--- /dev/null
+From b4dfd8e92956b396d3438212bc9a0be6267b8b34 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= <zajec5@gmail.com>
+Date: Tue, 12 Apr 2016 13:30:45 +0200
+Subject: bgmac: reset & enable Ethernet core before using it
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Rafał Miłecki <zajec5@gmail.com>
+
+commit b4dfd8e92956b396d3438212bc9a0be6267b8b34 upstream.
+
+This fixes Ethernet on D-Link DIR-885L with BCM47094 SoC. Felix reported
+similar fix was needed for his BCM4709 device (Buffalo WXR-1900DHP?).
+I tested this for regressions on BCM4706, BCM4708A0 and BCM47081A0.
+
+Cc: Felix Fietkau <nbd@openwrt.org>
+Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/net/ethernet/broadcom/bgmac.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+--- a/drivers/net/ethernet/broadcom/bgmac.c
++++ b/drivers/net/ethernet/broadcom/bgmac.c
+@@ -1583,6 +1583,11 @@ static int bgmac_probe(struct bcma_devic
+ dev_warn(&core->dev, "Using random MAC: %pM\n", mac);
+ }
+
++ /* This (reset &) enable is not preset in specs or reference driver but
++ * Broadcom does it in arch PCI code when enabling fake PCI device.
++ */
++ bcma_core_enable(core, 0);
++
+ /* Allocation and references */
+ net_dev = alloc_etherdev(sizeof(*bgmac));
+ if (!net_dev)
--- /dev/null
+From vbabka@suse.cz Fri Jul 7 11:06:31 2017
+From: Vlastimil Babka <vbabka@suse.cz>
+Date: Tue, 4 Jul 2017 10:45:43 +0200
+Subject: mm: fix classzone_idx underflow in shrink_zones()
+To: stable <stable@vger.kernel.org>
+Cc: Johannes Weiner <hannes@cmpxchg.org>, Minchan Kim <minchan@kernel.org>, Michal Hocko <mhocko@kernel.org>, linux-mm <linux-mm@kvack.org>, LKML <linux-kernel@vger.kernel.org>, Mel Gorman <mgorman@techsingularity.net>
+Message-ID: <cf25f1a5-5276-90ea-1eac-f2a2aceffaef@suse.cz>
+
+From: Vlastimil Babka <vbabka@suse.cz>
+
+[Not upstream as that would take 34+ patches]
+
+We've got reported a BUG in do_try_to_free_pages():
+
+BUG: unable to handle kernel paging request at ffff8ffffff28990
+IP: [<ffffffff8119abe0>] do_try_to_free_pages+0x140/0x490
+PGD 0
+Oops: 0000 [#1] SMP
+megaraid_sas sg scsi_mod efivarfs autofs4
+Supported: No, Unsupported modules are loaded
+Workqueue: kacpi_hotplug acpi_hotplug_work_fn
+task: ffff88ffd0d4c540 ti: ffff88ffd0e48000 task.ti: ffff88ffd0e48000
+RIP: 0010:[<ffffffff8119abe0>] [<ffffffff8119abe0>] do_try_to_free_pages+0x140/0x490
+RSP: 0018:ffff88ffd0e4ba60 EFLAGS: 00010206
+RAX: 000006fffffff900 RBX: 00000000ffffffff RCX: ffff88fffff29000
+RDX: 000000ffffffff00 RSI: 0000000000000003 RDI: 00000000024200c8
+RBP: 0000000001320122 R08: 0000000000000000 R09: ffff88ffd0e4bbac
+R10: 0000000000000000 R11: 0000000000000000 R12: ffff88ffd0e4bae0
+R13: 0000000000000e00 R14: ffff88fffff2a500 R15: ffff88fffff2b300
+FS: 0000000000000000(0000) GS:ffff88ffe6440000(0000) knlGS:0000000000000000
+CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+CR2: ffff8ffffff28990 CR3: 0000000001c0a000 CR4: 00000000003406e0
+DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
+DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
+Stack:
+ 00000002db570a80 024200c80000001e ffff88fffff2b300 0000000000000000
+ ffff88fffffd5700 ffff88ffd0d4c540 ffff88ffd0d4c540 ffffffff0000000c
+ 0000000000000000 0000000000000040 00000000024200c8 ffff88ffd0e4bae0
+Call Trace:
+ [<ffffffff8119afea>] try_to_free_pages+0xba/0x170
+ [<ffffffff8118cf2f>] __alloc_pages_nodemask+0x53f/0xb20
+ [<ffffffff811d39ff>] alloc_pages_current+0x7f/0x100
+ [<ffffffff811e2232>] migrate_pages+0x202/0x710
+ [<ffffffff815dadaa>] __offline_pages.constprop.23+0x4ba/0x790
+ [<ffffffff81463263>] memory_subsys_offline+0x43/0x70
+ [<ffffffff8144cbed>] device_offline+0x7d/0xa0
+ [<ffffffff81392fa2>] acpi_bus_offline+0xa5/0xef
+ [<ffffffff81394a77>] acpi_device_hotplug+0x21b/0x41f
+ [<ffffffff8138dab7>] acpi_hotplug_work_fn+0x1a/0x23
+ [<ffffffff81093cee>] process_one_work+0x14e/0x410
+ [<ffffffff81094546>] worker_thread+0x116/0x490
+ [<ffffffff810999ed>] kthread+0xbd/0xe0
+ [<ffffffff815e4e7f>] ret_from_fork+0x3f/0x70
+
+This translates to the loop in shrink_zone():
+
+classzone_idx = requested_highidx;
+while (!populated_zone(zone->zone_pgdat->node_zones +
+ classzone_idx))
+ classzone_idx--;
+
+where no zone is populated, so classzone_idx becomes -1 (in RBX).
