From: Greg Kroah-Hartman Date: Mon, 21 Nov 2016 11:40:39 +0000 (+0100) Subject: 4.8-stable patches X-Git-Tag: v4.4.35~7 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=afad7e0e67ef545a4d92507a236f0666c33d3ad4;p=thirdparty%2Fkernel%2Fstable-queue.git 4.8-stable patches added patches: alsa-hda-add-a-new-condition-to-check-if-it-is-thinkpad.patch alsa-hda-fix-mic-regression-by-asrock-mobo-fixup.patch alsa-usb-audio-fix-use-after-free-of-usb_device-at-disconnect.patch arm-dts-imx53-qsb-fix-regulator-constraints.patch can-bcm-fix-warning-in-bcm_connect-proc_register.patch disable-the-__builtin_return_address-warning-globally-after-all.patch ext4-sanity-check-the-block-and-cluster-size-at-mount-time.patch ftrace-add-more-checks-for-ftrace_fl_disabled-in-processing-ip-records.patch ftrace-ignore-ftrace_fl_disabled-while-walking-dyn_ftrace-records.patch fuse-fix-fuse_write_end-if-zero-bytes-were-copied.patch genirq-use-irq-type-from-irqdata-instead-of-irqdesc.patch gpio-do-not-double-check-direction-on-sleeping-chips.patch i2c-i2c-mux-pca954x-fix-deselect-enabling-for-device-tree.patch i2c-mux-fix-up-dependencies.patch ib-hfi1-fix-rnr_timer-addition.patch ib-rdmavt-rdmavt-can-handle-non-aligned-page-maps.patch kbuild-add-fno-pie.patch kbuild-steal-gcc-s-pie-from-the-very-beginning.patch mfd-intel-lpss-do-not-put-device-in-reset-state-on-suspend.patch mfd-stmpe-fix-reset-regression-on-stmpe2401.patch scripts-has-stack-protector-add-fno-pie.patch x86-kexec-add-fno-pie.patch --- diff --git a/queue-4.8/alsa-hda-add-a-new-condition-to-check-if-it-is-thinkpad.patch b/queue-4.8/alsa-hda-add-a-new-condition-to-check-if-it-is-thinkpad.patch new file mode 100644 index 00000000000..7d8646eccae --- /dev/null +++ b/queue-4.8/alsa-hda-add-a-new-condition-to-check-if-it-is-thinkpad.patch @@ -0,0 +1,36 @@ +From 2ecb704a1290edb5e3d53a75529192e7ed2a1a28 Mon Sep 17 00:00:00 2001 +From: Hui Wang +Date: Thu, 10 Nov 2016 13:20:05 +0800 +Subject: ALSA: hda - add a new condition to check if it is thinkpad + +From: Hui Wang + +commit 2ecb704a1290edb5e3d53a75529192e7ed2a1a28 upstream. + +Latest Thinkpad laptops use the HKEY_HID LEN0268 instead of the +LEN0068, as a result neither audio mute led nor mic mute led can work +any more. + +After adding the new HKEY_HID into the is_thinkpad(), both of them +works well as before. + +Signed-off-by: Hui Wang +Signed-off-by: Takashi Iwai +Signed-off-by: Greg Kroah-Hartman + +--- + sound/pci/hda/thinkpad_helper.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/sound/pci/hda/thinkpad_helper.c ++++ b/sound/pci/hda/thinkpad_helper.c +@@ -13,7 +13,8 @@ static void (*old_vmaster_hook)(void *, + static bool is_thinkpad(struct hda_codec *codec) + { + return (codec->core.subsystem_id >> 16 == 0x17aa) && +- (acpi_dev_found("LEN0068") || acpi_dev_found("IBM0068")); ++ (acpi_dev_found("LEN0068") || acpi_dev_found("LEN0268") || ++ acpi_dev_found("IBM0068")); + } + + static void update_tpacpi_mute_led(void *private_data, int enabled) diff --git a/queue-4.8/alsa-hda-fix-mic-regression-by-asrock-mobo-fixup.patch b/queue-4.8/alsa-hda-fix-mic-regression-by-asrock-mobo-fixup.patch new file mode 100644 index 00000000000..f18e0c296b2 --- /dev/null +++ b/queue-4.8/alsa-hda-fix-mic-regression-by-asrock-mobo-fixup.patch @@ -0,0 +1,44 @@ +From 9a2541910dc7eaaa6859eea8a0ffda673059a623 Mon Sep 17 00:00:00 2001 +From: Takashi Iwai +Date: Fri, 11 Nov 2016 12:33:20 +0100 +Subject: ALSA: hda - Fix mic regression by ASRock mobo fixup + +From: Takashi Iwai + +commit 9a2541910dc7eaaa6859eea8a0ffda673059a623 upstream. + +The commit [1a3f099101b8: ALSA: hda - Fix surround output pins for +ASRock B150M mobo] introduced a fixup of pin configs for ASRock +mobos to fix the surround outputs. However, this overrides the pin +configs of the mic pins as if they are outputs-only, effectively +disabling the mic inputs. Of course, it's a regression wrt mic +functionality. + +Actually the pins 0x18 and 0x1a don't need to be changed; we just need +to disable the bogus pins 0x14 and 0x15. Then the auto-parser will +pick up mic pins as switchable and assign the surround outputs there. + +This patch removes the incorrect pin overrides of NID 0x18 and 0x1a +from the ASRock fixup. + +Fixes: 1a3f099101b8 ('ALSA: hda - Fix surround output pins for ASRock...') +Reported-and-tested-by: Vitor Antunes +Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=187431 +Signed-off-by: Takashi Iwai +Signed-off-by: Greg Kroah-Hartman + +--- + sound/pci/hda/patch_realtek.c | 2 -- + 1 file changed, 2 deletions(-) + +--- a/sound/pci/hda/patch_realtek.c ++++ b/sound/pci/hda/patch_realtek.c +@@ -6905,8 +6905,6 @@ static const struct hda_fixup alc662_fix + .v.pins = (const struct hda_pintbl[]) { + { 0x15, 0x40f000f0 }, /* disabled */ + { 0x16, 0x40f000f0 }, /* disabled */ +- { 0x18, 0x01014011 }, /* LO */ +- { 0x1a, 0x01014012 }, /* LO */ + { } + } + }, diff --git a/queue-4.8/alsa-usb-audio-fix-use-after-free-of-usb_device-at-disconnect.patch b/queue-4.8/alsa-usb-audio-fix-use-after-free-of-usb_device-at-disconnect.patch new file mode 100644 index 00000000000..4ec14f2af56 --- /dev/null +++ b/queue-4.8/alsa-usb-audio-fix-use-after-free-of-usb_device-at-disconnect.patch @@ -0,0 +1,78 @@ +From 6ff1a25318ebf688ef9593fe09cd449f6fb4ad31 Mon Sep 17 00:00:00 2001 +From: Takashi Iwai +Date: Mon, 14 Nov 2016 21:46:47 +0100 +Subject: ALSA: usb-audio: Fix use-after-free of usb_device at disconnect + +From: Takashi Iwai + +commit 6ff1a25318ebf688ef9593fe09cd449f6fb4ad31 upstream. + +The usb-audio driver implements the deferred device disconnection for +the device in use. In this mode, the disconnection callback returns +immediately while the actual ALSA card object removal happens later +when all files get closed. As Shuah reported, this code flow, +however, leads to a use-after-free, detected by KASAN: + + BUG: KASAN: use-after-free in snd_usb_audio_free+0x134/0x160 [snd_usb_audio] at addr ffff8801c863ce10 + Write of size 8 by task pulseaudio/2244 + Call Trace: + [] dump_stack+0x67/0x94 + [] kasan_object_err+0x21/0x70 + [] kasan_report_error+0x1fa/0x4e0 + [] ? kasan_slab_free+0x87/0xb0 + [] __asan_report_store8_noabort+0x43/0x50 + [] ? snd_usb_audio_free+0x134/0x160 [snd_usb_audio] + [] snd_usb_audio_free+0x134/0x160 [snd_usb_audio] + [] snd_usb_audio_dev_free+0x31/0x40 [snd_usb_audio] + [] __snd_device_free+0x12a/0x210 + [] snd_device_free_all+0x85/0xd0 + [] release_card_device+0x34/0x130 + [] device_release+0x76/0x1e0 + [] kobject_release+0x107/0x370 + ..... + Object at ffff8801c863cc80, in cache kmalloc-2048 size: 2048 + Allocated: + [] save_stack_trace+0x2b/0x50 + [] save_stack+0x46/0xd0 + [] kasan_kmalloc+0xad/0xe0 + [] kmem_cache_alloc_trace+0xfa/0x240 + [] usb_alloc_dev+0x57/0xc90 + [] hub_event+0xf1d/0x35f0 + .... + Freed: + [] save_stack_trace+0x2b/0x50 + [] save_stack+0x46/0xd0 + [] kasan_slab_free+0x71/0xb0 + [] kfree+0xd9/0x280 + [] usb_release_dev+0xde/0x110 + [] device_release+0x76/0x1e0 + .... + +It's the code trying to clear drvdata of the assigned usb_device where +the usb_device itself was already released in usb_release_dev() after +the disconnect callback. + +This patch fixes it by checking whether the code path is via the +disconnect callback, i.e. chip->shutdown flag is set. + +Fixes: 79289e24194a ('ALSA: usb-audio: Refer to chip->usb_id for quirks...') +Reported-and-tested-by: Shuah Khan +Signed-off-by: Takashi Iwai +Signed-off-by: Greg Kroah-Hartman + +--- + sound/usb/card.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/sound/usb/card.c ++++ b/sound/usb/card.c +@@ -315,7 +315,8 @@ static int snd_usb_audio_free(struct snd + snd_usb_endpoint_free(ep); + + mutex_destroy(&chip->mutex); +- dev_set_drvdata(&chip->dev->dev, NULL); ++ if (!atomic_read(&chip->shutdown)) ++ dev_set_drvdata(&chip->dev->dev, NULL); + kfree(chip); + return 0; + } diff --git a/queue-4.8/arm-dts-imx53-qsb-fix-regulator-constraints.patch b/queue-4.8/arm-dts-imx53-qsb-fix-regulator-constraints.patch new file mode 100644 index 00000000000..c6975425f04 --- /dev/null +++ b/queue-4.8/arm-dts-imx53-qsb-fix-regulator-constraints.patch @@ -0,0 +1,71 @@ +From e3c9d9d6ebfeeeee29c6240e1b5978d40d31d21f Mon Sep 17 00:00:00 2001 +From: Fabio Estevam +Date: Thu, 27 Oct 2016 13:06:44 -0200 +Subject: ARM: dts: imx53-qsb: Fix regulator constraints + +From: Fabio Estevam + +commit e3c9d9d6ebfeeeee29c6240e1b5978d40d31d21f upstream. + +Since commit fa93fd4ecc9c ("regulator: core: Ensure we are at least in +bounds for our constraints") the imx53-qsb board populated with a Dialog +DA9053 PMIC fails to boot: + +LDO3: Bringing 3300000uV into 1800000-1800000uV + +The LDO3 voltage constraints passed in the device tree do not match +the valid range according to the datasheet, so fix this accordingly to +allow the board booting again. + +While at it, fix the other voltage constraints as well. + +Signed-off-by: Fabio Estevam +Signed-off-by: Shawn Guo +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm/boot/dts/imx53-qsb.dts | 14 +++++++------- + 1 file changed, 7 insertions(+), 7 deletions(-) + +--- a/arch/arm/boot/dts/imx53-qsb.dts ++++ b/arch/arm/boot/dts/imx53-qsb.dts +@@ -64,8 +64,8 @@ + }; + + ldo3_reg: ldo3 { +- regulator-min-microvolt = <600000>; +- regulator-max-microvolt = <1800000>; ++ regulator-min-microvolt = <1725000>; ++ regulator-max-microvolt = <3300000>; + regulator-always-on; + }; + +@@ -76,8 +76,8 @@ + }; + + ldo5_reg: ldo5 { +- regulator-min-microvolt = <1725000>; +- regulator-max-microvolt = <3300000>; ++ regulator-min-microvolt = <1200000>; ++ regulator-max-microvolt = <3600000>; + regulator-always-on; + }; + +@@ -100,14 +100,14 @@ + }; + + ldo9_reg: ldo9 { +- regulator-min-microvolt = <1200000>; ++ regulator-min-microvolt = <1250000>; + regulator-max-microvolt = <3600000>; + regulator-always-on; + }; + + ldo10_reg: ldo10 { +- regulator-min-microvolt = <1250000>; +- regulator-max-microvolt = <3650000>; ++ regulator-min-microvolt = <1200000>; ++ regulator-max-microvolt = <3600000>; + regulator-always-on; + }; + }; diff --git a/queue-4.8/can-bcm-fix-warning-in-bcm_connect-proc_register.patch b/queue-4.8/can-bcm-fix-warning-in-bcm_connect-proc_register.patch new file mode 100644 index 00000000000..c4218a77bc9 --- /dev/null +++ b/queue-4.8/can-bcm-fix-warning-in-bcm_connect-proc_register.patch @@ -0,0 +1,95 @@ +From deb507f91f1adbf64317ad24ac46c56eeccfb754 Mon Sep 17 00:00:00 2001 +From: Oliver Hartkopp +Date: Mon, 24 Oct 2016 21:11:26 +0200 +Subject: can: bcm: fix warning in bcm_connect/proc_register + +From: Oliver Hartkopp + +commit deb507f91f1adbf64317ad24ac46c56eeccfb754 upstream. + +Andrey Konovalov reported an issue with proc_register in bcm.c. +As suggested by Cong Wang this patch adds a lock_sock() protection and +a check for unsuccessful proc_create_data() in bcm_connect(). + +Reference: http://marc.info/?l=linux-netdev&m=147732648731237 + +Reported-by: Andrey Konovalov +Suggested-by: Cong Wang +Signed-off-by: Oliver Hartkopp +Acked-by: Cong Wang +Tested-by: Andrey Konovalov +Signed-off-by: Marc Kleine-Budde +Signed-off-by: Greg Kroah-Hartman + +--- + net/can/bcm.c | 32 +++++++++++++++++++++++--------- + 1 file changed, 23 insertions(+), 9 deletions(-) + +--- a/net/can/bcm.c ++++ b/net/can/bcm.c +@@ -1549,24 +1549,31 @@ static int bcm_connect(struct socket *so + struct sockaddr_can *addr = (struct sockaddr_can *)uaddr; + struct sock *sk = sock->sk; + struct bcm_sock *bo = bcm_sk(sk); ++ int ret = 0; + + if (len < sizeof(*addr)) + return -EINVAL; + +- if (bo->bound) +- return -EISCONN; ++ lock_sock(sk); ++ ++ if (bo->bound) { ++ ret = -EISCONN; ++ goto fail; ++ } + + /* bind a device to this socket */ + if (addr->can_ifindex) { + struct net_device *dev; + + dev = dev_get_by_index(&init_net, addr->can_ifindex); +- if (!dev) +- return -ENODEV; +- ++ if (!dev) { ++ ret = -ENODEV; ++ goto fail; ++ } + if (dev->type != ARPHRD_CAN) { + dev_put(dev); +- return -ENODEV; ++ ret = -ENODEV; ++ goto fail; + } + + bo->ifindex = dev->ifindex; +@@ -1577,17 +1584,24 @@ static int bcm_connect(struct socket *so + bo->ifindex = 0; + } + +- bo->bound = 1; +- + if (proc_dir) { + /* unique socket address as filename */ + sprintf(bo->procname, "%lu", sock_i_ino(sk)); + bo->bcm_proc_read = proc_create_data(bo->procname, 0644, + proc_dir, + &bcm_proc_fops, sk); ++ if (!bo->bcm_proc_read) { ++ ret = -ENOMEM; ++ goto fail; ++ } + } + +- return 0; ++ bo->bound = 1; ++ ++fail: ++ release_sock(sk); ++ ++ return ret; + } + + static int bcm_recvmsg(struct socket *sock, struct msghdr *msg, size_t size, diff --git a/queue-4.8/disable-the-__builtin_return_address-warning-globally-after-all.patch b/queue-4.8/disable-the-__builtin_return_address-warning-globally-after-all.patch new file mode 100644 index 00000000000..7d1c673f8b7 --- /dev/null +++ b/queue-4.8/disable-the-__builtin_return_address-warning-globally-after-all.patch @@ -0,0 +1,71 @@ +From ef6000b4c6706cbb1787836442b5a74542b1809f Mon Sep 17 00:00:00 2001 +From: Linus Torvalds +Date: Wed, 12 Oct 2016 10:23:41 -0700 +Subject: Disable the __builtin_return_address() warning globally after all + +From: Linus Torvalds + +commit ef6000b4c6706cbb1787836442b5a74542b1809f upstream. + +This affectively reverts commit 377ccbb48373 ("Makefile: Mute warning +for __builtin_return_address(>0) for tracing only") because it turns out +that it really isn't tracing only - it's all over the tree. + +We already also had the warning disabled separately for mm/usercopy.c +(which this commit also removes), and it turns out that we will also +want to disable it for get_lock_parent_ip(), that is used for at least +TRACE_IRQFLAGS. Which (when enabled) ends up being all over the tree. + +Steven Rostedt had a patch that tried to limit it to just the config +options that actually triggered this, but quite frankly, the extra +complexity and abstraction just isn't worth it. We have never actually +had a case where the warning is actually useful, so let's just disable +it globally and not worry about it. + +Acked-by: Steven Rostedt +Cc: Thomas Gleixner +Cc: Andrew Morton +Cc: Ingo Molnar +Cc: Peter Anvin +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + Makefile | 1 + + kernel/trace/Makefile | 4 ---- + mm/Makefile | 3 --- + 3 files changed, 1 insertion(+), 7 deletions(-) + +--- a/Makefile ++++ b/Makefile +@@ -621,6 +621,7 @@ include arch/$(SRCARCH)/Makefile + + KBUILD_CFLAGS += $(call cc-option,-fno-delete-null-pointer-checks,) + KBUILD_CFLAGS += $(call cc-disable-warning,maybe-uninitialized,) ++KBUILD_CFLAGS += $(call cc-disable-warning,frame-address,) + + ifdef CONFIG_CC_OPTIMIZE_FOR_SIZE + KBUILD_CFLAGS += -Os +--- a/kernel/trace/Makefile ++++ b/kernel/trace/Makefile +@@ -1,8 +1,4 @@ + +-# We are fully aware of the dangers of __builtin_return_address() +-FRAME_CFLAGS := $(call cc-disable-warning,frame-address) +-KBUILD_CFLAGS += $(FRAME_CFLAGS) +- + # Do not instrument the tracer itself: + + ifdef CONFIG_FUNCTION_TRACER +--- a/mm/Makefile ++++ b/mm/Makefile +@@ -21,9 +21,6 @@ KCOV_INSTRUMENT_memcontrol.o := n + KCOV_INSTRUMENT_mmzone.o := n + KCOV_INSTRUMENT_vmstat.o := n + +-# Since __builtin_frame_address does work as used, disable the warning. +-CFLAGS_usercopy.o += $(call cc-disable-warning, frame-address) +- + mmu-y := nommu.o + mmu-$(CONFIG_MMU) := gup.o highmem.o memory.o mincore.o \ + mlock.o mmap.o mprotect.o mremap.o msync.o rmap.o \ diff --git a/queue-4.8/ext4-sanity-check-the-block-and-cluster-size-at-mount-time.patch b/queue-4.8/ext4-sanity-check-the-block-and-cluster-size-at-mount-time.patch new file mode 100644 index 00000000000..2d84140ea3e --- /dev/null +++ b/queue-4.8/ext4-sanity-check-the-block-and-cluster-size-at-mount-time.patch @@ -0,0 +1,68 @@ +From 8cdf3372fe8368f56315e66bea9f35053c418093 Mon Sep 17 00:00:00 2001 +From: Theodore Ts'o +Date: Fri, 18 Nov 2016 13:00:24 -0500 +Subject: ext4: sanity check the block and cluster size at mount time + +From: Theodore Ts'o + +commit 8cdf3372fe8368f56315e66bea9f35053c418093 upstream. + +If the block size or cluster size is insane, reject the mount. This +is important for security reasons (although we shouldn't be just +depending on this check). + +Ref: http://www.securityfocus.com/archive/1/539661 +Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1332506 +Reported-by: Borislav Petkov +Reported-by: Nikolay Borisov +Signed-off-by: Theodore Ts'o +Signed-off-by: Greg Kroah-Hartman + +--- + fs/ext4/ext4.h | 1 + + fs/ext4/super.c | 17 ++++++++++++++++- + 2 files changed, 17 insertions(+), 1 deletion(-) + +--- a/fs/ext4/ext4.h ++++ b/fs/ext4/ext4.h +@@ -235,6 +235,7 @@ struct ext4_io_submit { + #define EXT4_MAX_BLOCK_SIZE 65536 + #define EXT4_MIN_BLOCK_LOG_SIZE 10 + #define EXT4_MAX_BLOCK_LOG_SIZE 16 ++#define EXT4_MAX_CLUSTER_LOG_SIZE 30 + #ifdef __KERNEL__ + # define EXT4_BLOCK_SIZE(s) ((s)->s_blocksize) + #else +--- a/fs/ext4/super.c ++++ b/fs/ext4/super.c +@@ -3518,7 +3518,15 @@ static int ext4_fill_super(struct super_ + if (blocksize < EXT4_MIN_BLOCK_SIZE || + blocksize > EXT4_MAX_BLOCK_SIZE) { + ext4_msg(sb, KERN_ERR, +- "Unsupported filesystem blocksize %d", blocksize); ++ "Unsupported filesystem blocksize %d (%d log_block_size)", ++ blocksize, le32_to_cpu(es->s_log_block_size)); ++ goto failed_mount; ++ } ++ if (le32_to_cpu(es->s_log_block_size) > ++ (EXT4_MAX_BLOCK_LOG_SIZE - EXT4_MIN_BLOCK_LOG_SIZE)) { ++ ext4_msg(sb, KERN_ERR, ++ "Invalid log block size: %u", ++ le32_to_cpu(es->s_log_block_size)); + goto failed_mount; + } + +@@ -3650,6 +3658,13 @@ static int ext4_fill_super(struct super_ + "block size (%d)", clustersize, blocksize); + goto failed_mount; + } ++ if (le32_to_cpu(es->s_log_cluster_size) > ++ (EXT4_MAX_CLUSTER_LOG_SIZE - EXT4_MIN_BLOCK_LOG_SIZE)) { ++ ext4_msg(sb, KERN_ERR, ++ "Invalid log cluster size: %u", ++ le32_to_cpu(es->s_log_cluster_size)); ++ goto failed_mount; ++ } + sbi->s_cluster_bits = le32_to_cpu(es->s_log_cluster_size) - + le32_to_cpu(es->s_log_block_size); + sbi->s_clusters_per_group = diff --git a/queue-4.8/ftrace-add-more-checks-for-ftrace_fl_disabled-in-processing-ip-records.patch b/queue-4.8/ftrace-add-more-checks-for-ftrace_fl_disabled-in-processing-ip-records.patch new file mode 100644 index 00000000000..7f237f815c2 --- /dev/null +++ b/queue-4.8/ftrace-add-more-checks-for-ftrace_fl_disabled-in-processing-ip-records.patch @@ -0,0 +1,95 @@ +From 546fece4eae871f033925ccf0ff2b740725ae915 Mon Sep 17 00:00:00 2001 +From: "Steven Rostedt (Red Hat)" +Date: Mon, 14 Nov 2016 16:31:49 -0500 +Subject: ftrace: Add more checks for FTRACE_FL_DISABLED in processing ip records + +From: Steven Rostedt (Red Hat) + +commit 