--- /dev/null
+From 60e2793d440a3ec95abb5d6d4fc034a4b480472d Mon Sep 17 00:00:00 2001
+From: Michal Hocko <mhocko@suse.com>
+Date: Fri, 5 Nov 2021 13:38:06 -0700
+Subject: mm, oom: do not trigger out_of_memory from the #PF
+
+From: Michal Hocko <mhocko@suse.com>
+
+commit 60e2793d440a3ec95abb5d6d4fc034a4b480472d upstream.
+
+Any allocation failure during the #PF path will return with VM_FAULT_OOM
+which in turn results in pagefault_out_of_memory. This can happen for 2
+different reasons. a) Memcg is out of memory and we rely on
+mem_cgroup_oom_synchronize to perform the memcg OOM handling or b)
+normal allocation fails.
+
+The latter is quite problematic because allocation paths already trigger
+out_of_memory and the page allocator tries really hard to not fail
+allocations. Anyway, if the OOM killer has been already invoked there
+is no reason to invoke it again from the #PF path. Especially when the
+OOM condition might be gone by that time and we have no way to find out
+other than allocate.
+
+Moreover if the allocation failed and the OOM killer hasn't been invoked
+then we are unlikely to do the right thing from the #PF context because
+we have already lost the allocation context and restictions and
+therefore might oom kill a task from a different NUMA domain.
+
+This all suggests that there is no legitimate reason to trigger
+out_of_memory from pagefault_out_of_memory so drop it. Just to be sure
+that no #PF path returns with VM_FAULT_OOM without allocation print a
+warning that this is happening before we restart the #PF.
+
+[VvS: #PF allocation can hit into limit of cgroup v1 kmem controller.
+This is a local problem related to memcg, however, it causes unnecessary
+global OOM kills that are repeated over and over again and escalate into a
+real disaster. This has been broken since kmem accounting has been
+introduced for cgroup v1 (3.8). There was no kmem specific reclaim for
+the separate limit so the only way to handle kmem hard limit was to return
+with ENOMEM. In upstream the problem will be fixed by removing the
+outdated kmem limit, however stable and LTS kernels cannot do it and are
+still affected. This patch fixes the problem and should be backported
+into stable/LTS.]
+
+Link: https://lkml.kernel.org/r/f5fd8dd8-0ad4-c524-5f65-920b01972a42@virtuozzo.com
+Signed-off-by: Michal Hocko <mhocko@suse.com>
+Signed-off-by: Vasily Averin <vvs@virtuozzo.com>
+Acked-by: Michal Hocko <mhocko@suse.com>
+Cc: Johannes Weiner <hannes@cmpxchg.org>
+Cc: Mel Gorman <mgorman@techsingularity.net>
+Cc: Roman Gushchin <guro@fb.com>
+Cc: Shakeel Butt <shakeelb@google.com>
+Cc: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
+Cc: Uladzislau Rezki <urezki@gmail.com>
+Cc: Vladimir Davydov <vdavydov.dev@gmail.com>
+Cc: Vlastimil Babka <vbabka@suse.cz>
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ mm/oom_kill.c | 22 ++++++++--------------
+ 1 file changed, 8 insertions(+), 14 deletions(-)
+
+--- a/mm/oom_kill.c
++++ b/mm/oom_kill.c
+@@ -1095,19 +1095,15 @@ bool out_of_memory(struct oom_control *o
+ }
+
+ /*
+- * The pagefault handler calls here because it is out of memory, so kill a
+- * memory-hogging task. If oom_lock is held by somebody else, a parallel oom
+- * killing is already in progress so do nothing.
++ * The pagefault handler calls here because some allocation has failed. We have
++ * to take care of the memcg OOM here because this is the only safe context without
++ * any locks held but let the oom killer triggered from the allocation context care
++ * about the global OOM.
