--- /dev/null
+From f92e04f764b86e55e522988e6f4b6082d19a2721 Mon Sep 17 00:00:00 2001
+From: Fengnan Chang <fengnanchang@gmail.com>
+Date: Sat, 23 Jan 2021 11:32:31 +0800
+Subject: mmc: core: Limit retries when analyse of SDIO tuples fails
+
+From: Fengnan Chang <fengnanchang@gmail.com>
+
+commit f92e04f764b86e55e522988e6f4b6082d19a2721 upstream.
+
+When analysing tuples fails we may loop indefinitely to retry. Let's avoid
+this by using a 10s timeout and bail if not completed earlier.
+
+Signed-off-by: Fengnan Chang <fengnanchang@gmail.com>
+Cc: stable@vger.kernel.org
+Link: https://lore.kernel.org/r/20210123033230.36442-1-fengnanchang@gmail.com
+Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/mmc/core/sdio_cis.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/drivers/mmc/core/sdio_cis.c
++++ b/drivers/mmc/core/sdio_cis.c
+@@ -24,6 +24,8 @@
+ #include "sdio_cis.h"
+ #include "sdio_ops.h"
+
++#define SDIO_READ_CIS_TIMEOUT_MS (10 * 1000) /* 10s */
++
+ static int cistpl_vers_1(struct mmc_card *card, struct sdio_func *func,
+ const unsigned char *buf, unsigned size)
+ {
+@@ -270,6 +272,8 @@ static int sdio_read_cis(struct mmc_card
+
+ do {
+ unsigned char tpl_code, tpl_link;
++ unsigned long timeout = jiffies +
++ msecs_to_jiffies(SDIO_READ_CIS_TIMEOUT_MS);
+
+ ret = mmc_io_rw_direct(card, 0, 0, ptr++, 0, &tpl_code);
+ if (ret)
+@@ -322,6 +326,8 @@ static int sdio_read_cis(struct mmc_card
+ prev = &this->next;
+
+ if (ret == -ENOENT) {
++ if (time_after(jiffies, timeout))
++ break;
+ /* warn about unknown tuples */
+ pr_warn_ratelimited("%s: queuing unknown"
+ " CIS tuple 0x%02x (%u bytes)\n",
--- /dev/null
+From 538e4a8c571efdf131834431e0c14808bcfb1004 Mon Sep 17 00:00:00 2001
+From: Thorsten Leemhuis <linux@leemhuis.info>
+Date: Fri, 29 Jan 2021 06:24:42 +0100
+Subject: nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs
+
+From: Thorsten Leemhuis <linux@leemhuis.info>
+
+commit 538e4a8c571efdf131834431e0c14808bcfb1004 upstream.
+
+Some Kingston A2000 NVMe SSDs sooner or later get confused and stop
+working when they use the deepest APST sleep while running Linux. The
+system then crashes and one has to cold boot it to get the SSD working
+again.
+
+Kingston seems to known about this since at least mid-September 2020:
+https://bbs.archlinux.org/viewtopic.php?pid=1926994#p1926994
+
+Someone working for a German company representing Kingston to the German
+press confirmed to me Kingston engineering is aware of the issue and
+investigating; the person stated that to their current knowledge only
+the deepest APST sleep state causes trouble. Therefore, make Linux avoid
+it for now by applying the NVME_QUIRK_NO_DEEPEST_PS to this SSD.
+
+I have two such SSDs, but it seems the problem doesn't occur with them.
+I hence couldn't verify if this patch really fixes the problem, but all
+the data in front of me suggests it should.
+
+This patch can easily be reverted or improved upon if a better solution
+surfaces.
+
+FWIW, there are many reports about the issue scattered around the web;
+most of the users disabled APST completely to make things work, some
+just made Linux avoid the deepest sleep state:
+
+https://bugzilla.kernel.org/show_bug.cgi?id=195039#c65
+https://bugzilla.kernel.org/show_bug.cgi?id=195039#c73
+https://bugzilla.kernel.org/show_bug.cgi?id=195039#c74
+https://bugzilla.kernel.org/show_bug.cgi?id=195039#c78
+https://bugzilla.kernel.org/show_bug.cgi?id=195039#c79
+https://bugzilla.kernel.org/show_bug.cgi?id=195039#c80
+https://askubuntu.com/questions/1222049/nvmekingston-a2000-sometimes-stops-giving-response-in-ubuntu-18-04dell-inspir
+https://community.acer.com/en/discussion/604326/m-2-nvme-ssd-aspire-517-51g-issue-compatibility-kingston-a2000-linux-ubuntu
+
+For the record, some data from 'nvme id-ctrl /dev/nvme0'
+
+NVME Identify Controller:
+vid : 0x2646
+ssvid : 0x2646
+mn : KINGSTON SA2000M81000G
+fr : S5Z42105
+[...]
