From 0fd6cd4e21bcec21a07dea587e8b50e50dbbb4c4 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Wed, 26 Oct 2016 11:26:39 +0200 Subject: [PATCH] 4.4-stable patches added patches: acpi-nfit-check-for-the-correct-event-code-in-notifications.patch blkcg-unlock-blkcg_pol_mutex-only-once-when-cpd-null.patch bnx2x-prevent-false-warning-for-lack-of-fc-npiv.patch cifs-limit-the-overall-credit-acquired.patch clarify-locking-of-cifs-file-and-tcon-structures-and-make-more-granular.patch cleanup-missing-frees-on-some-ioctls.patch display-number-of-credits-available.patch do-not-send-smb3-set_info-request-if-nothing-is-changing.patch fix-regression-which-breaks-dfs-mounting.patch fs-cifs-keep-guid-when-assigning-fid-to-fileinfo.patch hpsa-correct-skipping-masked-peripherals.patch irqchip-gicv3-handle-loop-timeout-proper.patch kvm-x86-memset-whole-irq_eoi.patch net-mlx4_core-allow-resetting-vf-admin-mac-to-zero.patch pinctrl-intel-only-restore-pins-that-are-used-by-the-driver.patch pkcs-7-don-t-require-spcspopusinfo-in-authenticode-pkcs7-signatures.patch sched-fair-fix-min_vruntime-tracking.patch sd-fix-rw_max-for-devices-that-report-an-optimal-xfer-size.patch set-previous-session-id-correctly-on-smb3-reconnect.patch smb3-guids-should-be-constructed-as-random-but-valid-uuids.patch x86-e820-don-t-merge-consecutive-e820_pram-ranges.patch --- ...-correct-event-code-in-notifications.patch | 56 ++ ...cg_pol_mutex-only-once-when-cpd-null.patch | 39 ++ ...nt-false-warning-for-lack-of-fc-npiv.patch | 39 ++ ...fs-limit-the-overall-credit-acquired.patch | 95 ++++ ...on-structures-and-make-more-granular.patch | 517 ++++++++++++++++++ ...cleanup-missing-frees-on-some-ioctls.patch | 73 +++ .../display-number-of-credits-available.patch | 37 ++ ..._info-request-if-nothing-is-changing.patch | 38 ++ ...regression-which-breaks-dfs-mounting.patch | 46 ++ ...-guid-when-assigning-fid-to-fileinfo.patch | 34 ++ ...-correct-skipping-masked-peripherals.patch | 135 +++++ ...hip-gicv3-handle-loop-timeout-proper.patch | 42 ++ queue-4.4/kvm-x86-memset-whole-irq_eoi.patch | 47 ++ ...allow-resetting-vf-admin-mac-to-zero.patch | 47 ++ ...ore-pins-that-are-used-by-the-driver.patch | 92 ++++ ...nfo-in-authenticode-pkcs7-signatures.patch | 123 +++++ ...sched-fair-fix-min_vruntime-tracking.patch | 104 ++++ ...ces-that-report-an-optimal-xfer-size.patch | 58 ++ queue-4.4/series | 21 + ...ssion-id-correctly-on-smb3-reconnect.patch | 50 ++ ...onstructed-as-random-but-valid-uuids.patch | 68 +++ ...t-merge-consecutive-e820_pram-ranges.patch | 58 ++ 22 files changed, 1819 insertions(+) create mode 100644 queue-4.4/acpi-nfit-check-for-the-correct-event-code-in-notifications.patch create mode 100644 queue-4.4/blkcg-unlock-blkcg_pol_mutex-only-once-when-cpd-null.patch create mode 100644 queue-4.4/bnx2x-prevent-false-warning-for-lack-of-fc-npiv.patch create mode 100644 queue-4.4/cifs-limit-the-overall-credit-acquired.patch create mode 100644 queue-4.4/clarify-locking-of-cifs-file-and-tcon-structures-and-make-more-granular.patch create mode 100644 queue-4.4/cleanup-missing-frees-on-some-ioctls.patch create mode 100644 queue-4.4/display-number-of-credits-available.patch create mode 100644 queue-4.4/do-not-send-smb3-set_info-request-if-nothing-is-changing.patch create mode 100644 queue-4.4/fix-regression-which-breaks-dfs-mounting.patch create mode 100644 queue-4.4/fs-cifs-keep-guid-when-assigning-fid-to-fileinfo.patch create mode 100644 queue-4.4/hpsa-correct-skipping-masked-peripherals.patch create mode 100644 queue-4.4/irqchip-gicv3-handle-loop-timeout-proper.patch create mode 100644 queue-4.4/kvm-x86-memset-whole-irq_eoi.patch create mode 100644 queue-4.4/net-mlx4_core-allow-resetting-vf-admin-mac-to-zero.patch create mode 100644 queue-4.4/pinctrl-intel-only-restore-pins-that-are-used-by-the-driver.patch create mode 100644 queue-4.4/pkcs-7-don-t-require-spcspopusinfo-in-authenticode-pkcs7-signatures.patch create mode 100644 queue-4.4/sched-fair-fix-min_vruntime-tracking.patch create mode 100644 