546fece4eae871f033925ccf0ff2b740725ae915 upstream. + +When a module is first loaded and its function ip records are added to the +ftrace list of functions to modify, they are set to DISABLED, as their text +is still in a read only state. When the module is fully loaded, and can be +updated, the flag is cleared, and if their's any functions that should be +tracing them, it is updated at that moment. + +But there's several locations that do record accounting and should ignore +records that are marked as disabled, or they can cause issues. + +Alexei already fixed one location, but others need to be addressed. + +Fixes: b7ffffbb46f2 "ftrace: Add infrastructure for delayed enabling of module functions" +Reported-by: Alexei Starovoitov +Signed-off-by: Steven Rostedt +Signed-off-by: Greg Kroah-Hartman + +--- + kernel/trace/ftrace.c | 22 ++++++++++++++++++++++ + 1 file changed, 22 insertions(+) + +--- a/kernel/trace/ftrace.c ++++ b/kernel/trace/ftrace.c +@@ -1856,6 +1856,10 @@ static int __ftrace_hash_update_ipmodify + + /* Update rec->flags */ + do_for_each_ftrace_rec(pg, rec) { ++ ++ if (rec->flags & FTRACE_FL_DISABLED) ++ continue; ++ + /* We need to update only differences of filter_hash */ + in_old = !!ftrace_lookup_ip(old_hash, rec->ip); + in_new = !!ftrace_lookup_ip(new_hash, rec->ip); +@@ -1878,6 +1882,10 @@ rollback: + + /* Roll back what we did above */ + do_for_each_ftrace_rec(pg, rec) { ++ ++ if (rec->flags & FTRACE_FL_DISABLED) ++ continue; ++ + if (rec == end) + goto err_out; + +@@ -2391,6 +2399,10 @@ void __weak ftrace_replace_code(int enab + return; + + do_for_each_ftrace_rec(pg, rec) { ++ ++ if (rec->flags & FTRACE_FL_DISABLED) ++ continue; ++ + failed = __ftrace_replace_code(rec, enable); + if (failed) { + ftrace_bug(failed, rec); +@@ -3592,6 +3604,10 @@ match_records(struct ftrace_hash *hash, + goto out_unlock; + + do_for_each_ftrace_rec(pg, rec) { ++ ++ if (rec->flags & FTRACE_FL_DISABLED) ++ continue; ++ + if (ftrace_match_record(rec, &func_g, mod_match, exclude_mod)) { + ret = enter_record(hash, rec, clear_filter); + if (ret < 0) { +@@ -3787,6 +3803,9 @@ register_ftrace_function_probe(char *glo + + do_for_each_ftrace_rec(pg, rec) { + ++ if (rec->flags & FTRACE_FL_DISABLED) ++ continue; ++ + if (!ftrace_match_record(rec, &func_g, NULL, 0)) + continue; + +@@ -4679,6 +4698,9 @@ ftrace_set_func(unsigned long *array, in + + do_for_each_ftrace_rec(pg, rec) { + ++ if (rec->flags & FTRACE_FL_DISABLED) ++ continue; ++ + if (ftrace_match_record(rec, &func_g, NULL, 0)) { + /* if it is in the array */ + exists = false; diff --git a/queue-4.8/ftrace-ignore-ftrace_fl_disabled-while-walking-dyn_ftrace-records.patch b/queue-4.8/ftrace-ignore-ftrace_fl_disabled-while-walking-dyn_ftrace-records.patch new file mode 100644 index 00000000000..7667ecf9711 --- /dev/null +++ b/queue-4.8/ftrace-ignore-ftrace_fl_disabled-while-walking-dyn_ftrace-records.patch @@ -0,0 +1,45 @@ +From 977c1f9c8c022d0173181766b34a0db3705265a4 Mon Sep 17 00:00:00 2001 +From: Alexei Starovoitov +Date: Mon, 7 Nov 2016 15:14:20 -0800 +Subject: ftrace: Ignore FTRACE_FL_DISABLED while walking dyn_ftrace records + +From: Alexei Starovoitov + +commit 977c1f9c8c022d0173181766b34a0db3705265a4 upstream. + +ftrace_shutdown() checks for sanity of ftrace records +and if dyn_ftrace->flags is not zero, it will warn. +It can happen that 'flags' are set to FTRACE_FL_DISABLED at this point, +since some module was loaded, but before ftrace_module_enable() +cleared the flags for this module. + +In other words the module.c is doing: +ftrace_module_init(mod); // calls ftrace_update_code() that sets flags=FTRACE_FL_DISABLED +... // here ftrace_shutdown() is called that warns, since +err = prepare_coming_module(mod); // didn't have a chance to clear FTRACE_FL_DISABLED + +Fix it by ignoring disabled records. +It's similar to what __ftrace_hash_rec_update() is already doing. + +Link: http://lkml.kernel.org/r/1478560460-3818619-1-git-send-email-ast@fb.com + +Fixes: b7ffffbb46f2 "ftrace: Add infrastructure for delayed enabling of module functions" +Signed-off-by: Alexei Starovoitov +Signed-off-by: Steven Rostedt +Signed-off-by: Greg Kroah-Hartman + +--- + kernel/trace/ftrace.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/kernel/trace/ftrace.c ++++ b/kernel/trace/ftrace.c +@@ -2757,7 +2757,7 @@ static int ftrace_shutdown(struct ftrace + struct dyn_ftrace *rec; + + do_for_each_ftrace_rec(pg, rec) { +- if (FTRACE_WARN_ON_ONCE(rec->flags)) ++ if (FTRACE_WARN_ON_ONCE(rec->flags & ~FTRACE_FL_DISABLED)) + pr_warn(" %pS flags:%lx\n", + (void *)rec->ip, rec->flags); + } while_for_each_ftrace_rec(); diff --git a/queue-4.8/fuse-fix-fuse_write_end-if-zero-bytes-were-copied.patch b/queue-4.8/fuse-fix-fuse_write_end-if-zero-bytes-were-copied.patch new file mode 100644 index 00000000000..6e00b641309 --- /dev/null +++ b/queue-4.8/fuse-fix-fuse_write_end-if-zero-bytes-were-copied.patch @@ -0,0 +1,46 @@ +From 59c3b76cc61d1d676f965c192cc7969aa5cb2744 Mon Sep 17 00:00:00 2001 +From: Miklos Szeredi +Date: Thu, 18 Aug 2016 09:10:44 +0200 +Subject: fuse: fix fuse_write_end() if zero bytes were copied + +From: Miklos Szeredi + +commit 59c3b76cc61d1d676f965c192cc7969aa5cb2744 upstream. + +If pos is at the beginning of a page and copied is zero then page is not +zeroed but is marked uptodate. + +Fix by skipping everything except unlock/put of page if zero bytes were +copied. + +Reported-by: Al Viro +Fixes: 6b12c1b37e55 ("fuse: Implement write_begin/write_end callbacks") +Signed-off-by: Miklos Szeredi +Signed-off-by: Greg Kroah-Hartman + +--- + fs/fuse/file.