+
+Added debugging output reveals that we enter the function with
+sc->gfp_mask == GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL|__GFP_MOVABLE
+requested_highidx = gfp_zone(sc->gfp_mask) == 2 (ZONE_NORMAL)
+
+Inside the for loop, however:
+gfp_zone(sc->gfp_mask) == 3 (ZONE_MOVABLE)
+
+This means we have gone through this branch:
+
+if (buffer_heads_over_limit)
+ sc->gfp_mask |= __GFP_HIGHMEM;
+
+This changes the gfp_zone() result, but requested_highidx remains unchanged.
+On nodes where the only populated zone is movable, the inner while loop will
+check only lower zones, which are not populated, and underflow classzone_idx.
+
+To sum up, the bug occurs in configurations with ZONE_MOVABLE (such as when
+booted with the movable_node parameter) and only in situations when
+buffer_heads_over_limit is true, and there's an allocation with __GFP_MOVABLE
+and without __GFP_HIGHMEM performing direct reclaim.
+
+This patch makes sure that classzone_idx starts with the correct zone.
+
+Mainline has been affected in versions 4.6 and 4.7, but the culprit commit has
+been also included in stable trees.
+In mainline, this has been fixed accidentally as part of 34-patch series (plus
+follow-up fixes) "Move LRU page reclaim from zones to nodes", which makes the
+mainline commit unsuitable for stable backport, unfortunately.
+
+Fixes: 7bf52fb891b6 ("mm: vmscan: reclaim highmem zone if buffer_heads is over limit")
+Obsoleted-by: b2e18757f2c9 ("mm, vmscan: begin reclaiming pages on a per-node basis")
+Debugged-by: Michal Hocko <mhocko@suse.cz>
+Signed-off-by: Vlastimil Babka <vbabka@suse.cz>
+Cc: Minchan Kim <minchan@kernel.org>
+Cc: Johannes Weiner <hannes@cmpxchg.org>
+Acked-by: Mel Gorman <mgorman@techsingularity.net>
+Acked-by: Michal Hocko <mhocko@suse.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ mm/vmscan.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/mm/vmscan.c
++++ b/mm/vmscan.c
+@@ -2529,7 +2529,7 @@ static bool shrink_zones(struct zonelist
+ if (!populated_zone(zone))
+ continue;
+
+- classzone_idx = requested_highidx;
++ classzone_idx = gfp_zone(sc->gfp_mask);
+ while (!populated_zone(zone->zone_pgdat->node_zones +
+ classzone_idx))
+ classzone_idx--;
--- /dev/null
+From 9e52b32567126fe146f198971364f68d3bc5233f Mon Sep 17 00:00:00 2001
+From: Sabrina Dubroca <sd@queasysnail.net>
+Date: Thu, 22 Jun 2017 11:24:42 +0200
+Subject: tracing/kprobes: Allow to create probe with a module name starting with a digit
+
+From: Sabrina Dubroca <sd@queasysnail.net>
+
+commit 9e52b32567126fe146f198971364f68d3bc5233f upstream.
+
+Always try to parse an address, since kstrtoul() will safely fail when
+given a symbol as input. If that fails (which will be the case for a
+symbol), try to parse a symbol instead.
+
+This allows creating a probe such as:
+
+ p:probe/vlan_gro_receive 8021q:vlan_gro_receive+0
+
+Which is necessary for this command to work:
+
+ perf probe -m 8021q -a vlan_gro_receive
+
+Link: http://lkml.kernel.org/r/fd72d666f45b114e2c5b9cf7e27b91de1ec966f1.1498122881.git.sd@queasysnail.net
+
+Fixes: 413d37d1e ("tracing: Add kprobe-based event tracer")
+Acked-by: Masami Hiramatsu <mhiramat@kernel.org>
+Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
+Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ kernel/trace/trace_kprobe.c | 21 ++++++++-------------
+ 1 file changed, 8 insertions(+), 13 deletions(-)
+
+--- a/kernel/trace/trace_kprobe.c
++++ b/kernel/trace/trace_kprobe.c
+@@ -659,30 +659,25 @@ static int create_trace_kprobe(int argc,
+ pr_info("Probe point is not specified.\n");
+ return -EINVAL;
+ }
+- if (isdigit(argv[1][0])) {
+- if (is_return) {
+- pr_info("Return probe point must be a symbol.\n");
+- return -EINVAL;
+- }
+- /* an address specified */
+- ret = kstrtoul(&argv[1][0], 0, (unsigned long *)&addr);
+- if (ret) {
+- pr_info("Failed to parse address.\n");
+- return ret;
+- }
+- } else {
++
++ /* try to parse an address. if that fails, try to read the
++ * input as a symbol. */
++ if (kstrtoul(argv[1], 0, (unsigned long *)&addr)) {
+ /* a symbol specified */
+ symbol = argv[1];
+ /* TODO: support .init module functions */
+ ret = traceprobe_split_symbol_offset(symbol, &offset);
+ if (ret) {
+- pr_info("Failed to parse symbol.\n");
++ pr_info("Failed to parse either an address or a symbol.\n");
+ return ret;
+ }
+ if (offset && is_return) {
+ pr_info("Return probe must be used without offset.\n");
+ return -EINVAL;
+ }
++ } else if (is_return) {
++ pr_info("Return probe point must be a symbol.\n");
++ return -EINVAL;
+ }
+ argc -= 2; argv += 2;
+
projects / thirdparty / kernel / stable-queue.git / commitdiff