+ */
+ void pagefault_out_of_memory(void)
+ {
+- struct oom_control oc = {
+- .zonelist = NULL,
+- .nodemask = NULL,
+- .memcg = NULL,
+- .gfp_mask = 0,
+- .order = 0,
+- };
++ static DEFINE_RATELIMIT_STATE(pfoom_rs, DEFAULT_RATELIMIT_INTERVAL,
++ DEFAULT_RATELIMIT_BURST);
+
+ if (mem_cgroup_oom_synchronize(true))
+ return;
+@@ -1115,8 +1111,6 @@ void pagefault_out_of_memory(void)
+ if (fatal_signal_pending(current))
+ return;
+
+- if (!mutex_trylock(&oom_lock))
+- return;
+- out_of_memory(&oc);
+- mutex_unlock(&oom_lock);
++ if (__ratelimit(&pfoom_rs))
++ pr_warn("Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF\n");
+ }
--- /dev/null
+From 0b28179a6138a5edd9d82ad2687c05b3773c387b Mon Sep 17 00:00:00 2001
+From: Vasily Averin <vvs@virtuozzo.com>
+Date: Fri, 5 Nov 2021 13:38:02 -0700
+Subject: mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks
+
+From: Vasily Averin <vvs@virtuozzo.com>
+
+commit 0b28179a6138a5edd9d82ad2687c05b3773c387b upstream.
+
+Patch series "memcg: prohibit unconditional exceeding the limit of dying tasks", v3.
+
+Memory cgroup charging allows killed or exiting tasks to exceed the hard
+limit. It can be misused and allowed to trigger global OOM from inside
+a memcg-limited container. On the other hand if memcg fails allocation,
+called from inside #PF handler it triggers global OOM from inside
+pagefault_out_of_memory().
+
+To prevent these problems this patchset:
+ (a) removes execution of out_of_memory() from
+ pagefault_out_of_memory(), becasue nobody can explain why it is
+ necessary.
+ (b) allow memcg to fail allocation of dying/killed tasks.
+
+This patch (of 3):
+
+Any allocation failure during the #PF path will return with VM_FAULT_OOM
+which in turn results in pagefault_out_of_memory which in turn executes
+out_out_memory() and can kill a random task.
+
+An allocation might fail when the current task is the oom victim and
+there are no memory reserves left. The OOM killer is already handled at
+the page allocator level for the global OOM and at the charging level
+for the memcg one. Both have much more information about the scope of
+allocation/charge request. This means that either the OOM killer has
+been invoked properly and didn't lead to the allocation success or it
+has been skipped because it couldn't have been invoked. In both cases
+triggering it from here is pointless and even harmful.
+
+It makes much more sense to let the killed task die rather than to wake
+up an eternally hungry oom-killer and send him to choose a fatter victim
+for breakfast.
+
+Link: https://lkml.kernel.org/r/0828a149-786e-7c06-b70a-52d086818ea3@virtuozzo.com
+Signed-off-by: Vasily Averin <vvs@virtuozzo.com>
+Suggested-by: Michal Hocko <mhocko@suse.com>
+Acked-by: Michal Hocko <mhocko@suse.com>
+Cc: Johannes Weiner <hannes@cmpxchg.org>
+Cc: Mel Gorman <mgorman@techsingularity.net>
+Cc: Roman Gushchin <guro@fb.com>
+Cc: Shakeel Butt <shakeelb@google.com>
+Cc: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
+Cc: Uladzislau Rezki <urezki@gmail.com>
+Cc: Vladimir Davydov <vdavydov.dev@gmail.com>
+Cc: Vlastimil Babka <vbabka@suse.cz>
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ mm/oom_kill.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+--- a/mm/oom_kill.c
++++ b/mm/oom_kill.c
+@@ -1112,6 +1112,9 @@ void pagefault_out_of_memory(void)
+ if (mem_cgroup_oom_synchronize(true))
+ return;
+
++ if (fatal_signal_pending(current))
++ return;
++
+ if (!mutex_trylock(&oom_lock))
+ return;
+ out_of_memory(&oc);
--- /dev/null
+From foo@baz Mon Nov 15 03:30:35 PM CET 2021
+From: "Naveen N. Rao" <naveen.n.rao@linux.vnet.ibm.com>
+Date: Mon, 15 Nov 2021 16:35:08 +0530
+Subject: powerpc/bpf: Fix BPF_SUB when imm == 0x80000000
+To: <stable@vger.kernel.org>
+Cc: Michael Ellerman <mpe@ellerman.id.au>, Daniel Borkmann <daniel@iogearbox.net>
+Message-ID: <5679896bb270f8a7bbbd5d2b2b7588a820231a21.1636968906.git.naveen.n.rao@linux.vnet.ibm.com>
+
+From: "Naveen N. Rao" <naveen.n.rao@linux.vnet.ibm.com>
+
+upstream commit 5855c4c1f415ca3ba1046e77c0b3d3dfc96c9025
+
+We aren't handling subtraction involving an immediate value of
+0x80000000 properly. Fix the same.