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +--- a/fs/fuse/file.c ++++ b/fs/fuse/file.c +@@ -1985,6 +1985,10 @@ static int fuse_write_end(struct file *f + { + struct inode *inode = page->mapping->host; + ++ /* Haven't copied anything? Skip zeroing, size extending, dirtying. */ ++ if (!copied) ++ goto unlock; ++ + if (!PageUptodate(page)) { + /* Zero any unwritten bytes at the end of the page */ + size_t endoff = (pos + copied) & ~PAGE_MASK; +@@ -1995,6 +1999,8 @@ static int fuse_write_end(struct file *f + + fuse_write_update_size(inode, pos + copied); + set_page_dirty(page); ++ ++unlock: + unlock_page(page); + put_page(page); + diff --git a/queue-4.8/genirq-use-irq-type-from-irqdata-instead-of-irqdesc.patch b/queue-4.8/genirq-use-irq-type-from-irqdata-instead-of-irqdesc.patch new file mode 100644 index 00000000000..2b32d83f1ac --- /dev/null +++ b/queue-4.8/genirq-use-irq-type-from-irqdata-instead-of-irqdesc.patch @@ -0,0 +1,64 @@ +From 7ee7e87dfb158e79019ea1d5ea1b0e6f2bc93ee4 Mon Sep 17 00:00:00 2001 +From: Thomas Gleixner +Date: Mon, 7 Nov 2016 19:57:00 +0100 +Subject: genirq: Use irq type from irqdata instead of irqdesc + +From: Thomas Gleixner + +commit 7ee7e87dfb158e79019ea1d5ea1b0e6f2bc93ee4 upstream. + +The type flags in the irq descriptor are there for historical reasons and +only updated via irq_modify_status() or irq_set_type(). Both functions also +update the type flags in irqdata. __setup_irq() is the only left over user +of the type flags in the irq descriptor. + +If __setup_irq() is called with empty irq type flags, then the type flags +are retrieved from irqdata. If an interrupt is shared, then the type flags +are compared with the type flags stored in the irq descriptor. + +On x86 the ioapic does not have a irq_set_type() callback because the type +is defined in the BIOS tables and cannot be changed. The type is stored in +irqdata at setup time without updating the type data in the irq +descriptor. As a result the comparison described above fails. + +There is no point in updating the irq descriptor flags because the only +relevant storage is irqdata. Use the type flags from irqdata for both +retrieval and comparison in __setup_irq() instead. + +Aside of that the print out in case of non matching type flags has the old +and new type flags arguments flipped. Fix that as well. + +For correctness sake the flags stored in the irq descriptor should be +removed, but this is beyond the scope of this bugfix and will be done in a +later patch. + +Fixes: 4b357daed698 ("genirq: Look-up trigger type if not specified by caller") +Reported-and-tested-by: Mika Westerberg +Signed-off-by: Thomas Gleixner +Cc: Marc Zyngier +Cc: Jon Hunter +Link: http://lkml.kernel.org/r/alpine.DEB.2.20.1611072020360.3501@nanos +Signed-off-by: Thomas Gleixner +Signed-off-by: Greg Kroah-Hartman + +--- + kernel/irq/manage.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/kernel/irq/manage.c ++++ b/kernel/irq/manage.c +@@ -1341,12 +1341,12 @@ __setup_irq(unsigned int irq, struct irq + + } else if (new->flags & IRQF_TRIGGER_MASK) { + unsigned int nmsk = new->flags & IRQF_TRIGGER_MASK; +- unsigned int omsk = irq_settings_get_trigger_mask(desc); ++ unsigned int omsk = irqd_get_trigger_type(&desc->irq_data); + + if (nmsk != omsk) + /* hope the handler works with current trigger mode */ + pr_warn("irq %d uses trigger mode %u; requested %u\n", +- irq, nmsk, omsk); ++ irq, omsk, nmsk); + } + + *old_ptr = new; diff --git a/queue-4.8/gpio-do-not-double-check-direction-on-sleeping-chips.patch b/queue-4.8/gpio-do-not-double-check-direction-on-sleeping-chips.patch new file mode 100644 index 00000000000..b6bbf3feaa0 --- /dev/null +++ b/queue-4.8/gpio-do-not-double-check-direction-on-sleeping-chips.patch @@ -0,0 +1,56 @@ +From 60f8339eb388df8a46f8eb4282ff0e15f08f218c Mon Sep 17 00:00:00 2001 +From: Linus Walleij +Date: Sat, 12 Nov 2016 15:01:09 +0100 +Subject: gpio: do not double-check direction on sleeping chips + +From: Linus Walleij + +commit 60f8339eb388df8a46f8eb4282ff0e15f08f218c upstream. + +When locking a GPIO line as IRQ, we go to lengths to +double-check that the line is really set as input before +marking it as used for IRQ. This is not good on GPIO chips +that can sleep, because this function is called in IRQ-safe +context. Just skip this if it can't be checked quickly. + +Currently this happens on sleeping expanders such as STMPE +or TC3589x: + +BUG: scheduling while atomic: swapper/1/0x00000002 +Modules linked in: +CPU: 0 PID: 1 Comm: swapper Not tainted 4.9.0-rc1+ #38 +Hardware name: Nomadik STn8815 +[] (unwind_backtrace) from [] (show_stack+0x10/0x14) +[] (show_stack) from [] (__schedule_bug+0x54/0x80) +[] (__schedule_bug) from [] (__schedule+0x3a0/0x460) +[] (__schedule) from [] (schedule+0x54/0xb8) +(...) + +This patch fixes that problem and relies on the direction +read from the chip when it was added. + +Fixes: 9c10280d85c1 ("gpio: flush direction status in gpiochip_lock_as_irq()") +Cc: Patrice Chotard +Signed-off-by: Linus Walleij +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/gpio/gpiolib.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +--- a/drivers/gpio/gpiolib.c ++++ b/drivers/gpio/gpiolib.c +@@ -2667,8 +2667,11 @@ int gpiochip_lock_as_irq(struct gpio_chi + if (IS_ERR(desc)) + return PTR_ERR(desc); + +- /* Flush direction if something changed behind our back */ +- if (chip->get_direction) { ++ /* ++ * If it's fast: flush the direction setting if something changed ++ * behind our back ++ */ ++ if (!chip->can_sleep && chip->get_direction) { + int dir = chip->get_direction(chip, offset); + + if (dir) diff --git a/queue-4.8/i2c-i2c-mux-pca954x-fix-deselect-enabling-for-device-tree.patch b/queue-4.8/i2c-i2c-mux-pca954x-fix-deselect-enabling-for-device-tree.patch new file mode 100644 index 00000000000..788bc9070a6 --- /dev/null +++ b/queue-4.8/i2c-i2c-mux-pca954x-fix-deselect-enabling-for-device-tree.patch @@ -0,0 +1,40 @@ +From ad092de60f865c1ad94221bd06d381ecea446cc8 Mon Sep 17 00:00:00 2001 +From: Alex Hemme +Date: Sat, 19 Nov 2016 10:48:38 +0100 +Subject: i2c: i2c-mux-pca954x: fix deselect enabling for device-tree + +From: Alex Hemme + +commit ad092de60f865c1ad94221bd06d381ecea446cc8 upstream. + +Deselect functionality can be ignored for device-trees with +"i2c-mux-idle-disconnect" entries if no platform_data is available. +By enabling the deselect functionality outside the platform_data +block the logic works as it did in previous kernels. + +Fixes: 7fcac9807175 ("i2c: i2c-mux-pca954x: convert to use an explicit i2c mux core") +Signed-off-by: Alex Hemme +Signed-off-by: Ziyang Wu +[touched up a few minor issues /peda] +Signed-off-by: Peter Rosin +Signed-off-by: Wolfram Sang +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/i2c/muxes/i2c-mux-pca954x.