprobe_events
+p:task/task_rename vfs_read
+
+To fix this issue, check whether the existing events have the
+same name or not in trace_probe_register_event_call(). If exists,
+it rejects to register the new event.
+
+Link: https://lkml.kernel.org/r/162936876189.187130.17558311387542061930.stgit@devnote2
+
+Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
+Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ kernel/trace/trace_kprobe.c | 6 +++++-
+ kernel/trace/trace_probe.c | 25 +++++++++++++++++++++++++
+ kernel/trace/trace_probe.h | 1 +
+ kernel/trace/trace_uprobe.c | 6 +++++-
+ 4 files changed, 36 insertions(+), 2 deletions(-)
+
+diff --git a/kernel/trace/trace_kprobe.c b/kernel/trace/trace_kprobe.c
+index 233322c77b76..5de084dab4fa 100644
+--- a/kernel/trace/trace_kprobe.c
++++ b/kernel/trace/trace_kprobe.c
+@@ -646,7 +646,11 @@ static int register_trace_kprobe(struct trace_kprobe *tk)
+ /* Register new event */
+ ret = register_kprobe_event(tk);
+ if (ret) {
+- pr_warn("Failed to register probe event(%d)\n", ret);
++ if (ret == -EEXIST) {
++ trace_probe_log_set_index(0);
++ trace_probe_log_err(0, EVENT_EXIST);
++ } else
++ pr_warn("Failed to register probe event(%d)\n", ret);
+ goto end;
+ }
+
+diff --git a/kernel/trace/trace_probe.c b/kernel/trace/trace_probe.c
+index f98d6d94cbbf..23e85cb15134 100644
+--- a/kernel/trace/trace_probe.c
++++ b/kernel/trace/trace_probe.c
+@@ -1029,11 +1029,36 @@ error:
+ return ret;
+ }
+
++static struct trace_event_call *
++find_trace_event_call(const char *system, const char *event_name)
++{
++ struct trace_event_call *tp_event;
++ const char *name;
++
++ list_for_each_entry(tp_event, &ftrace_events, list) {
++ if (!tp_event->class->system ||
++ strcmp(system, tp_event->class->system))
++ continue;
++ name = trace_event_name(tp_event);
++ if (!name || strcmp(event_name, name))
++ continue;
++ return tp_event;
++ }
++
++ return NULL;
++}
++
+ int trace_probe_register_event_call(struct trace_probe *tp)
+ {
+ struct trace_event_call *call = trace_probe_event_call(tp);
+ int ret;
+
++ lockdep_assert_held(&event_mutex);
++
++ if (find_trace_event_call(trace_probe_group_name(tp),
++ trace_probe_name(tp)))
++ return -EEXIST;
++
+ ret = register_trace_event(&call->event);
+ if (!ret)
+ return -ENODEV;
+diff --git a/kernel/trace/trace_probe.h b/kernel/trace/trace_probe.h
+index a0ff9e200ef6..bab9e0dba9af 100644
+--- a/kernel/trace/trace_probe.h
++++ b/kernel/trace/trace_probe.h
+@@ -410,6 +410,7 @@ extern int traceprobe_define_arg_fields(struct trace_event_call *event_call,
+ C(NO_EVENT_NAME, "Event name is not specified"), \
+ C(EVENT_TOO_LONG, "Event name is too long"), \
+ C(BAD_EVENT_NAME, "Event name must follow the same rules as C identifiers"), \
++ C(EVENT_EXIST, "Given group/event name is already used by another event"), \
+ C(RETVAL_ON_PROBE, "$retval is not available on probe"), \
+ C(BAD_STACK_NUM, "Invalid stack number"), \
+ C(BAD_ARG_NUM, "Invalid argument number"), \
+diff --git a/kernel/trace/trace_uprobe.c b/kernel/trace/trace_uprobe.c
+index 5294843de6ef..b515db036bec 100644
+--- a/kernel/trace/trace_uprobe.c
++++ b/kernel/trace/trace_uprobe.c
+@@ -514,7 +514,11 @@ static int register_trace_uprobe(struct trace_uprobe *tu)
+
+ ret = register_uprobe_event(tu);
+ if (ret) {
+- pr_warn("Failed to register probe event(%d)\n", ret);
++ if (ret == -EEXIST) {
++ trace_probe_log_set_index(0);
++ trace_probe_log_err(0, EVENT_EXIST);
++ } else
++ pr_warn("Failed to register probe event(%d)\n", ret);
+ goto end;
+ }
+
+--
+2.30.2
+
projects / thirdparty / kernel / stable-queue.git / commitdiff
