From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Wed, 8 May 2019 14:14:03 +0000 (+0200)
Subject: 4.9-stable patches
X-Git-Tag: v4.9.175~41
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d70985a8b60732f3d53fd298842b55265734eaec;p=thirdparty%2Fkernel%2Fstable-queue.git

4.9-stable patches

added patches:
	staging-greybus-power_supply-fix-prop-descriptor-request-size.patch
	ubsan-fix-nasty-wbuiltin-declaration-mismatch-gcc-9-warnings.patch
---

diff --git a/queue-4.9/series b/queue-4.9/series
index e1b7355755a..c859c922e54 100644
--- a/queue-4.9/series
+++ b/queue-4.9/series
@@ -1 +1,3 @@
 scsi-libsas-fix-a-race-condition-when-smp-task-timeout.patch
+ubsan-fix-nasty-wbuiltin-declaration-mismatch-gcc-9-warnings.patch
+staging-greybus-power_supply-fix-prop-descriptor-request-size.patch
diff --git a/queue-4.9/staging-greybus-power_supply-fix-prop-descriptor-request-size.patch b/queue-4.9/staging-greybus-power_supply-fix-prop-descriptor-request-size.patch
new file mode 100644
index 00000000000..cffed7537c2
--- /dev/null
+++ b/queue-4.9/staging-greybus-power_supply-fix-prop-descriptor-request-size.patch
@@ -0,0 +1,40 @@
+From 47830c1127ef166af787caf2f871f23089610a7f Mon Sep 17 00:00:00 2001
+From: Johan Hovold <johan@kernel.org>
+Date: Thu, 4 Apr 2019 08:53:30 +0200
+Subject: staging: greybus: power_supply: fix prop-descriptor request size
+
+From: Johan Hovold <johan@kernel.org>
+
+commit 47830c1127ef166af787caf2f871f23089610a7f upstream.
+
+Since moving the message buffers off the stack, the dynamically
+allocated get-prop-descriptor request buffer is incorrectly sized due to
+using the pointer rather than request-struct size when creating the
+operation.
+
+Fortunately, the pointer size is always larger than this one-byte
+request, but this could still cause trouble on the remote end due to the
+unexpected message size.
+
+Fixes: 9d15134d067e ("greybus: power_supply: rework get descriptors")
+Cc: stable <stable@vger.kernel.org>     # 4.9
+Cc: Rui Miguel Silva <rui.silva@linaro.org>
+Signed-off-by: Johan Hovold <johan@kernel.org>
+Reviewed-by: Rui Miguel Silva <rmfrfs@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/staging/greybus/power_supply.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/staging/greybus/power_supply.c
++++ b/drivers/staging/greybus/power_supply.c
+@@ -521,7 +521,7 @@ static int gb_power_supply_prop_descript
+ 
+ 	op = gb_operation_create(connection,
+ 				 GB_POWER_SUPPLY_TYPE_GET_PROP_DESCRIPTORS,
+-				 sizeof(req), sizeof(*resp) + props_count *
++				 sizeof(*req), sizeof(*resp) + props_count *
+ 				 sizeof(struct gb_power_supply_props_desc),
+ 				 GFP_KERNEL);
+ 	if (!op)
diff --git a/queue-4.9/ubsan-fix-nasty-wbuiltin-declaration-mismatch-gcc-9-warnings.patch b/queue-4.9/ubsan-fix-nasty-wbuiltin-declaration-mismatch-gcc-9-warnings.patch
new file mode 100644
index 00000000000..264e1301d3a
--- /dev/null
+++ b/queue-4.9/ubsan-fix-nasty-wbuiltin-declaration-mismatch-gcc-9-warnings.patch
@@ -0,0 +1,209 @@
+From f0996bc2978e02d2ea898101462b960f6119b18f Mon Sep 17 00:00:00 2001
+From: Andrey Ryabinin <aryabinin@virtuozzo.com>
+Date: Mon, 6 May 2019 13:45:26 +0300
+Subject: ubsan: Fix nasty -Wbuiltin-declaration-mismatch GCC-9 warnings
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Andrey Ryabinin <aryabinin@virtuozzo.com>
+
+commit f0996bc2978e02d2ea898101462b960f6119b18f upstream.