+ps 0 : mp:9.00W operational enlat:0 exlat:0 rrt:0 rrl:0
+ rwt:0 rwl:0 idle_power:- active_power:-
+ps 1 : mp:4.60W operational enlat:0 exlat:0 rrt:1 rrl:1
+ rwt:1 rwl:1 idle_power:- active_power:-
+ps 2 : mp:3.80W operational enlat:0 exlat:0 rrt:2 rrl:2
+ rwt:2 rwl:2 idle_power:- active_power:-
+ps 3 : mp:0.0450W non-operational enlat:2000 exlat:2000 rrt:3 rrl:3
+ rwt:3 rwl:3 idle_power:- active_power:-
+ps 4 : mp:0.0040W non-operational enlat:15000 exlat:15000 rrt:4 rrl:4
+ rwt:4 rwl:4 idle_power:- active_power:-
+
+Cc: stable@vger.kernel.org # 4.14+
+Signed-off-by: Thorsten Leemhuis <linux@leemhuis.info>
+Signed-off-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/nvme/host/pci.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/drivers/nvme/host/pci.c
++++ b/drivers/nvme/host/pci.c
+@@ -2733,6 +2733,8 @@ static const struct pci_device_id nvme_i
+ { PCI_DEVICE(0x1d1d, 0x2601), /* CNEX Granby */
+ .driver_data = NVME_QUIRK_LIGHTNVM, },
+ { PCI_DEVICE_CLASS(PCI_CLASS_STORAGE_EXPRESS, 0xffffff) },
++ { PCI_DEVICE(0x2646, 0x2263), /* KINGSTON A2000 NVMe SSD */
++ .driver_data = NVME_QUIRK_NO_DEEPEST_PS, },
+ { PCI_DEVICE(PCI_VENDOR_ID_APPLE, 0x2001) },
+ { PCI_DEVICE(PCI_VENDOR_ID_APPLE, 0x2003) },
+ { 0, }
genirq-msi-activate-multi-msi-early-when-msi_flag_activate_early-is-set.patch
xhci-fix-bounce-buffer-usage-for-non-sg-list-case.patch
cifs-report-error-instead-of-invalid-when-revalidating-a-dentry-fails.patch
+smb3-fix-out-of-bounds-bug-in-smb2_negotiate.patch
+mmc-core-limit-retries-when-analyse-of-sdio-tuples-fails.patch
+nvme-pci-avoid-the-deepest-sleep-state-on-kingston-a2000-ssds.patch
--- /dev/null
+From 8d8d1dbefc423d42d626cf5b81aac214870ebaab Mon Sep 17 00:00:00 2001
+From: "Gustavo A. R. Silva" <gustavoars@kernel.org>
+Date: Mon, 1 Feb 2021 20:36:54 -0600
+Subject: smb3: Fix out-of-bounds bug in SMB2_negotiate()
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Gustavo A. R. Silva <gustavoars@kernel.org>
+
+commit 8d8d1dbefc423d42d626cf5b81aac214870ebaab upstream.
+
+While addressing some warnings generated by -Warray-bounds, I found this
+bug that was introduced back in 2017:
+
+ CC [M] fs/cifs/smb2pdu.o
+fs/cifs/smb2pdu.c: In function ‘SMB2_negotiate’:
+fs/cifs/smb2pdu.c:822:16: warning: array subscript 1 is above array bounds
+of ‘__le16[1]’ {aka ‘short unsigned int[1]’} [-Warray-bounds]
+ 822 | req->Dialects[1] = cpu_to_le16(SMB30_PROT_ID);
+ | ~~~~~~~~~~~~~^~~
+fs/cifs/smb2pdu.c:823:16: warning: array subscript 2 is above array bounds
+of ‘__le16[1]’ {aka ‘short unsigned int[1]’} [-Warray-bounds]
+ 823 | req->Dialects[2] = cpu_to_le16(SMB302_PROT_ID);
+ | ~~~~~~~~~~~~~^~~
+fs/cifs/smb2pdu.c:824:16: warning: array subscript 3 is above array bounds
+of ‘__le16[1]’ {aka ‘short unsigned int[1]’} [-Warray-bounds]
+ 824 | req->Dialects[3] = cpu_to_le16(SMB311_PROT_ID);
+ | ~~~~~~~~~~~~~^~~
+fs/cifs/smb2pdu.c:816:16: warning: array subscript 1 is above array bounds
+of ‘__le16[1]’ {aka ‘short unsigned int[1]’} [-Warray-bounds]
+ 816 | req->Dialects[1] = cpu_to_le16(SMB302_PROT_ID);
+ | ~~~~~~~~~~~~~^~~
+
+At the time, the size of array _Dialects_ was changed from 1 to 3 in struct
+validate_negotiate_info_req, and then in 2019 it was changed from 3 to 4,
+but those changes were never made in struct smb2_negotiate_req, which has
+led to a 3 and a half years old out-of-bounds bug in function
+SMB2_negotiate() (fs/cifs/smb2pdu.c).
+
+Fix this by increasing the size of array _Dialects_ in struct
+smb2_negotiate_req to 4.
+
+Fixes: 9764c02fcbad ("SMB3: Add support for multidialect negotiate (SMB2.1 and later)")
+Fixes: d5c7076b772a ("smb3: add smb3.1.1 to default dialect list")
+Cc: stable@vger.kernel.org
+Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
+Signed-off-by: Steve French <stfrench@microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/cifs/smb2pdu.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/fs/cifs/smb2pdu.h
++++ b/fs/cifs/smb2pdu.h
+@@ -222,7 +222,7 @@ struct smb2_negotiate_req {
+ __le32 NegotiateContextOffset; /* SMB3.1.1 only. MBZ earlier */
+ __le16 NegotiateContextCount; /* SMB3.1.1 only. MBZ earlier */
+ __le16 Reserved2;
+- __le16 Dialects[1]; /* One dialect (vers=) at a time for now */
++ __le16 Dialects[4]; /* BB expand this if autonegotiate > 4 dialects */
+ } __packed;
+
+ /* Dialects */
projects / thirdparty / kernel / stable-queue.git / commitdiff