queue-4.4/sd-fix-rw_max-for-devices-that-report-an-optimal-xfer-size.patch create mode 100644 queue-4.4/set-previous-session-id-correctly-on-smb3-reconnect.patch create mode 100644 queue-4.4/smb3-guids-should-be-constructed-as-random-but-valid-uuids.patch create mode 100644 queue-4.4/x86-e820-don-t-merge-consecutive-e820_pram-ranges.patch diff --git a/queue-4.4/acpi-nfit-check-for-the-correct-event-code-in-notifications.patch b/queue-4.4/acpi-nfit-check-for-the-correct-event-code-in-notifications.patch new file mode 100644 index 00000000000..d29841d6bd8 --- /dev/null +++ b/queue-4.4/acpi-nfit-check-for-the-correct-event-code-in-notifications.patch @@ -0,0 +1,56 @@ +From c09f12186d6b03b798832d95289af76495990192 Mon Sep 17 00:00:00 2001 +From: Vishal Verma +Date: Fri, 19 Aug 2016 14:40:58 -0600 +Subject: acpi, nfit: check for the correct event code in notifications + +From: Vishal Verma + +commit c09f12186d6b03b798832d95289af76495990192 upstream. + +Commit 209851649dc4 "acpi: nfit: Add support for hot-add" added +support for _FIT notifications, but it neglected to verify the +notification event code matches the one in the ACPI spec for +"NFIT Update". Currently there is only one code in the spec, but +once additional codes are added, older kernels (without this fix) +will misbehave by assuming all event notifications are for an +NFIT Update. + +Fixes: 209851649dc4 ("acpi: nfit: Add support for hot-add") +Cc: +Cc: +Cc: Dan Williams +Reported-by: Linda Knippers +Signed-off-by: Vishal Verma +Signed-off-by: Dan Williams +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/acpi/nfit.c | 3 +++ + drivers/acpi/nfit.h | 4 ++++ + 2 files changed, 7 insertions(+) + +--- a/drivers/acpi/nfit.c ++++ b/drivers/acpi/nfit.c +@@ -1806,6 +1806,9 @@ static void acpi_nfit_notify(struct acpi + + dev_dbg(dev, "%s: event: %d\n", __func__, event); + ++ if (event != NFIT_NOTIFY_UPDATE) ++ return; ++ + device_lock(dev); + if (!dev->driver) { + /* dev->driver may be null if we're being removed */ +--- a/drivers/acpi/nfit.h ++++ b/drivers/acpi/nfit.h +@@ -45,6 +45,10 @@ enum { + ND_BLK_DCR_LATCH = 2, + }; + ++enum nfit_root_notifiers { ++ NFIT_NOTIFY_UPDATE = 0x80, ++}; ++ + struct nfit_spa { + struct acpi_nfit_system_address *spa; + struct list_head list; diff --git a/queue-4.4/blkcg-unlock-blkcg_pol_mutex-only-once-when-cpd-null.patch b/queue-4.4/blkcg-unlock-blkcg_pol_mutex-only-once-when-cpd-null.patch new file mode 100644 index 00000000000..4b5d54b0fb0 --- /dev/null +++ b/queue-4.4/blkcg-unlock-blkcg_pol_mutex-only-once-when-cpd-null.patch @@ -0,0 +1,39 @@ +From bbb427e342495df1cda10051d0566388697499c0 Mon Sep 17 00:00:00 2001 +From: Bart Van Assche +Date: Thu, 29 Sep 2016 08:33:30 -0700 +Subject: blkcg: Unlock blkcg_pol_mutex only once when cpd == NULL + +From: Bart Van Assche + +commit bbb427e342495df1cda10051d0566388697499c0 upstream. + +Unlocking a mutex twice is wrong. Hence modify blkcg_policy_register() +such that blkcg_pol_mutex is unlocked once if cpd == NULL. This patch +avoids that smatch reports the following error: + +block/blk-cgroup.c:1378: blkcg_policy_register() error: double unlock 'mutex:&blkcg_pol_mutex' + +Fixes: 06b285bd1125 ("blkcg: fix blkcg_policy_data allocation bug") +Signed-off-by: Bart Van Assche +Cc: Tejun Heo +Signed-off-by: Tejun Heo +Signed-off-by: Greg Kroah-Hartman + +--- + block/blk-cgroup.c | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +--- a/block/blk-cgroup.c ++++ b/block/blk-cgroup.c +@@ -1331,10 +1331,8 @@ int blkcg_policy_register(struct blkcg_p + struct blkcg_policy_data *cpd; + + cpd = pol->cpd_alloc_fn(GFP_KERNEL); +- if (!cpd) { +- mutex_unlock(&blkcg_pol_mutex); ++ if (!cpd) + goto err_free_cpds; +- } + + blkcg->cpd[pol->plid] = cpd; + cpd->blkcg = blkcg; diff --git a/queue-4.4/bnx2x-prevent-false-warning-for-lack-of-fc-npiv.patch b/queue-4.4/bnx2x-prevent-false-warning-for-lack-of-fc-npiv.patch new file mode 100644 index 00000000000..7cda8524272 --- /dev/null +++ b/queue-4.4/bnx2x-prevent-false-warning-for-lack-of-fc-npiv.patch @@ -0,0 +1,39 @@ +From 1e6bb1a3540fec3ef112b9a89dda88e684c3ff59 