+
+Fixes: 156d0e290e969c ("powerpc/ebpf/jit: Implement JIT compiler for extended BPF")
+Signed-off-by: Naveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
+Reviewed-by: Christophe Leroy <christophe.leroy@csgroup.eu>
+[mpe: Fold in fix from Naveen to use imm <= 32768]
+Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
+Link: https://lore.kernel.org/r/fc4b1276eb10761fd7ce0814c8dd089da2815251.1633464148.git.naveen.n.rao@linux.vnet.ibm.com
+[adjust macros to account for commits 0654186510a40e and 3a181237916310]
+Signed-off-by: Naveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/powerpc/net/bpf_jit_comp64.c | 27 +++++++++++++++++----------
+ 1 file changed, 17 insertions(+), 10 deletions(-)
+
+--- a/arch/powerpc/net/bpf_jit_comp64.c
++++ b/arch/powerpc/net/bpf_jit_comp64.c
+@@ -359,18 +359,25 @@ static int bpf_jit_build_body(struct bpf
+ PPC_SUB(dst_reg, dst_reg, src_reg);
+ goto bpf_alu32_trunc;
+ case BPF_ALU | BPF_ADD | BPF_K: /* (u32) dst += (u32) imm */
+- case BPF_ALU | BPF_SUB | BPF_K: /* (u32) dst -= (u32) imm */
+ case BPF_ALU64 | BPF_ADD | BPF_K: /* dst += imm */
++ if (!imm) {
++ goto bpf_alu32_trunc;
++ } else if (imm >= -32768 && imm < 32768) {
++ PPC_ADDI(dst_reg, dst_reg, IMM_L(imm));
++ } else {
++ PPC_LI32(b2p[TMP_REG_1], imm);
++ PPC_ADD(dst_reg, dst_reg, b2p[TMP_REG_1]);
++ }
++ goto bpf_alu32_trunc;
++ case BPF_ALU | BPF_SUB | BPF_K: /* (u32) dst -= (u32) imm */
+ case BPF_ALU64 | BPF_SUB | BPF_K: /* dst -= imm */
+- if (BPF_OP(code) == BPF_SUB)
+- imm = -imm;
+- if (imm) {
+- if (imm >= -32768 && imm < 32768)
+- PPC_ADDI(dst_reg, dst_reg, IMM_L(imm));
+- else {
+- PPC_LI32(b2p[TMP_REG_1], imm);
+- PPC_ADD(dst_reg, dst_reg, b2p[TMP_REG_1]);
+- }
++ if (!imm) {
++ goto bpf_alu32_trunc;
++ } else if (imm > -32768 && imm <= 32768) {
++ PPC_ADDI(dst_reg, dst_reg, IMM_L(-imm));
++ } else {
++ PPC_LI32(b2p[TMP_REG_1], imm);
++ PPC_SUB(dst_reg, dst_reg, b2p[TMP_REG_1]);
+ }
+ goto bpf_alu32_trunc;
+ case BPF_ALU | BPF_MUL | BPF_X: /* (u32) dst *= (u32) src */
--- /dev/null
+From foo@baz Mon Nov 15 03:30:35 PM CET 2021
+From: "Naveen N. Rao" <naveen.n.rao@linux.vnet.ibm.com>
+Date: Mon, 15 Nov 2021 16:35:07 +0530
+Subject: powerpc/bpf: Validate branch ranges
+To: <stable@vger.kernel.org>
+Cc: Michael Ellerman <mpe@ellerman.id.au>, Daniel Borkmann <daniel@iogearbox.net>
+Message-ID: <5b9c27e6b11c6f63c5b0bfb66e0d81768166eaee.1636968906.git.naveen.n.rao@linux.vnet.ibm.com>
+
+From: "Naveen N. Rao" <naveen.n.rao@linux.vnet.ibm.com>
+
+upstream commit 3832ba4e283d7052b783dab8311df7e3590fed93
+
+Add checks to ensure that we never emit branch instructions with
+truncated branch offsets.
