From: Sasha Levin Date: Fri, 27 Sep 2019 15:31:05 +0000 (-0400) Subject: fixes for 4.9 X-Git-Tag: v5.3.2~16 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2a08cf830a21fd89c927aeddea9c0eefa2dd0cf8;p=thirdparty%2Fkernel%2Fstable-queue.git fixes for 4.9 Signed-off-by: Sasha Levin --- diff --git a/queue-4.9/locking-lockdep-add-debug_locks-check-in-__lock_down.patch b/queue-4.9/locking-lockdep-add-debug_locks-check-in-__lock_down.patch new file mode 100644 index 00000000000..9e5da34688d --- /dev/null +++ b/queue-4.9/locking-lockdep-add-debug_locks-check-in-__lock_down.patch @@ -0,0 +1,51 @@ +From fb61cf1b91c119f3c056bc1d9d1d7fc535c923f2 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 9 Jan 2019 23:03:25 -0500 +Subject: locking/lockdep: Add debug_locks check in __lock_downgrade() + +From: Waiman Long + +[ Upstream commit 513e1073d52e55b8024b4f238a48de7587c64ccf ] + +Tetsuo Handa had reported he saw an incorrect "downgrading a read lock" +warning right after a previous lockdep warning. It is likely that the +previous warning turned off lock debugging causing the lockdep to have +inconsistency states leading to the lock downgrade warning. + +Fix that by add a check for debug_locks at the beginning of +__lock_downgrade(). + +Reported-by: Tetsuo Handa +Reported-by: syzbot+53383ae265fb161ef488@syzkaller.appspotmail.com +Signed-off-by: Waiman Long +Signed-off-by: Peter Zijlstra (Intel) +Cc: Andrew Morton +Cc: Linus Torvalds +Cc: Paul E. McKenney +Cc: Peter Zijlstra +Cc: Thomas Gleixner +Cc: Will Deacon +Link: https://lkml.kernel.org/r/1547093005-26085-1-git-send-email-longman@redhat.com +Signed-off-by: Ingo Molnar +Signed-off-by: Sasha Levin +--- + kernel/locking/lockdep.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/kernel/locking/lockdep.c b/kernel/locking/lockdep.c +index 4b27aaffdf352..d7f425698a4a1 100644 +--- a/kernel/locking/lockdep.c ++++ b/kernel/locking/lockdep.c +@@ -3446,6 +3446,9 @@ __lock_set_class(struct lockdep_map *lock, const char *name, + unsigned int depth; + int i; + ++ if (unlikely(!debug_locks)) ++ return 0; ++ + depth = curr->lockdep_depth; + /* + * This function is about (re)setting the class of a held lock, +-- +2.20.1 + diff --git a/queue-4.9/mac80211-handle-deauthentication-disassociation-from.patch b/queue-4.9/mac80211-handle-deauthentication-disassociation-from.patch new file mode 100644 index 00000000000..340a4d3e708 --- /dev/null +++ b/queue-4.9/mac80211-handle-deauthentication-disassociation-from.patch @@ -0,0 +1,125 @@ +From 39aaa58ec260b2abdd5d3204f8b8fc6235e92cda Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Fri, 10 May 2019 17:04:52 +0800 +Subject: mac80211: handle deauthentication/disassociation from TDLS peer + +From: Yu Wang + +[ Upstream commit 79c92ca42b5a3e0ea172ea2ce8df8e125af237da ] + +When receiving a deauthentication/disassociation frame from a TDLS +peer, a station should not disconnect the current AP, but only +disable the current TDLS link if it's enabled. + +Without this change, a TDLS issue can be reproduced by following the +steps as below: + +1. STA-1 and STA-2 are connected to AP, bidirection traffic is running + between STA-1 and STA-2. +2. Set up TDLS link between STA-1 and STA-2, stay for a while, then + teardown TDLS link. +3. Repeat step #2 and monitor the connection between STA and AP. + +During the test, one STA may send a deauthentication/disassociation +frame to another, after TDLS teardown, with reason code 6/7, which +means: Class 2/3 frame received from nonassociated STA. + +On receive this frame, the