Mon Sep 17 00:00:00 2001 +From: Yuval Mintz +Date: Tue, 15 Mar 2016 19:52:04 +0200 +Subject: bnx2x: Prevent false warning for lack of FC NPIV + +From: Yuval Mintz + +commit 1e6bb1a3540fec3ef112b9a89dda88e684c3ff59 upstream. + +Not all adapters have FC-NPIV configured. If bnx2fc is used with such an +adapter, driver would read irrelevant data from the the nvram and log +"FC-NPIV table with bad length..." In system logs. + +Simply accept that reading '0' as the feature offset in nvram indicates +the feature isn't there and return. + +Reported-by: Andrew Patterson +Signed-off-by: Yuval Mintz +Signed-off-by: David S. Miller +Signed-off-by: Juerg Haefliger +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c ++++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c +@@ -14819,6 +14819,10 @@ static int bnx2x_get_fc_npiv(struct net_ + } + + offset = SHMEM2_RD(bp, fc_npiv_nvram_tbl_addr[BP_PORT(bp)]); ++ if (!offset) { ++ DP(BNX2X_MSG_MCP, "No FC-NPIV in NVRAM\n"); ++ goto out; ++ } + DP(BNX2X_MSG_MCP, "Offset of FC-NPIV in NVRAM: %08x\n", offset); + + /* Read the table contents from nvram */ diff --git a/queue-4.4/cifs-limit-the-overall-credit-acquired.patch b/queue-4.4/cifs-limit-the-overall-credit-acquired.patch new file mode 100644 index 00000000000..fdc3e747b3d --- /dev/null +++ b/queue-4.4/cifs-limit-the-overall-credit-acquired.patch @@ -0,0 +1,95 @@ +From 7d414f396c91a3382e51cf628c1cf0709ad0188b Mon Sep 17 00:00:00 2001 +From: Ross Lagerwall +Date: Tue, 20 Sep 2016 13:37:13 +0100 +Subject: cifs: Limit the overall credit acquired + +From: Ross Lagerwall + +commit 7d414f396c91a3382e51cf628c1cf0709ad0188b upstream. + +The kernel client requests 2 credits for many operations even though +they only use 1 credit (presumably to build up a buffer of credit). +Some servers seem to give the client as much credit as is requested. In +this case, the amount of credit the client has continues increasing to +the point where (server->credits * MAX_BUFFER_SIZE) overflows in +smb2_wait_mtu_credits(). + +Fix this by throttling the credit requests if an set limit is reached. +For async requests where the credit charge may be > 1, request as much +credit as what is charged. +The limit is chosen somewhat arbitrarily. The Windows client +defaults to 128 credits, the Windows server allows clients up to +512 credits (or 8192 for Windows 2016), and the NetApp server +(and at least one other) does not limit clients at all. +Choose a high enough value such that the client shouldn't limit +performance. + +This behavior was seen with a NetApp filer (NetApp Release 9.0RC2). + +Signed-off-by: Ross Lagerwall +Signed-off-by: Steve French +Signed-off-by: Greg Kroah-Hartman + +--- + fs/cifs/smb2glob.h | 10 ++++++++++ + fs/cifs/smb2pdu.c | 18 +++++++++++++++++- + 2 files changed, 27 insertions(+), 1 deletion(-) + +--- a/fs/cifs/smb2glob.h ++++ b/fs/cifs/smb2glob.h +@@ -61,4 +61,14 @@ + /* Maximum buffer size value we can send with 1 credit */ + #define SMB2_MAX_BUFFER_SIZE 65536 + ++/* ++ * Maximum number of credits to keep available. ++ * This value is chosen somewhat arbitrarily. The Windows client ++ * defaults to 128 credits, the Windows server allows clients up to ++ * 512 credits, and the NetApp server does not limit clients at all. ++ * Choose a high enough value such that the client shouldn't limit ++ * performance. ++ */ ++#define SMB2_MAX_CREDITS_AVAILABLE 32000 ++ + #endif /* _SMB2_GLOB_H */ +--- a/fs/cifs/smb2pdu.c ++++ b/fs/cifs/smb2pdu.c +@@ -103,7 +103,21 @@ smb2_hdr_assemble(struct smb2_hdr *hdr, + hdr->ProtocolId[3] = 'B'; + hdr->StructureSize = cpu_to_le16(64); + hdr->Command = smb2_cmd; +- hdr->CreditRequest = cpu_to_le16(2); /* BB make this dynamic */ ++ if (tcon && tcon->ses && tcon->ses->server) { ++ struct TCP_Server_Info *server = tcon->ses->server; ++ ++ spin_lock(&server->req_lock); ++ /* Request up to 2 credits but don't go over the limit. */ ++ if (server->credits >= SMB2_MAX_CREDITS_AVAILABLE) ++ hdr->CreditRequest = cpu_to_le16(0); ++ else ++ hdr->CreditRequest = cpu_to_le16( ++ min_t(int, SMB2_MAX_CREDITS_AVAILABLE - ++ server->credits, 2)); ++ spin_unlock(&server->req_lock); ++ } else { ++ hdr->CreditRequest = cpu_to_le16(2); ++ } + hdr->ProcessId = cpu_to_le32((__u16)current->tgid); + + if (!tcon) +@@ -2059,6 +2073,7 @@ smb2_async_readv(struct cifs_readdata *r + if (rdata->credits) { + buf->CreditCharge = cpu_to_le16(DIV_ROUND_UP(rdata->bytes, + SMB2_MAX_BUFFER_SIZE)); ++ buf->CreditRequest = buf->CreditCharge; + spin_lock(&server->req_lock); + server->credits += rdata->credits - + le16_to_cpu(buf->CreditCharge); +@@ -2245,6 +2260,7 @@ smb2_async_writev(struct cifs_writedata + if (wdata->credits) { + req->hdr.CreditCharge = cpu_to_le16(DIV_ROUND_UP(wdata->bytes, + SMB2_MAX_BUFFER_SIZE)); ++ req->hdr.CreditRequest = req->hdr.CreditCharge; + spin_lock(&server->req_lock); + server->credits += wdata->credits - + le16_to_cpu(req->hdr.CreditCharge); diff --git a/queue-4.4/clarify-locking-of-cifs-file-and-tcon-structures-and-make-more-granular.patch b/queue-4.4/clarify-locking-of-cifs-file-and-tcon-structures-and-make-more-granular.patch new file mode 100644 index 00000000000..b896e33d87a --- /dev/null +++ b/queue-4.4/clarify-locking-of-cifs-file-and-tcon-structures-and-make-more-granular.patch @@ -0,0 +1,517 @@ +From 3afca265b5f53a0b15b79531c13858049505582d Mon Sep 17 00:00:00 2001 +From: Steve French +Date: Thu, 22 Sep 2016 18:58:16 -0500 +Subject: Clarify locking of cifs file and tcon structures and make more granular + +From: Steve French + +commit 3afca265b5f53a0b15b79531c13858049505582d upstream. + +Remove the global file_list_lock to simplify cifs/smb3 locking and +have spinlocks that more closely match the information they are +protecting. + +Add new tcon->open_file_lock and file->file_info_lock spinlocks. +Locks continue to follow a heirachy, + cifs_socket --> cifs_ses --> cifs_tcon --> cifs_file +where global tcp_ses_lock still protects socket and cifs_ses, while the +the newer locks protect the lower level structure's information +(tcon and cifs_file respectively). + +Signed-off-by: Steve French +Signed-off-by: Pavel Shilovsky +Reviewed-by: Aurelien Aptel +Reviewed-by: Germano Percossi +Signed-off-by: Greg Kroah-Hartman + +--- + fs/cifs/cifsfs.c | 1 + fs/cifs/cifsglob.h | 30 ++++++++++++------------ + fs/cifs/cifssmb.c | 4 +-- + fs/cifs/file.c | 66 +++++++++++++++++++++++++++++++---------------------- + fs/cifs/misc.c | 15 ++++++------ + fs/cifs/readdir.c | 6 ++-- + fs/cifs/smb2misc.c | 16 ++++++------ + 7 files changed, 75 insertions(+), 63 deletions(-) + +--- a/fs/cifs/cifsfs.c ++++ b/fs/cifs/cifsfs.c +@@ -1210,7 +1210,6 @@ init_cifs(void) + GlobalTotalActiveXid = 0; + GlobalMaxActiveXid = 0; + spin_lock_init(&cifs_tcp_ses_lock); +- spin_lock_init(&cifs_file_list_lock); + spin_lock_init(&GlobalMid_Lock); + + if (cifs_max_pending < 2) { +--- a/fs/cifs/cifsglob.h ++++ b/fs/cifs/cifsglob.h +@@ -827,6 +827,7 @@ struct cifs_tcon { + struct list_head tcon_list; + int tc_count; + struct list_head openFileList; ++ spinlock_t open_file_lock; /* protects list above */ + struct cifs_ses *ses; /* pointer to session associated with */ + char treeName[MAX_TREE_SIZE + 1]; /* UNC name of resource in ASCII */ + char *nativeFileSystem; +@@ -883,7 +884,7 @@ struct cifs_tcon { + #endif /* CONFIG_CIFS_STATS2 */ + __u64 bytes_read; + __u64 bytes_written; +- spinlock_t stat_lock; ++ spinlock_t stat_lock; /* protects the two fields above */ + #endif /* CONFIG_CIFS_STATS */ + FILE_SYSTEM_DEVICE_INFO fsDevInfo; + FILE_SYSTEM_ATTRIBUTE_INFO fsAttrInfo; /* ok if fs name truncated */ +@@ -1034,8 +1035,10 @@ struct cifs_fid_locks { + }; + + struct cifsFileInfo { ++ /* following two lists are protected by tcon->open_file_lock */ + struct list_head tlist; /* pointer to next fid owned by tcon */ + struct list_head flist; /* next fid (file instance) for this inode */ ++ /* lock list below protected by cifsi->lock_sem */ + struct cifs_fid_locks *llist; /* brlocks held by this fid */ + kuid_t uid; /* allows finding which FileInfo structure */ + __u32 