From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Mon, 5 Feb 2018 18:00:41 +0000 (-0800)
Subject: 4.14-stable patches
X-Git-Tag: v3.18.94~12
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9e3aedb4c07220e15a652db87b4a1d11f6e407ef;p=thirdparty%2Fkernel%2Fstable-queue.git

4.14-stable patches

added patches:
	fpga-region-release-of_parse_phandle-nodes-after-use.patch
	serial-core-mark-port-as-initialized-after-successful-irq-change.patch
---

diff --git a/queue-4.14/fpga-region-release-of_parse_phandle-nodes-after-use.patch b/queue-4.14/fpga-region-release-of_parse_phandle-nodes-after-use.patch
new file mode 100644
index 00000000000..e0b31dba304
--- /dev/null
+++ b/queue-4.14/fpga-region-release-of_parse_phandle-nodes-after-use.patch
@@ -0,0 +1,67 @@
+From 0f5eb1545907edeea7672a9c1652c4231150ff22 Mon Sep 17 00:00:00 2001
+From: Ian Abbott <abbotti@mev.co.uk>
+Date: Wed, 15 Nov 2017 16:33:12 -0600
+Subject: fpga: region: release of_parse_phandle nodes after use
+
+From: Ian Abbott <abbotti@mev.co.uk>
+
+commit 0f5eb1545907edeea7672a9c1652c4231150ff22 upstream.
+
+Both fpga_region_get_manager() and fpga_region_get_bridges() call
+of_parse_phandle(), but nothing calls of_node_put() on the returned
+struct device_node pointers.  Make sure to do that to stop their
+reference counters getting out of whack.
+
+Fixes: 0fa20cdfcc1f ("fpga: fpga-region: device tree control for FPGA")
+Signed-off-by: Ian Abbott <abbotti@mev.co.uk>
+Signed-off-by: Alan Tull <atull@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+
+---
+ drivers/fpga/fpga-region.c |   13 ++++++++++---
+ 1 file changed, 10 insertions(+), 3 deletions(-)
+
+--- a/drivers/fpga/fpga-region.c
++++ b/drivers/fpga/fpga-region.c
+@@ -147,6 +147,7 @@ static struct fpga_manager *fpga_region_
+ 			mgr_node = of_parse_phandle(np, "fpga-mgr", 0);
+ 			if (mgr_node) {
+ 				mgr = of_fpga_mgr_get(mgr_node);
++				of_node_put(mgr_node);
+ 				of_node_put(np);
+ 				return mgr;
+ 			}
+@@ -192,10 +193,13 @@ static int fpga_region_get_bridges(struc
+ 		parent_br = region_np->parent;
+ 
+ 	/* If overlay has a list of bridges, use it. */
+-	if (of_parse_phandle(overlay, "fpga-bridges", 0))
++	br = of_parse_phandle(overlay, "fpga-bridges", 0);
++	if (br) {
++		of_node_put(br);
+ 		np = overlay;
+-	else
++	} else {
+ 		np = region_np;
++	}
+ 
+ 	for (i = 0; ; i++) {
+ 		br = of_parse_phandle(np, "fpga-bridges", i);
+@@ -203,12 +207,15 @@ static int fpga_region_get_bridges(struc
+ 			break;
+ 
+ 		/* If parent bridge is in list, skip it. */
+-		if (br == parent_br)
++		if (br == parent_br) {
++			of_node_put(br);
+ 			continue;
++		}
+ 
+ 		/* If node is a bridge, get it and add to list */
+ 		ret = fpga_bridge_get_to_list(br, region->info,
+ 					      &region->bridge_list);
++		of_node_put(br);
+ 
+ 		/* If any of the bridges are in use, give up */
+ 		if (ret == -EBUSY) {
diff --git a/queue-4.14/serial-core-mark-port-as-initialized-after-successful-irq-change.patch b/queue-4.14/serial-core-mark-port-as-initialized-after-successful-irq-change.patch
new file mode 100644
index 00000000000..00e4a656fb2
--- /dev/null
+++ b/queue-4.14/serial-core-mark-port-as-initialized-after-successful-irq-change.patch
@@ -0,0 +1,43 @@
+From 44117a1d1732c513875d5a163f10d9adbe866c08 Mon Sep 17 00:00:00 2001
+From: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
+Date: Thu, 11 Jan 2018 18:57:26 +0100
+Subject: serial: core: mark port as initialized after successful IRQ change
+
+From: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
+
+commit 44117a1d1732c513875d5a163f10d9adbe866c08 upstream.
+
+setserial changes the IRQ via uart_set_info(). It invokes
+uart_shutdown() which free the current used IRQ and clear
+TTY_PORT_INITIALIZED. It will then update the IRQ number and invoke
+uart_startup() before returning to the caller leaving
+TTY_PORT_INITIALIZED cleared.
+
+The next open will crash with
+|  list_add double add: new=ffffffff839fcc98, prev=ffffffff839fcc98, next=ffffffff839fcc98.
+since the close from the IOCTL won't free the IRQ (and clean the list)
+due to the TTY_PORT_INITIALIZED check in uart_shutdown().
+
+There is same pattern in uart_do_autoconfig() and I *think* it also
+needs to set TTY_PORT_INITIALIZED there.
+Is there a reason why uart_startup() does not set the flag by itself
+after the IRQ has been acquired (since it is cleared in uart_shutdown)?
+
+Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/tty/serial/serial_core.c |    2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/drivers/tty/serial/serial_core.c
++++ b/drivers/tty/serial/serial_core.c
+@@ -987,6 +987,8 @@ static int uart_set_info(struct tty_stru
+ 		}
+ 	} else {
+ 		retval = uart_startup(tty, state, 1);
++		if (retval == 0)
++			tty_port_set_initialized(port, true);
+ 		if (retval > 0)
+ 			retval = 0;
+ 	}
diff --git a/queue-4.14/series b/queue-4.14/series
index e6e6c4be78d..9fcecb5fef6 100644
--- a/queue-4.14/series
+++ b/queue-4.14/series
@@ -60,3 +60,5 @@ KVMx86_Add_IBPB_support.patch
 KVMVMX_Emulate_MSR_IA32_ARCH_CAPABILITIES.patch
 KVMVMX_Allow_direct_access_to_MSR_IA32_SPEC_CTRL.patch
 KVMSVM_Allow_direct_access_to_MSR_IA32_SPEC_CTRL.patch
+serial-core-mark-port-as-initialized-after-successful-irq-change.patch
+fpga-region-release-of_parse_phandle-nodes-after-use.patch