+
+Building lib/ubsan.c with gcc-9 results in a ton of nasty warnings like
+this one:
+
+    lib/ubsan.c warning: conflicting types for built-in function
+         â__ubsan_handle_negate_overflowâ; expected âvoid(void *, void *)â [-Wbuiltin-declaration-mismatch]
+
+The kernel's declarations of __ubsan_handle_*() often uses 'unsigned
+long' types in parameters while GCC these parameters as 'void *' types,
+hence the mismatch.
+
+Fix this by using 'void *' to match GCC's declarations.
+
+Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
+Fixes: c6d308534aef ("UBSAN: run-time undefined behavior sanity checker")
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ lib/ubsan.c |   49 +++++++++++++++++++++++--------------------------
+ 1 file changed, 23 insertions(+), 26 deletions(-)
+
+--- a/lib/ubsan.c
++++ b/lib/ubsan.c
+@@ -86,11 +86,13 @@ static bool is_inline_int(struct type_de
+ 	return bits <= inline_bits;
+ }
+ 
+-static s_max get_signed_val(struct type_descriptor *type, unsigned long val)
++static s_max get_signed_val(struct type_descriptor *type, void *val)
+ {
+ 	if (is_inline_int(type)) {
+ 		unsigned extra_bits = sizeof(s_max)*8 - type_bit_width(type);
+-		return ((s_max)val) << extra_bits >> extra_bits;
++		unsigned long ulong_val = (unsigned long)val;
++
++		return ((s_max)ulong_val) << extra_bits >> extra_bits;
+ 	}
+ 
+ 	if (type_bit_width(type) == 64)
+@@ -99,15 +101,15 @@ static s_max get_signed_val(struct type_
+ 	return *(s_max *)val;
+ }
+ 
+-static bool val_is_negative(struct type_descriptor *type, unsigned long val)
++static bool val_is_negative(struct type_descriptor *type, void *val)
+ {
+ 	return type_is_signed(type) && get_signed_val(type, val) < 0;
+ }
+ 
+-static u_max get_unsigned_val(struct type_descriptor *type, unsigned long val)
++static u_max get_unsigned_val(struct type_descriptor *type, void *val)
+ {
+ 	if (is_inline_int(type))
+-		return val;
++		return (unsigned long)val;
+ 
+ 	if (type_bit_width(type) == 64)
+ 		return *(u64 *)val;
+@@ -116,7 +118,7 @@ static u_max get_unsigned_val(struct typ
+ }
+ 
+ static void val_to_string(char *str, size_t size, struct type_descriptor *type,
+-	unsigned long value)
++			void *value)
+ {
+ 	if (type_is_int(type)) {
+ 		if (type_bit_width(type) == 128) {
+@@ -168,8 +170,8 @@ static void ubsan_epilogue(unsigned long
+ 	current->in_ubsan--;
+ }
+ 
+-static void handle_overflow(struct overflow_data *data, unsigned long lhs,
+-			unsigned long rhs, char op)
++static void handle_overflow(struct overflow_data *data, void *lhs,
++			void *rhs, char op)
+ {
+ 
+ 	struct type_descriptor *type = data->type;
+@@ -196,8 +198,7 @@ static void handle_overflow(struct overf
+ }
+ 
+ void __ubsan_handle_add_overflow(struct overflow_data *data,
+-				unsigned long lhs,
+-				unsigned long rhs)
++				void *lhs, void *rhs)
+ {
+ 
+ 	handle_overflow(data, lhs, rhs, '+');
+@@ -205,23 +206,21 @@ void __ubsan_handle_add_overflow(struct
+ EXPORT_SYMBOL(__ubsan_handle_add_overflow);
+ 
+ void __ubsan_handle_sub_overflow(struct overflow_data *data,
+-				unsigned long lhs,
+-				unsigned long rhs)
++				void *lhs, void *rhs)