+
+Suggested-by: Michael Ellerman <mpe@ellerman.id.au>
+Signed-off-by: Naveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
+Tested-by: Johan Almbladh <johan.almbladh@anyfinetworks.com>
+Reviewed-by: Christophe Leroy <christophe.leroy@csgroup.eu>
+Acked-by: Song Liu <songliubraving@fb.com>
+Acked-by: Johan Almbladh <johan.almbladh@anyfinetworks.com>
+Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
+Link: https://lore.kernel.org/r/71d33a6b7603ec1013c9734dd8bdd4ff5e929142.1633464148.git.naveen.n.rao@linux.vnet.ibm.com
+[include header, drop ppc32 changes]
+Signed-off-by: Naveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/powerpc/net/bpf_jit.h | 26 ++++++++++++++++++++------
+ arch/powerpc/net/bpf_jit_comp64.c | 10 +++++++---
+ 2 files changed, 27 insertions(+), 9 deletions(-)
+
+--- a/arch/powerpc/net/bpf_jit.h
++++ b/arch/powerpc/net/bpf_jit.h
+@@ -15,6 +15,7 @@
+ #ifndef __ASSEMBLY__
+
+ #include <asm/types.h>
++#include <asm/code-patching.h>
+
+ #ifdef PPC64_ELF_ABI_v1
+ #define FUNCTION_DESCR_SIZE 24
+@@ -176,13 +177,26 @@
+ #define PPC_NEG(d, a) EMIT(PPC_INST_NEG | ___PPC_RT(d) | ___PPC_RA(a))
+
+ /* Long jump; (unconditional 'branch') */
+-#define PPC_JMP(dest) EMIT(PPC_INST_BRANCH | \
+- (((dest) - (ctx->idx * 4)) & 0x03fffffc))
++#define PPC_JMP(dest) \
++ do { \
++ long offset = (long)(dest) - (ctx->idx * 4); \
++ if (!is_offset_in_branch_range(offset)) { \
++ pr_err_ratelimited("Branch offset 0x%lx (@%u) out of range\n", offset, ctx->idx); \
++ return -ERANGE; \
++ } \
++ EMIT(PPC_INST_BRANCH | (offset & 0x03fffffc)); \
++ } while (0)
+ /* "cond" here covers BO:BI fields. */
+-#define PPC_BCC_SHORT(cond, dest) EMIT(PPC_INST_BRANCH_COND | \
+- (((cond) & 0x3ff) << 16) | \
+- (((dest) - (ctx->idx * 4)) & \
+- 0xfffc))
++#define PPC_BCC_SHORT(cond, dest) \
++ do { \
++ long offset = (long)(dest) - (ctx->idx * 4); \
++ if (!is_offset_in_cond_branch_range(offset)) { \
++ pr_err_ratelimited("Conditional branch offset 0x%lx (@%u) out of range\n", offset, ctx->idx); \
++ return -ERANGE; \
++ } \
++ EMIT(PPC_INST_BRANCH_COND | (((cond) & 0x3ff) << 16) | (offset & 0xfffc)); \
++ } while (0)
++
+ /* Sign-extended 32-bit immediate load */
+ #define PPC_LI32(d, i) do { \
+ if ((int)(uintptr_t)(i) >= -32768 && \
+--- a/arch/powerpc/net/bpf_jit_comp64.c
++++ b/arch/powerpc/net/bpf_jit_comp64.c
+@@ -235,7 +235,7 @@ static void bpf_jit_emit_func_call(u32 *
+ PPC_BLRL();
+ }
+
+-static void bpf_jit_emit_tail_call(u32 *image, struct codegen_context *ctx, u32 out)
++static int bpf_jit_emit_tail_call(u32 *image, struct codegen_context *ctx, u32 out)
+ {
+ /*
+ * By now, the eBPF program has already setup parameters in r3, r4 and r5
+@@ -296,7 +296,9 @@ static void bpf_jit_emit_tail_call(u32 *
+ bpf_jit_emit_common_epilogue(image, ctx);
+
+ PPC_BCTR();
++
+ /* out: */
++ return 0;
+ }
+
+ /* Assemble the body code between the prologue & epilogue */
+@@ -306,7 +308,7 @@ static int bpf_jit_build_body(struct bpf
+ {
+ const struct bpf_insn *insn = fp->insnsi;
+ int flen = fp->len;
+- int i;
++ int i, ret;
+
+ /* Start of epilogue code - will only be valid 2nd pass onwards */
+ u32 exit_addr = addrs[flen];
+@@ -956,7 +958,9 @@ common_load:
+ */
+ case BPF_JMP | BPF_TAIL_CALL:
+ ctx->seen |= SEEN_TAILCALL;