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/drivers/i2c/muxes/i2c-mux-pca954x.c ++++ b/drivers/i2c/muxes/i2c-mux-pca954x.c +@@ -247,9 +247,9 @@ static int pca954x_probe(struct i2c_clie + /* discard unconfigured channels */ + break; + idle_disconnect_pd = pdata->modes[num].deselect_on_exit; +- data->deselect |= (idle_disconnect_pd +- || idle_disconnect_dt) << num; + } ++ data->deselect |= (idle_disconnect_pd || ++ idle_disconnect_dt) << num; + + ret = i2c_mux_add_adapter(muxc, force, num, class); + diff --git a/queue-4.8/i2c-mux-fix-up-dependencies.patch b/queue-4.8/i2c-mux-fix-up-dependencies.patch new file mode 100644 index 00000000000..fdec85a99bc --- /dev/null +++ b/queue-4.8/i2c-mux-fix-up-dependencies.patch @@ -0,0 +1,62 @@ +From 93d710a65ef02fb7fd48ae207e78f460bd7a6089 Mon Sep 17 00:00:00 2001 +From: Linus Walleij +Date: Mon, 14 Nov 2016 15:34:17 +0100 +Subject: i2c: mux: fix up dependencies + +From: Linus Walleij + +commit 93d710a65ef02fb7fd48ae207e78f460bd7a6089 upstream. + +We get the following build error from UM Linux after adding +an entry to drivers/iio/gyro/Kconfig that issues "select I2C_MUX": + +ERROR: "devm_ioremap_resource" + [drivers/i2c/muxes/i2c-mux-reg.ko] undefined! +ERROR: "of_address_to_resource" + [drivers/i2c/muxes/i2c-mux-reg.ko] undefined! + +It appears that the I2C mux core code depends on HAS_IOMEM +for historical reasons, while CONFIG_I2C_MUX_REG does *not* +have a direct dependency on HAS_IOMEM. + +This creates a situation where a allyesconfig or allmodconfig +for UM Linux will select I2C_MUX, and will implicitly enable +I2C_MUX_REG as well, and the compilation will fail for the +register driver. + +Fix this up by making I2C_MUX_REG depend on HAS_IOMEM and +removing the dependency from I2C_MUX. + +Reported-by: kbuild test robot +Reported-by: Jonathan Cameron +Signed-off-by: Linus Walleij +Acked-by: Jonathan Cameron +Acked-by: Peter Rosin +Signed-off-by: Wolfram Sang +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/i2c/Kconfig | 1 - + drivers/i2c/muxes/Kconfig | 1 + + 2 files changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/i2c/Kconfig ++++ b/drivers/i2c/Kconfig +@@ -59,7 +59,6 @@ config I2C_CHARDEV + + config I2C_MUX + tristate "I2C bus multiplexing support" +- depends on HAS_IOMEM + help + Say Y here if you want the I2C core to support the ability to + handle multiplexed I2C bus topologies, by presenting each +--- a/drivers/i2c/muxes/Kconfig ++++ b/drivers/i2c/muxes/Kconfig +@@ -63,6 +63,7 @@ config I2C_MUX_PINCTRL + + config I2C_MUX_REG + tristate "Register-based I2C multiplexer" ++ depends on HAS_IOMEM + help + If you say yes to this option, support will be included for a + register based I2C multiplexer. This driver provides access to diff --git a/queue-4.8/ib-hfi1-fix-rnr_timer-addition.patch b/queue-4.8/ib-hfi1-fix-rnr_timer-addition.patch new file mode 100644 index 00000000000..61292472ed6 --- /dev/null +++ b/queue-4.8/ib-hfi1-fix-rnr_timer-addition.patch @@ -0,0 +1,36 @@ +From 458ed666fe14a54dfb6690a1a7f541782d1342c9 Mon Sep 17 00:00:00 2001 +From: Ira Weiny +Date: Mon, 17 Oct 2016 04:20:09 -0700 +Subject: IB/hfi1: Fix rnr_timer addition + +From: Ira Weiny + +commit 458ed666fe14a54dfb6690a1a7f541782d1342c9 upstream. + +The new s_rnr_timeout was not properly being set and the code was +incorrectly setting a different timer. + +Found by code inspection. + +Fixes: 08279d5c9424 ("staging/rdma/hfi1: use new RNR timer") +Reviewed-by: Mike Marciniszyn +Signed-off-by: Ira Weiny +Signed-off-by: Dennis Dalessandro +Signed-off-by: Doug Ledford +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/infiniband/hw/hfi1/rc.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/infiniband/hw/hfi1/rc.c ++++ b/drivers/infiniband/hw/hfi1/rc.c +@@ -87,7 +87,7 @@ void hfi1_add_rnr_timer(struct rvt_qp *q + struct hfi1_qp_priv *priv = qp->priv; + + qp->s_flags |= RVT_S_WAIT_RNR; +- qp->s_timer.expires = jiffies + usecs_to_jiffies(to); ++ priv->s_rnr_timer.expires = jiffies + usecs_to_jiffies(to); + add_timer(&priv->s_rnr_timer); + } + diff --git a/queue-4.8/ib-rdmavt-rdmavt-can-handle-non-aligned-page-maps.patch b/queue-4.8/ib-rdmavt-rdmavt-can-handle-non-aligned-page-maps.patch new file mode 100644 index 00000000000..2b70a7e8867 --- /dev/null +++ b/queue-4.8/ib-rdmavt-rdmavt-can-handle-non-aligned-page-maps.patch @@ -0,0 +1,41 @@ +From e1fafdcbe0e3e769c6a83317dd845bc99b4fe61d Mon Sep 17 00:00:00 2001 +From: Dennis Dalessandro +Date: Mon, 10 Oct 2016 06:14:45 -0700 +Subject: IB/rdmavt: rdmavt can handle non aligned page maps + +From: Dennis Dalessandro + +commit e1fafdcbe0e3e769c6a83317dd845bc99b4fe61d upstream. + +The initial code for rdmavt carried with it a restriction that was a +vestige from the qib driver, that to dma map a page it had to be less +than a page size. This is not the case on modern hardware, both qib and +hfi1 will be just fine with unaligned map requests. + +This fixes a 4.8 regression where by an IPoIB transfer of > PAGE_SIZE +will hang because the dma map page call always fails. This was +introduced after commit 5faba5469522 ("IB/ipoib: Report SG feature +regardless of HW UD CSUM capability") added the capability to use SG by +default. Rather than override this, the HW supports it, so allow SG. + +Reviewed-by: Mike Marciniszyn +Signed-off-by: Dennis Dalessandro +Signed-off-by: Doug Ledford +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/infiniband/sw/rdmavt/dma.c | 3 --- + 1 file changed, 3 deletions(-) + +--- a/drivers/infiniband/sw/rdmavt/dma.c ++++ b/drivers/infiniband/sw/rdmavt/dma.c +@@ -90,9 +90,6 @@ static u64 rvt_dma_map_page(struct ib_de + if (WARN_ON(!valid_dma_direction(direction))) + return BAD_DMA_ADDRESS; + +- if (offset + size > PAGE_SIZE) +- return BAD_DMA_ADDRESS; +- + addr = (u64)page_address(page); + if (addr) + addr += offset; diff --git a/queue-4.8/kbuild-add-fno-pie.patch b/queue-4.8/kbuild-add-fno-pie.patch new file mode 100644 index 00000000000..4625866004a --- /dev/null +++ b/queue-4.8/kbuild-add-fno-pie.patch @@ -0,0 +1,43 @@ +From 8ae94224c9d72fc4d9aaac93b2d7833cf46d7141 Mon Sep 17 00:00:00 2001 +From: Sebastian Andrzej Siewior +Date: Fri, 4 Nov 2016 19:39:38 +0100 +Subject: kbuild: add -fno-PIE +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Sebastian Andrzej Siewior + +commit 8ae94224c9d72fc4d9aaac93b2d7833cf46d7141 upstream. + +Debian started to build the gcc with -fPIE by default so the kernel +build ends before it starts properly with: +|kernel/bounds.c:1:0: error: code model kernel does not support PIC mode + +Also add to KBUILD_AFLAGS due to: + +|gcc -Wp,-MD,arch/x86/entry/vdso/vdso32/.note.o.d … -mfentry -DCC_USING_FENTRY … vdso/vdso32/note.S +|arch/x86/entry/vdso/vdso32/note.S:1:0: sorry, unimplemented: -mfentry isn’t supported for 32-bit in combination with -fpic + +Tagging it stable so it is possible to compile recent stable kernels as +well. + +Signed-off-by: Sebastian Andrzej Siewior +Signed-off-by: Michal Marek +Signed-off-by: Greg Kroah-Hartman + +--- + Makefile | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/Makefile ++++ b/Makefile +@@ -622,6 +622,8 @@ include arch/$(SRCARCH)/Makefile + KBUILD_CFLAGS += $(call cc-option,-fno-delete-null-pointer-checks,) + KBUILD_CFLAGS += $(call cc-disable-warning,maybe-uninitialized,) + KBUILD_CFLAGS += $(call cc-disable-warning,frame-address,) ++KBUILD_CFLAGS += $(call cc-option,-fno-PIE) ++KBUILD_AFLAGS += $(call cc-option,-fno-PIE) + + ifdef CONFIG_CC_OPTIMIZE_FOR_SIZE + KBUILD_CFLAGS += -Os diff --git a/queue-4.8/kbuild-steal-gcc-s-pie-from-the-very-beginning.patch b/queue-4.8/kbuild-steal-gcc-s-pie-from-the-very-beginning.patch new file mode 100644 index 00000000000..668630afe4c --- /dev/null +++ b/queue-4.8/kbuild-steal-gcc-s-pie-from-the-very-beginning.patch @@ -0,0 +1,67 @@ +From c6a385539175ebc603da53aafb7753d39089f32e Mon Sep 17 00:00:00 2001 +From: Borislav Petkov +Date: Mon, 14 Nov 2016 19:41:31 +0100 +Subject: kbuild: Steal gcc's pie from the very beginning + +From: Borislav Petkov + +commit c6a385539175ebc603da53aafb7753d39089f32e upstream. + +So Sebastian turned off the PIE for kernel builds but that was too late +- Kbuild.include already uses KBUILD_CFLAGS and trying to disable gcc +options with, say cc-disable-warning, fails: + + gcc -D__KERNEL__ -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs + ... + -Wno-sign-compare -fno-asynchronous-unwind-tables -Wframe-address -c -x c /dev/null -o .31392.tmp + /dev/null:1:0: error: code model kernel does not support PIC mode + +because that returns an error and we can't disable the warning. For +example in this case: + +KBUILD_CFLAGS += $(call cc-disable-warning,frame-address,) + +which leads to gcc issuing all those warnings again. + +So let's turn off PIE/PIC at the earliest possible moment, when we +declare KBUILD_CFLAGS so that cc-disable-warning picks it up too. + +Also, we need the $(call cc-option ...) because -fno-PIE is supported +since gcc v3.4 and our lowest supported gcc version is 3.2 right now. + +Signed-off-by: Borislav Petkov +Cc: Ben Hutchings +Cc: Sebastian Andrzej Siewior +Signed-off-by: Michal Marek +Signed-off-by: Greg Kroah-Hartman + +--- + Makefile | 7 +++---- + 1 file changed, 3 insertions(+), 4 deletions(-) + +--- a/Makefile ++++ b/Makefile +@@ -399,11 +399,12 @@ KBUILD_CFLAGS := -Wall -Wundef -Wstric + -fno-strict-aliasing -fno-common \ + -Werror-implicit-function-declaration \ + -Wno-format-security \ +- -std=gnu89 ++ -std=gnu89 $(call cc-option,-fno-PIE) ++ + + KBUILD_AFLAGS_KERNEL := + KBUILD_CFLAGS_KERNEL := +-KBUILD_AFLAGS := -D__ASSEMBLY__ ++KBUILD_AFLAGS := -D__ASSEMBLY__ $(call cc-option,-fno-PIE) + KBUILD_AFLAGS_MODULE := -DMODULE + KBUILD_CFLAGS_MODULE := -DMODULE + KBUILD_LDFLAGS_MODULE := -T $(srctree)/scripts/module-common.lds +@@ -622,8 +623,6 @@ include arch/$(SRCARCH)/Makefile + KBUILD_CFLAGS += $(call cc-option,-fno-delete-null-pointer-checks,) + KBUILD_CFLAGS += $(call cc-disable-warning,maybe-uninitialized,) + KBUILD_CFLAGS += $(call cc-disable-warning,frame-address,) +-KBUILD_CFLAGS += $(call cc-option,-fno-PIE) +-KBUILD_AFLAGS += $(call cc-option,-fno-PIE) + + ifdef CONFIG_CC_OPTIMIZE_FOR_SIZE + KBUILD_CFLAGS += -Os diff --git a/queue-4.8/mfd-intel-lpss-do-not-put-device-in-reset-state-on-suspend.patch b/queue-4.8/mfd-intel-lpss-do-not-put-device-in-reset-state-on-suspend.patch new file mode 100644 index 00000000000..139362ba788 --- /dev/null +++ b/queue-4.8/mfd-intel-lpss-do-not-put-device-in-reset-state-on-suspend.patch @@ -0,0 +1,41 @@ +From 274e43edcda6f709aa67e436b3123e45a6270923 Mon Sep 17 00:00:00 2001 +From: Azhar Shaikh +Date: Wed, 12 Oct 2016 10:12:20 -0700 +Subject: mfd: intel-lpss: Do not put device in reset state on suspend + +From: Azhar Shaikh + +commit 274e43edcda6f709aa67e436b3123e45a6270923 upstream. + +Commit 41a3da2b8e163 ("mfd: intel-lpss: Save register context on +suspend") saved the register context while going to suspend and +also put the device in reset state. + +Due to the resetting of device, system cannot enter S3/S0ix +states when no_console_suspend flag is enabled. The system +and serial console both hang. The resetting of device is not +needed while going to suspend. Hence remove this code. + +Fixes: 41a3da2b8e163 ("mfd: intel-lpss: Save register context on suspend") +Signed-off-by: Azhar Shaikh +Acked-by: Mika Westerberg +Reviewed-by: Andy Shevchenko +Signed-off-by: Lee Jones +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/mfd/intel-lpss.c | 3 --- + 1 file changed, 3 deletions(-) + +--- a/drivers/mfd/intel-lpss.c ++++ b/drivers/mfd/intel-lpss.c +@@ -502,9 +502,6 @@ int intel_lpss_suspend(struct device *de + for (i = 0; i < LPSS_PRIV_REG_COUNT; i++) + lpss->priv_ctx[i] = readl(lpss->priv + i * 4); + +- /* Put the device into reset state */ +- writel(0, lpss->priv + LPSS_PRIV_RESETS); +- + return 0; + } + EXPORT_SYMBOL_GPL(intel_lpss_suspend); diff --git a/queue-4.8/mfd-stmpe-fix-reset-regression-on-stmpe2401.patch b/queue-4.8/mfd-stmpe-fix-reset-regression-on-stmpe2401.patch new file mode 100644 index 00000000000..84bc54c810e --- /dev/null +++ b/queue-4.8/mfd-stmpe-fix-reset-regression-on-stmpe2401.patch @@ -0,0 +1,55 @@ +From f40584200bc4af7aa4399635b9ac213c62a13ae7 Mon Sep 17 00:00:00 2001 +From: Linus Walleij +Date: Tue, 1 Nov 2016 10:22:53 +0100 +Subject: mfd: stmpe: Fix RESET regression on STMPE2401 + +From: Linus Walleij + +commit f40584200bc4af7aa4399635b9ac213c62a13ae7 