pid; /* process id who opened file */ +@@ -1043,11 +1046,12 @@ struct cifsFileInfo { + /* BB add lock scope info here if needed */ ; + /* lock scope id (0 if none) */ + struct dentry *dentry; +- unsigned int f_flags; + struct tcon_link *tlink; ++ unsigned int f_flags; + bool invalidHandle:1; /* file closed via session abend */ + bool oplock_break_cancelled:1; +- int count; /* refcount protected by cifs_file_list_lock */ ++ int count; ++ spinlock_t file_info_lock; /* protects four flag/count fields above */ + struct mutex fh_mutex; /* prevents reopen race after dead ses*/ + struct cifs_search_info srch_inf; + struct work_struct oplock_break; /* work for oplock breaks */ +@@ -1114,7 +1118,7 @@ struct cifs_writedata { + + /* + * Take a reference on the file private data. Must be called with +- * cifs_file_list_lock held. ++ * cfile->file_info_lock held. + */ + static inline void + cifsFileInfo_get_locked(struct cifsFileInfo *cifs_file) +@@ -1508,8 +1512,10 @@ require use of the stronger protocol */ + * GlobalMid_Lock protects: + * list operations on pending_mid_q and oplockQ + * updates to XID counters, multiplex id and SMB sequence numbers +- * cifs_file_list_lock protects: +- * list operations on tcp and SMB session lists and tCon lists ++ * tcp_ses_lock protects: ++ * list operations on tcp and SMB session lists ++ * tcon->open_file_lock protects the list of open files hanging off the tcon ++ * cfile->file_info_lock protects counters and fields in cifs file struct + * f_owner.lock protects certain per file struct operations + * mapping->page_lock protects certain per page operations + * +@@ -1541,18 +1547,12 @@ GLOBAL_EXTERN struct list_head cifs_tcp + * tcp session, and the list of tcon's per smb session. It also protects + * the reference counters for the server, smb session, and tcon. Finally, + * changes to the tcon->tidStatus should be done while holding this lock. ++ * generally the locks should be taken in order tcp_ses_lock before ++ * tcon->open_file_lock and that before file->file_info_lock since the ++ * structure order is cifs_socket-->cifs_ses-->cifs_tcon-->cifs_file + */ + GLOBAL_EXTERN spinlock_t cifs_tcp_ses_lock; + +-/* +- * This lock protects the cifs_file->llist and cifs_file->flist +- * list operations, and updates to some flags (cifs_file->invalidHandle) +- * It will be moved to either use the tcon->stat_lock or equivalent later. +- * If cifs_tcp_ses_lock and the lock below are both needed to be held, then +- * the cifs_tcp_ses_lock must be grabbed first and released last. +- */ +-GLOBAL_EXTERN spinlock_t cifs_file_list_lock; +- + #ifdef CONFIG_CIFS_DNOTIFY_EXPERIMENTAL /* unused temporarily */ + /* Outstanding dir notify requests */ + GLOBAL_EXTERN struct list_head GlobalDnotifyReqList; +--- a/fs/cifs/cifssmb.c ++++ b/fs/cifs/cifssmb.c +@@ -98,13 +98,13 @@ cifs_mark_open_files_invalid(struct cifs + struct list_head *tmp1; + + /* list all files open on tree connection and mark them invalid */ +- spin_lock(&cifs_file_list_lock); ++ spin_lock(&tcon->open_file_lock); + list_for_each_safe(tmp, tmp1, &tcon->openFileList) { + open_file = list_entry(tmp, struct cifsFileInfo, tlist); + open_file->invalidHandle = true; + open_file->oplock_break_cancelled = true; + } +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&tcon->open_file_lock); + /* + * BB Add call to invalidate_inodes(sb) for all superblocks mounted + * to this tcon. +--- a/fs/cifs/file.c ++++ b/fs/cifs/file.c +@@ -305,6 +305,7 @@ cifs_new_fileinfo(struct cifs_fid *fid, + cfile->tlink = cifs_get_tlink(tlink); + INIT_WORK(&cfile->oplock_break, cifs_oplock_break); + mutex_init(&cfile->fh_mutex); ++ spin_lock_init(&cfile->file_info_lock); + + cifs_sb_active(inode->i_sb); + +@@ -317,7 +318,7 @@ cifs_new_fileinfo(struct cifs_fid *fid, + oplock = 0; + } + +- spin_lock(&cifs_file_list_lock); ++ spin_lock(&tcon->open_file_lock); + if (fid->pending_open->oplock != CIFS_OPLOCK_NO_CHANGE && oplock) + oplock = fid->pending_open->oplock; + list_del(&fid->pending_open->olist); +@@ -326,12 +327,13 @@ cifs_new_fileinfo(struct cifs_fid *fid, + server->ops->set_fid(cfile, fid, oplock); + + list_add(&cfile->tlist, &tcon->openFileList); ++ + /* if readable file instance put first in list*/ + if (file->f_mode & FMODE_READ) + list_add(&cfile->flist, &cinode->openFileList); + else + list_add_tail(&cfile->flist, &cinode->openFileList); +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&tcon->open_file_lock); + + if (fid->purge_cache) + cifs_zap_mapping(inode); +@@ -343,16 +345,16 @@ cifs_new_fileinfo(struct cifs_fid *fid, + struct cifsFileInfo * + cifsFileInfo_get(struct cifsFileInfo *cifs_file) + { +- spin_lock(&cifs_file_list_lock); ++ spin_lock(&cifs_file->file_info_lock); + cifsFileInfo_get_locked(cifs_file); +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&cifs_file->file_info_lock); + return cifs_file; + } + + /* + * Release a reference on the file private data. This may involve closing + * the filehandle out on the server. Must be called without holding +- * cifs_file_list_lock. ++ * tcon->open_file_lock and cifs_file->file_info_lock. + */ + void cifsFileInfo_put(struct cifsFileInfo *cifs_file) + { +@@ -367,11 +369,15 @@ void cifsFileInfo_put(struct cifsFileInf + struct cifs_pending_open open; + bool oplock_break_cancelled; + +- spin_lock(&cifs_file_list_lock); ++ spin_lock(&tcon->open_file_lock); ++ ++ spin_lock(&cifs_file->file_info_lock); + if (--cifs_file->count > 0) { +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&cifs_file->file_info_lock); ++ spin_unlock(&tcon->open_file_lock); + return; + } ++ spin_unlock(&cifs_file->file_info_lock); + + if (server->ops->get_lease_key) + server->ops->get_lease_key(inode, &fid); +@@ -395,7 +401,8 @@ void cifsFileInfo_put(struct cifsFileInf + set_bit(CIFS_INO_INVALID_MAPPING, &cifsi->flags); + cifs_set_oplock_level(cifsi, 0); + } +- spin_unlock(&cifs_file_list_lock); ++ ++ spin_unlock(&tcon->open_file_lock); + + oplock_break_cancelled = cancel_work_sync(&cifs_file->oplock_break); + +@@ -772,10 +779,10 @@ int cifs_closedir(struct inode *inode, s + server = tcon->ses->server; + + cifs_dbg(FYI, "Freeing private data in close dir\n"); +- spin_lock(&cifs_file_list_lock); ++ spin_lock(&cfile->file_info_lock); + if (server->ops->dir_needs_close(cfile)) { + cfile->invalidHandle = true; +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&cfile->file_info_lock); + if (server->ops->close_dir) + rc = server->ops->close_dir(xid, tcon, &cfile->fid); + else +@@ -784,7 +791,7 @@ int cifs_closedir(struct inode *inode, s + /* not much we can do if it fails anyway, ignore rc */ + rc = 0; + } else +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&cfile->file_info_lock); + + buf = cfile->srch_inf.ntwrk_buf_start; + if (buf) { +@@ -1720,12 +1727,13 @@ struct cifsFileInfo *find_readable_file( + { + struct cifsFileInfo *open_file = NULL; + struct cifs_sb_info *cifs_sb = CIFS_SB(cifs_inode->vfs_inode.i_sb); ++ struct cifs_tcon *tcon = cifs_sb_master_tcon(cifs_sb); + + /* only filter by fsuid on multiuser mounts */ + if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER)) + fsuid_only = false; + +- spin_lock(&cifs_file_list_lock); ++ spin_lock(&tcon->open_file_lock); + /* we could simply get the first_list_entry since write-only entries + are always at the end of the list but since the first entry might + have a close pending, we go through the whole list */ +@@ -1736,8 +1744,8 @@ struct cifsFileInfo *find_readable_file( + if (!open_file->invalidHandle) { + /* found a good file */ + /* lock it so it will not be closed on us */ +- cifsFileInfo_get_locked(open_file); +- spin_unlock(&cifs_file_list_lock); ++ cifsFileInfo_get(open_file); ++ spin_unlock(&tcon->open_file_lock); + return open_file; + } /* else might as well continue, and look for + another, or simply have the caller reopen it +@@ -1745,7 +1753,7 @@ struct cifsFileInfo *find_readable_file( + } else /* write only file */ + break; /* write only files are last so must be done */ + } +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&tcon->open_file_lock); + return