+- bpf_jit_emit_tail_call(image, ctx, addrs[i + 1]);
++ ret = bpf_jit_emit_tail_call(image, ctx, addrs[i + 1]);
++ if (ret < 0)
++ return ret;
+ break;
+
+ default:
--- /dev/null
+From foo@baz Mon Nov 15 03:30:35 PM CET 2021
+From: "Naveen N. Rao" <naveen.n.rao@linux.vnet.ibm.com>
+Date: Mon, 15 Nov 2021 16:35:06 +0530
+Subject: powerpc/lib: Add helper to check if offset is within conditional branch range
+To: <stable@vger.kernel.org>
+Cc: Michael Ellerman <mpe@ellerman.id.au>, Daniel Borkmann <daniel@iogearbox.net>
+Message-ID: <31c942335cc5abe56e06e1431f6285143b065f06.1636968906.git.naveen.n.rao@linux.vnet.ibm.com>
+
+From: "Naveen N. Rao" <naveen.n.rao@linux.vnet.ibm.com>
+
+upstream commit 4549c3ea3160fa8b3f37dfe2f957657bb265eda9
+
+Add a helper to check if a given offset is within the branch range for a
+powerpc conditional branch instruction, and update some sites to use the
+new helper.
+
+Signed-off-by: Naveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
+Reviewed-by: Christophe Leroy <christophe.leroy@csgroup.eu>
+Acked-by: Song Liu <songliubraving@fb.com>
+Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
+Link: https://lore.kernel.org/r/442b69a34ced32ca346a0d9a855f3f6cfdbbbd41.1633464148.git.naveen.n.rao@linux.vnet.ibm.com
+Signed-off-by: Naveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/powerpc/include/asm/code-patching.h | 1 +
+ arch/powerpc/lib/code-patching.c | 7 ++++++-
+ arch/powerpc/net/bpf_jit.h | 7 +------
+ 3 files changed, 8 insertions(+), 7 deletions(-)
+
+--- a/arch/powerpc/include/asm/code-patching.h
++++ b/arch/powerpc/include/asm/code-patching.h
+@@ -25,6 +25,7 @@
+ #define BRANCH_ABSOLUTE 0x2
+
+ bool is_offset_in_branch_range(long offset);
++bool is_offset_in_cond_branch_range(long offset);
+ unsigned int create_branch(const unsigned int *addr,
+ unsigned long target, int flags);
+ unsigned int create_cond_branch(const unsigned int *addr,
+--- a/arch/powerpc/lib/code-patching.c
++++ b/arch/powerpc/lib/code-patching.c
+@@ -244,6 +244,11 @@ bool is_offset_in_branch_range(long offs
+ return (offset >= -0x2000000 && offset <= 0x1fffffc && !(offset & 0x3));
+ }
+
++bool is_offset_in_cond_branch_range(long offset)
++{
++ return offset >= -0x8000 && offset <= 0x7fff && !(offset & 0x3);
++}
++
+ /*
+ * Helper to check if a given instruction is a conditional branch
+ * Derived from the conditional checks in analyse_instr()
+@@ -297,7 +302,7 @@ unsigned int create_cond_branch(const un
+ offset = offset - (unsigned long)addr;
+
+ /* Check we can represent the target in the instruction format */
+- if (offset < -0x8000 || offset > 0x7FFF || offset & 0x3)
++ if (!is_offset_in_cond_branch_range(offset))
+ return 0;
+
+ /* Mask out the flags and target, so they don't step on each other. */
+--- a/arch/powerpc/net/bpf_jit.h
++++ b/arch/powerpc/net/bpf_jit.h
+@@ -221,11 +221,6 @@
+ #define PPC_FUNC_ADDR(d,i) do { PPC_LI32(d, i); } while(0)
+ #endif
+
+-static inline bool is_nearbranch(int offset)
+-{
+- return (offset < 32768) && (offset >= -32768);
+-}
+-
+ /*
+ * The fly in the ointment of code size changing from pass to pass is
+ * avoided by padding the short branch case with a NOP. If code size differs
+@@ -234,7 +229,7 @@ static inline bool is_nearbranch(int off
+ * state.