+ {
+ 	handle_overflow(data, lhs, rhs, '-');
+ }
+ EXPORT_SYMBOL(__ubsan_handle_sub_overflow);
+ 
+ void __ubsan_handle_mul_overflow(struct overflow_data *data,
+-				unsigned long lhs,
+-				unsigned long rhs)
++				void *lhs, void *rhs)
+ {
+ 	handle_overflow(data, lhs, rhs, '*');
+ }
+ EXPORT_SYMBOL(__ubsan_handle_mul_overflow);
+ 
+ void __ubsan_handle_negate_overflow(struct overflow_data *data,
+-				unsigned long old_val)
++				void *old_val)
+ {
+ 	unsigned long flags;
+ 	char old_val_str[VALUE_LENGTH];
+@@ -242,8 +241,7 @@ EXPORT_SYMBOL(__ubsan_handle_negate_over
+ 
+ 
+ void __ubsan_handle_divrem_overflow(struct overflow_data *data,
+-				unsigned long lhs,
+-				unsigned long rhs)
++				void *lhs, void *rhs)
+ {
+ 	unsigned long flags;
+ 	char rhs_val_str[VALUE_LENGTH];
+@@ -328,7 +326,7 @@ static void ubsan_type_mismatch_common(s
+ }
+ 
+ void __ubsan_handle_type_mismatch(struct type_mismatch_data *data,
+-				unsigned long ptr)
++				void *ptr)
+ {
+ 	struct type_mismatch_data_common common_data = {
+ 		.location = &data->location,
+@@ -337,12 +335,12 @@ void __ubsan_handle_type_mismatch(struct
+ 		.type_check_kind = data->type_check_kind
+ 	};
+ 
+-	ubsan_type_mismatch_common(&common_data, ptr);
++	ubsan_type_mismatch_common(&common_data, (unsigned long)ptr);
+ }
+ EXPORT_SYMBOL(__ubsan_handle_type_mismatch);
+ 
+ void __ubsan_handle_type_mismatch_v1(struct type_mismatch_data_v1 *data,
+-				unsigned long ptr)
++				void *ptr)
+ {
+ 
+ 	struct type_mismatch_data_common common_data = {
+@@ -352,7 +350,7 @@ void __ubsan_handle_type_mismatch_v1(str
+ 		.type_check_kind = data->type_check_kind
+ 	};
+ 
+-	ubsan_type_mismatch_common(&common_data, ptr);
++	ubsan_type_mismatch_common(&common_data, (unsigned long)ptr);
+ }
+ EXPORT_SYMBOL(__ubsan_handle_type_mismatch_v1);
+ 
+@@ -376,7 +374,7 @@ void __ubsan_handle_nonnull_return(struc
+ EXPORT_SYMBOL(__ubsan_handle_nonnull_return);
+ 
+ void __ubsan_handle_vla_bound_not_positive(struct vla_bound_data *data,
+-					unsigned long bound)
++					void *bound)
+ {
+ 	unsigned long flags;
+ 	char bound_str[VALUE_LENGTH];
+@@ -393,8 +391,7 @@ void __ubsan_handle_vla_bound_not_positi
+ }
+ EXPORT_SYMBOL(__ubsan_handle_vla_bound_not_positive);
+ 
+-void __ubsan_handle_out_of_bounds(struct out_of_bounds_data *data,
+-				unsigned long index)
++void __ubsan_handle_out_of_bounds(struct out_of_bounds_data *data, void *index)
+ {
+ 	unsigned long flags;
+ 	char index_str[VALUE_LENGTH];
+@@ -412,7 +409,7 @@ void __ubsan_handle_out_of_bounds(struct
+ EXPORT_SYMBOL(__ubsan_handle_out_of_bounds);
+ 
+ void __ubsan_handle_shift_out_of_bounds(struct shift_out_of_bounds_data *data,
+-					unsigned long lhs, unsigned long rhs)
++					void *lhs, void *rhs)
+ {
+ 	unsigned long flags;
+ 	struct type_descriptor *rhs_type = data->rhs_type;
+@@ -463,7 +460,7 @@ void __ubsan_handle_builtin_unreachable(
+ EXPORT_SYMBOL(__ubsan_handle_builtin_unreachable);
+ 
+ void __ubsan_handle_load_invalid_value(struct invalid_value_data *data,
+-				unsigned long val)
++				void *val)
+ {
+ 	unsigned long flags;
+ 	char val_str[VALUE_LENGTH];