upstream. + +Since commit c4dd1ba355aae2bc3d1213da6c66c53e3c31e028 +("mfd: stmpe: Add reset support for all STMPE variant") +we're resetting the STMPE expanders before use. + +This caused a regression on the STMP2401 on the Nomadik +NHK8815: + +stmpe-i2c 0-0043: stmpe2401 detected, chip id: 0x101 +nmk-i2c 101f8000.i2c0: write to slave 0x43 timed out +nmk-i2c 101f8000.i2c0: no ack received after address transmission +stmpe-i2c 0-0044: stmpe2401 detected, chip id: 0x101 +nmk-i2c 101f8000.i2c0: write to slave 0x44 timed out +nmk-i2c 101f8000.i2c0: no ack received after address transmission + +It turns out that we start to poll for the reset bit to +go low again too quickly: the STMPE2401 is not yet online and +ready to be asked for the status of the RESET bit. + +By introducing a 10ms delay before starting to hammer +the register for information, we get back to normal: + +stmpe-i2c 0-0043: stmpe2401 detected, chip id: 0x101 +stmpe-i2c 0-0044: stmpe2401 detected, chip id: 0x101 + +Cc: Amelie Delaunay +Fixes: c4dd1ba355aa ("mfd: stmpe: Add reset support for all STMPE variant") +Signed-off-by: Linus Walleij +Acked-by: Patrice Chotard +Signed-off-by: Lee Jones +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/mfd/stmpe.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/drivers/mfd/stmpe.c ++++ b/drivers/mfd/stmpe.c +@@ -761,6 +761,8 @@ static int stmpe1801_reset(struct stmpe + if (ret < 0) + return ret; + ++ msleep(10); ++ + timeout = jiffies + msecs_to_jiffies(100); + while (time_before(jiffies, timeout)) { + ret = __stmpe_reg_read(stmpe, STMPE1801_REG_SYS_CTRL); diff --git a/queue-4.8/scripts-has-stack-protector-add-fno-pie.patch b/queue-4.8/scripts-has-stack-protector-add-fno-pie.patch new file mode 100644 index 00000000000..a67a04c5d85 --- /dev/null +++ b/queue-4.8/scripts-has-stack-protector-add-fno-pie.patch @@ -0,0 +1,38 @@ +From 82031ea29e454b574bc6f49a33683a693ca5d907 Mon Sep 17 00:00:00 2001 +From: Sebastian Andrzej Siewior +Date: Fri, 4 Nov 2016 19:39:39 +0100 +Subject: scripts/has-stack-protector: add -fno-PIE + +From: Sebastian Andrzej Siewior + +commit 82031ea29e454b574bc6f49a33683a693ca5d907 upstream. + +Adding -no-PIE to the fstack protector check. -no-PIE was introduced +before -fstack-protector so there is no need for a runtime check. + +Without it the build stops: +|Cannot use CONFIG_CC_STACKPROTECTOR_STRONG: -fstack-protector-strong available but compiler is broken + +due to -mcmodel=kernel + -fPIE if -fPIE is enabled by default. + +Tagging it stable so it is possible to compile recent stable kernels as +well. + +Signed-off-by: Sebastian Andrzej Siewior +Signed-off-by: Michal Marek +Signed-off-by: Greg Kroah-Hartman + +--- + scripts/gcc-x86_64-has-stack-protector.sh | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/scripts/gcc-x86_64-has-stack-protector.sh ++++ b/scripts/gcc-x86_64-has-stack-protector.sh +@@ -1,6 +1,6 @@ + #!/bin/sh + +-echo "int foo(void) { char X[200]; return 3; }" | $* -S -x c -c -O0 -mcmodel=kernel -fstack-protector - -o - 2> /dev/null | grep -q "%gs" ++echo "int foo(void) { char X[200]; return 3; }" | $* -S -x c -c -O0 -mcmodel=kernel -fno-PIE -fstack-protector - -o - 2> /dev/null | grep -q "%gs" + if [ "$?" -eq "0" ] ; then + echo y + else diff --git a/queue-4.8/series b/queue-4.8/series index b852d265965..ea787fb1fcf 100644 --- a/queue-4.8/series +++ b/queue-4.8/series @@ -4,3 +4,25 @@ kvm-x86-fix-missed-srcu-usage-in-kvm_lapic_set_vapic_addr.patch kvm-disable-irq-while-unregistering-user-notifier.patch arm64-kvm-pmu-fix-aarch32-cycle-counter-access.patch kvm-arm64-fix-the-issues-when-guest-pmccfiltr-is-configured.patch +ftrace-ignore-ftrace_fl_disabled-while-walking-dyn_ftrace-records.patch +ftrace-add-more-checks-for-ftrace_fl_disabled-in-processing-ip-records.patch +genirq-use-irq-type-from-irqdata-instead-of-irqdesc.patch +fuse-fix-fuse_write_end-if-zero-bytes-were-copied.patch +ib-rdmavt-rdmavt-can-handle-non-aligned-page-maps.patch +ib-hfi1-fix-rnr_timer-addition.patch +mfd-intel-lpss-do-not-put-device-in-reset-state-on-suspend.patch +mfd-stmpe-fix-reset-regression-on-stmpe2401.patch +can-bcm-fix-warning-in-bcm_connect-proc_register.patch +gpio-do-not-double-check-direction-on-sleeping-chips.patch +alsa-usb-audio-fix-use-after-free-of-usb_device-at-disconnect.patch +alsa-hda-add-a-new-condition-to-check-if-it-is-thinkpad.patch +alsa-hda-fix-mic-regression-by-asrock-mobo-fixup.patch +i2c-mux-fix-up-dependencies.patch +i2c-i2c-mux-pca954x-fix-deselect-enabling-for-device-tree.patch +disable-the-__builtin_return_address-warning-globally-after-all.patch +kbuild-add-fno-pie.patch +scripts-has-stack-protector-add-fno-pie.patch +x86-kexec-add-fno-pie.patch +kbuild-steal-gcc-s-pie-from-the-very-beginning.patch +ext4-sanity-check-the-block-and-cluster-size-at-mount-time.patch +arm-dts-imx53-qsb-fix-regulator-constraints.patch diff --git a/queue-4.8/x86-kexec-add-fno-pie.patch b/queue-4.8/x86-kexec-add-fno-pie.patch new file mode 100644 index 00000000000..c1cee703c55 --- /dev/null +++ b/queue-4.8/x86-kexec-add-fno-pie.patch @@ -0,0 +1,34 @@ +From 90944e40ba1838de4b2a9290cf273f9d76bd3bdd Mon Sep 17 00:00:00 2001 +From: Sebastian Andrzej Siewior +Date: Fri, 4 Nov 2016 19:39:40 +0100 +Subject: x86/kexec: add -fno-PIE + +From: Sebastian Andrzej Siewior + +commit 90944e40ba1838de4b2a9290cf273f9d76bd3bdd upstream. + +If the gcc is configured to do -fPIE by default then the build aborts +later with: +| Unsupported relocation type: unknown type rel type name (29) + +Tagging it stable so it is possible to compile recent stable kernels as +well. + +Signed-off-by: Sebastian Andrzej Siewior +Signed-off-by: Michal Marek +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/purgatory/Makefile | 1 + + 1 file changed, 1 insertion(+) + +--- a/arch/x86/purgatory/Makefile ++++ b/arch/x86/purgatory/Makefile +@@ -16,6 +16,7 @@ KCOV_INSTRUMENT := n + + KBUILD_CFLAGS := -fno-strict-aliasing -Wall -Wstrict-prototypes -fno-zero-initialized-in-bss -fno-builtin -ffreestanding -c -MD -Os -mcmodel=large + KBUILD_CFLAGS += -m$(BITS) ++KBUILD_CFLAGS += $(call cc-option,-fno-PIE) + + $(obj)/purgatory.ro: $(PURGATORY_OBJS) FORCE + $(call if_changed,ld)