receiver STA will disconnect the current +AP and then reconnect. It's not a expected behavior, purpose of this +frame should be disabling the TDLS link, not the link with AP. + +Cc: stable@vger.kernel.org +Signed-off-by: Yu Wang +Signed-off-by: Johannes Berg +Signed-off-by: Sasha Levin +--- + net/mac80211/ieee80211_i.h | 3 +++ + net/mac80211/mlme.c | 12 +++++++++++- + net/mac80211/tdls.c | 23 +++++++++++++++++++++++ + 3 files changed, 37 insertions(+), 1 deletion(-) + +diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h +index 6708de10a3e5e..0b0de3030e0dc 100644 +--- a/net/mac80211/ieee80211_i.h ++++ b/net/mac80211/ieee80211_i.h +@@ -2123,6 +2123,9 @@ void ieee80211_tdls_cancel_channel_switch(struct wiphy *wiphy, + const u8 *addr); + void ieee80211_teardown_tdls_peers(struct ieee80211_sub_if_data *sdata); + void ieee80211_tdls_chsw_work(struct work_struct *wk); ++void ieee80211_tdls_handle_disconnect(struct ieee80211_sub_if_data *sdata, ++ const u8 *peer, u16 reason); ++const char *ieee80211_get_reason_code_string(u16 reason_code); + + extern const struct ethtool_ops ieee80211_ethtool_ops; + +diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c +index 090e2aa8630e8..c75594a12c38e 100644 +--- a/net/mac80211/mlme.c ++++ b/net/mac80211/mlme.c +@@ -2755,7 +2755,7 @@ static void ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata, + #define case_WLAN(type) \ + case WLAN_REASON_##type: return #type + +-static const char *ieee80211_get_reason_code_string(u16 reason_code) ++const char *ieee80211_get_reason_code_string(u16 reason_code) + { + switch (reason_code) { + case_WLAN(UNSPECIFIED); +@@ -2820,6 +2820,11 @@ static void ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata, + if (len < 24 + 2) + return; + ++ if (!ether_addr_equal(mgmt->bssid, mgmt->sa)) { ++ ieee80211_tdls_handle_disconnect(sdata, mgmt->sa, reason_code); ++ return; ++ } ++ + if (ifmgd->associated && + ether_addr_equal(mgmt->bssid, ifmgd->associated->bssid)) { + const u8 *bssid = ifmgd->associated->bssid; +@@ -2869,6 +2874,11 @@ static void ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata, + + reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code); + ++ if (!ether_addr_equal(mgmt->bssid, mgmt->sa)) { ++ ieee80211_tdls_handle_disconnect(sdata, mgmt->sa, reason_code); ++ return; ++ } ++ + sdata_info(sdata, "disassociated from %pM (Reason: %u=%s)\n", + mgmt->sa, reason_code, + ieee80211_get_reason_code_string(reason_code)); +diff --git a/net/mac80211/tdls.c b/net/mac80211/tdls.c +index c64ae68ae4f84..863f92c087014 100644 +--- a/net/mac80211/tdls.c ++++ b/net/mac80211/tdls.c +@@ -2001,3 +2001,26 @@ void ieee80211_tdls_chsw_work(struct work_struct *wk) + } + rtnl_unlock(); + } ++ ++void ieee80211_tdls_handle_disconnect(struct ieee80211_sub_if_data *sdata, ++ const u8 *peer, u16 reason) ++{ ++ struct ieee80211_sta *sta; ++ ++ rcu_read_lock(); ++ sta = ieee80211_find_sta(&sdata->vif, peer); ++ if (!sta || !sta->tdls) { ++ rcu_read_unlock(); ++ return; ++ } ++ rcu_read_unlock(); ++ ++ tdls_dbg(sdata, "disconnected from TDLS peer %pM (Reason: %u=%s)\n", ++ peer, reason, ++ ieee80211_get_reason_code_string(reason)); ++ ++ ieee80211_tdls_oper_request(&sdata->vif, peer, ++ NL80211_TDLS_TEARDOWN, ++ WLAN_REASON_TDLS_TEARDOWN_UNREACHABLE, ++ GFP_ATOMIC); ++} +-- +2.20.1 + diff --git a/queue-4.9/mac80211-print-text-for-disassociation-reason.patch b/queue-4.9/mac80211-print-text-for-disassociation-reason.patch new file mode 100644 index 00000000000..fffad9eece2 --- /dev/null +++ b/queue-4.9/mac80211-print-text-for-disassociation-reason.patch @@ -0,0 +1,41 @@ +From 9f11e279d406bc318c4d6a02f2f21262fb7d76a8 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 15 Feb 2017 14:21:27 +0100 +Subject: mac80211: Print text for disassociation reason +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Arkadiusz Miskiewicz + +[ Upstream commit 68506e9af132a6b5735c1dd4b11240da0cf5eeae ] + +When disassociation happens only numeric reason is printed +in ieee80211_rx_mgmt_disassoc(). Add text variant, too. + +Signed-off-by: Arkadiusz Miśkiewicz +Signed-off-by: Johannes Berg +Signed-off-by: Sasha Levin +--- + net/mac80211/mlme.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c +index f462f026fc6aa..090e2aa8630e8 100644 +--- a/net/mac80211/mlme.c ++++ b/net/mac80211/mlme.c +@@ -2869,8 +2869,9 @@ static void ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata, + + reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code); + +- sdata_info(sdata, "disassociated from %pM (Reason: %u)\n", +- mgmt->sa, reason_code); ++ sdata_info(sdata, "disassociated from %pM (Reason: %u=%s)\n", ++ mgmt->sa, reason_code, ++ ieee80211_get_reason_code_string(reason_code)); + + ieee80211_set_disassoc(sdata, 0, 0, false, NULL); + +-- +2.20.1 + diff --git a/queue-4.9/power-supply-sysfs-ratelimit-property-read-error-mes.patch b/queue-4.9/power-supply-sysfs-ratelimit-property-read-error-mes.patch new file mode 100644 index 00000000000..75ae4fac131 --- /dev/null +++ b/queue-4.9/power-supply-sysfs-ratelimit-property-read-error-mes.patch @@ -0,0 +1,38 @@ +From 9002995f03b7c1d53eef9e2ded4230171bd79472 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 12 Sep 2018 19:48:30 -0500 +Subject: power: supply: sysfs: ratelimit property read error message + +From: David Lechner + +[ Upstream commit 87a2b65fc855e6be50f791c2ebbb492541896827 ] + +This adds rate limiting to the message that is printed when reading a +power supply property via sysfs returns an error. This will prevent +userspace applications from unintentionally dDOSing the system by +continuously reading a property that returns an error. + +Signed-off-by: David Lechner +Signed-off-by: Sebastian Reichel +Signed-off-by: Sasha Levin +--- + drivers/power/supply/power_supply_sysfs.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/drivers/power/supply/power_supply_sysfs.c b/drivers/power/supply/power_supply_sysfs.c +index c0fc98e03c912..85cb5b9c1b6f0 100644 +--- a/drivers/power/supply/power_supply_sysfs.c ++++ b/drivers/power/supply/power_supply_sysfs.c +@@ -84,7 +84,8 @@ static ssize_t power_supply_show_property(struct device *dev, + dev_dbg(dev, "driver has no data for `%s' property\n", + attr->attr.name); + else if (ret != -ENODEV && ret != -EAGAIN) +- dev_err(dev, "driver failed to report `%s' property: %zd\n", ++ dev_err_ratelimited(dev, ++ "driver failed to report `%s' property: %zd\n", + attr->attr.name, ret); + return ret; + } +-- +2.20.1 + diff --git a/queue-4.9/series b/queue-4.9/series index fb48fd34e5e..69a0f7d28fb 100644 --- a/queue-4.9/series +++ b/queue-4.9/series @@ -9,3 +9,7 @@ media-tvp5150-fix-switch-exit-in-set-control-handler.patch asoc-fsl-fix-of-node-refcount-unbalance-in-fsl_ssi_probe_from_dt.patch alsa-hda-add-laptop-imic-fixup-for-asus-m9v-laptop.patch objtool-clobber-user-cflags-variable.patch +mac80211-print-text-for-disassociation-reason.patch +mac80211-handle-deauthentication-disassociation-from.patch +power-supply-sysfs-ratelimit-property-read-error-mes.patch +locking-lockdep-add-debug_locks-check-in-__lock_down.patch