+ */
+ #define PPC_BCC(cond, dest) do { \
+- if (is_nearbranch((dest) - (ctx->idx * 4))) { \
++ if (is_offset_in_cond_branch_range((long)(dest) - (ctx->idx * 4))) { \
+ PPC_BCC_SHORT(cond, dest); \
+ PPC_NOP(); \
+ } else { \
--- /dev/null
+From a4751f157c194431fae9e9c493f456df8272b871 Mon Sep 17 00:00:00 2001
+From: Vineeth Vijayan <vneethv@linux.ibm.com>
+Date: Fri, 5 Nov 2021 16:44:51 +0100
+Subject: s390/cio: check the subchannel validity for dev_busid
+
+From: Vineeth Vijayan <vneethv@linux.ibm.com>
+
+commit a4751f157c194431fae9e9c493f456df8272b871 upstream.
+
+Check the validity of subchanel before reading other fields in
+the schib.
+
+Fixes: d3683c055212 ("s390/cio: add dev_busid sysfs entry for each subchannel")
+CC: <stable@vger.kernel.org>
+Reported-by: Cornelia Huck <cohuck@redhat.com>
+Signed-off-by: Vineeth Vijayan <vneethv@linux.ibm.com>
+Reviewed-by: Cornelia Huck <cohuck@redhat.com>
+Link: https://lore.kernel.org/r/20211105154451.847288-1-vneethv@linux.ibm.com
+Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/s390/cio/css.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/drivers/s390/cio/css.c
++++ b/drivers/s390/cio/css.c
+@@ -337,8 +337,8 @@ static ssize_t dev_busid_show(struct dev
+ struct subchannel *sch = to_subchannel(dev);
+ struct pmcw *pmcw = &sch->schib.pmcw;
+
+- if ((pmcw->st == SUBCHANNEL_TYPE_IO ||
+- pmcw->st == SUBCHANNEL_TYPE_MSG) && pmcw->dnv)
++ if ((pmcw->st == SUBCHANNEL_TYPE_IO && pmcw->dnv) ||
++ (pmcw->st == SUBCHANNEL_TYPE_MSG && pmcw->w))
+ return sysfs_emit(buf, "0.%x.%04x\n", sch->schid.ssid,
+ pmcw->dev);
+ else
usb-chipidea-fix-interrupt-deadlock.patch
arm-9155-1-fix-early-early_iounmap.patch
arm-9156-1-drop-cc-option-fallbacks-for-architecture-selection.patch
+powerpc-lib-add-helper-to-check-if-offset-is-within-conditional-branch-range.patch
+powerpc-bpf-validate-branch-ranges.patch
+powerpc-bpf-fix-bpf_sub-when-imm-0x80000000.patch
+mm-oom-pagefault_out_of_memory-don-t-force-global-oom-for-dying-tasks.patch
+mm-oom-do-not-trigger-out_of_memory-from-the-pf.patch
+s390-cio-check-the-subchannel-validity-for-dev_busid.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