NULL; + } + +@@ -1754,6 +1762,7 @@ struct cifsFileInfo *find_writable_file( + { + struct cifsFileInfo *open_file, *inv_file = NULL; + struct cifs_sb_info *cifs_sb; ++ struct cifs_tcon *tcon; + bool any_available = false; + int rc; + unsigned int refind = 0; +@@ -1769,15 +1778,16 @@ struct cifsFileInfo *find_writable_file( + } + + cifs_sb = CIFS_SB(cifs_inode->vfs_inode.i_sb); ++ tcon = cifs_sb_master_tcon(cifs_sb); + + /* only filter by fsuid on multiuser mounts */ + if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER)) + fsuid_only = false; + +- spin_lock(&cifs_file_list_lock); ++ spin_lock(&tcon->open_file_lock); + refind_writable: + if (refind > MAX_REOPEN_ATT) { +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&tcon->open_file_lock); + return NULL; + } + list_for_each_entry(open_file, &cifs_inode->openFileList, flist) { +@@ -1788,8 +1798,8 @@ refind_writable: + if (OPEN_FMODE(open_file->f_flags) & FMODE_WRITE) { + if (!open_file->invalidHandle) { + /* found a good writable file */ +- cifsFileInfo_get_locked(open_file); +- spin_unlock(&cifs_file_list_lock); ++ cifsFileInfo_get(open_file); ++ spin_unlock(&tcon->open_file_lock); + return open_file; + } else { + if (!inv_file) +@@ -1805,24 +1815,24 @@ refind_writable: + + if (inv_file) { + any_available = false; +- cifsFileInfo_get_locked(inv_file); ++ cifsFileInfo_get(inv_file); + } + +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&tcon->open_file_lock); + + if (inv_file) { + rc = cifs_reopen_file(inv_file, false); + if (!rc) + return inv_file; + else { +- spin_lock(&cifs_file_list_lock); ++ spin_lock(&tcon->open_file_lock); + list_move_tail(&inv_file->flist, + &cifs_inode->openFileList); +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&tcon->open_file_lock); + cifsFileInfo_put(inv_file); +- spin_lock(&cifs_file_list_lock); + ++refind; + inv_file = NULL; ++ spin_lock(&tcon->open_file_lock); + goto refind_writable; + } + } +@@ -3632,15 +3642,17 @@ static int cifs_readpage(struct file *fi + static int is_inode_writable(struct cifsInodeInfo *cifs_inode) + { + struct cifsFileInfo *open_file; ++ struct cifs_tcon *tcon = ++ cifs_sb_master_tcon(CIFS_SB(cifs_inode->vfs_inode.i_sb)); + +- spin_lock(&cifs_file_list_lock); ++ spin_lock(&tcon->open_file_lock); + list_for_each_entry(open_file, &cifs_inode->openFileList, flist) { + if (OPEN_FMODE(open_file->f_flags) & FMODE_WRITE) { +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&tcon->open_file_lock); + return 1; + } + } +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&tcon->open_file_lock); + return 0; + } + +--- a/fs/cifs/misc.c ++++ b/fs/cifs/misc.c +@@ -120,6 +120,7 @@ tconInfoAlloc(void) + ++ret_buf->tc_count; + INIT_LIST_HEAD(&ret_buf->openFileList); + INIT_LIST_HEAD(&ret_buf->tcon_list); ++ spin_lock_init(&ret_buf->open_file_lock); + #ifdef CONFIG_CIFS_STATS + spin_lock_init(&ret_buf->stat_lock); + #endif +@@ -465,7 +466,7 @@ is_valid_oplock_break(char *buffer, stru + continue; + + cifs_stats_inc(&tcon->stats.cifs_stats.num_oplock_brks); +- spin_lock(&cifs_file_list_lock); ++ spin_lock(&tcon->open_file_lock); + list_for_each(tmp2, &tcon->openFileList) { + netfile = list_entry(tmp2, struct cifsFileInfo, + tlist); +@@ -495,11 +496,11 @@ is_valid_oplock_break(char *buffer, stru + &netfile->oplock_break); + netfile->oplock_break_cancelled = false; + +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&tcon->open_file_lock); + spin_unlock(&cifs_tcp_ses_lock); + return true; + } +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&tcon->open_file_lock); + spin_unlock(&cifs_tcp_ses_lock); + cifs_dbg(FYI, "No matching file for oplock break\n"); + return true; +@@ -613,9 +614,9 @@ backup_cred(struct cifs_sb_info *cifs_sb + void + cifs_del_pending_open(struct cifs_pending_open *open) + { +- spin_lock(&cifs_file_list_lock); ++ spin_lock(&tlink_tcon(open->tlink)->open_file_lock); + list_del(&open->olist); +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&tlink_tcon(open->tlink)->open_file_lock); + } + + void +@@ -635,7 +636,7 @@ void + cifs_add_pending_open(struct cifs_fid *fid, struct tcon_link *tlink, + struct cifs_pending_open *open) + { +- spin_lock(&cifs_file_list_lock); ++ spin_lock(&tlink_tcon(tlink)->open_file_lock); + cifs_add_pending_open_locked(fid, tlink, open); +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&tlink_tcon(open->tlink)->open_file_lock); + } +--- a/fs/cifs/readdir.c ++++ b/fs/cifs/readdir.c +@@ -594,14 +594,14 @@ find_cifs_entry(const unsigned int xid, + is_dir_changed(file)) || (index_to_find < first_entry_in_buffer)) { + /* close and restart search */ + cifs_dbg(FYI, "search backing up - close and restart search\n"); +- spin_lock(&cifs_file_list_lock); ++ spin_lock(&cfile->file_info_lock); + if (server->ops->dir_needs_close(cfile)) { + cfile->invalidHandle = true; +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&cfile->file_info_lock); + if (server->ops->close_dir) + server->ops->close_dir(xid, tcon, &cfile->fid); + } else +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&cfile->file_info_lock); + if (cfile->srch_inf.ntwrk_buf_start) { + cifs_dbg(FYI, "freeing SMB ff cache buf on search rewind\n"); + if (cfile->srch_inf.smallBuf) +--- a/fs/cifs/smb2misc.c ++++ b/fs/cifs/smb2misc.c +@@ -525,19 +525,19 @@ smb2_is_valid_lease_break(char *buffer) + list_for_each(tmp1, &server->smb_ses_list) { + ses = list_entry(tmp1, struct cifs_ses, smb_ses_list); + +- spin_lock(&cifs_file_list_lock); + list_for_each(tmp2, &ses->tcon_list) { + tcon = list_entry(tmp2, struct cifs_tcon, + tcon_list); ++ spin_lock(&tcon->open_file_lock); + cifs_stats_inc( + &tcon->stats.cifs_stats.num_oplock_brks); + if (smb2_tcon_has_lease(tcon, rsp, lw)) { +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&tcon->open_file_lock); + spin_unlock(&cifs_tcp_ses_lock); + return true; + } ++ spin_unlock(&tcon->open_file_lock); + } +- spin_unlock(&cifs_file_list_lock); + } + } + spin_unlock(&cifs_tcp_ses_lock); +@@ -579,7 +579,7 @@ smb2_is_valid_oplock_break(char *buffer, + tcon = list_entry(tmp1, struct cifs_tcon, tcon_list); + + cifs_stats_inc(&tcon->stats.cifs_stats.num_oplock_brks); +- spin_lock(&cifs_file_list_lock); ++ spin_lock(&tcon->open_file_lock); + list_for_each(tmp2, &tcon->openFileList) { + cfile = list_entry(tmp2, struct cifsFileInfo, + tlist); +@@ -591,7 +591,7 @@ smb2_is_valid_oplock_break(char *buffer, + + cifs_dbg(FYI, "file id match, oplock break\n"); + cinode = CIFS_I(d_inode(cfile->dentry)); +- ++ spin_lock(&cfile->file_info_lock); + if (!CIFS_CACHE_WRITE(cinode) && + rsp->OplockLevel == SMB2_OPLOCK_LEVEL_NONE) + cfile->oplock_break_cancelled = true; +@@ -613,14 +613,14 @@ smb2_is_valid_oplock_break(char *buffer, + clear_bit( + CIFS_INODE_DOWNGRADE_OPLOCK_TO_L2, + &cinode->flags); +- ++ spin_unlock(&cfile->file_info_lock); + queue_work(cifsiod_wq, &cfile->oplock_break); + +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&tcon->open_file_lock); + spin_unlock(&cifs_tcp_ses_lock); + return true; + } +- spin_unlock(&cifs_file_list_lock); ++ spin_unlock(&tcon->open_file_lock); + spin_unlock(&cifs_tcp_ses_lock); + cifs_dbg(FYI, "No matching file for oplock break\n"); + return true; diff --git a/queue-4.4/cleanup-missing-frees-on-some-ioctls.patch b/queue-4.4/cleanup-missing-frees-on-some-ioctls.patch new file mode 100644 index 00000000000..fb7be6609a0 --- /dev/null +++ b/queue-4.4/cleanup-missing-frees-on-some-ioctls.patch @@ -0,0 +1,73 @@ +From 24df1483c272c99ed88b0cba135d0e1dfdee3930 Mon Sep 17 00:00:00 2001 +From: Steve French +Date: Thu, 29 Sep 2016 04:20:23 -0500 +Subject: Cleanup missing frees on some ioctls + +From: Steve French + +commit 24df1483c272c99ed88b0cba135d0e1dfdee3930 upstream. + +Cleanup some missing mem frees on some cifs ioctls, and +clarify others to make more obvious that no data is returned. + +Signed-off-by: Steve French +Acked-by: Sachin Prabhu +Signed-off-by: Greg Kroah-Hartman + +--- + fs/cifs/smb2ops.c | 9 ++++----- + 1 file changed, 4 insertions(+), 5 deletions(-) + +--- a/fs/cifs/smb2ops.c ++++ b/fs/cifs/smb2ops.c +@@ -282,7 +282,7 @@ SMB3_request_interfaces(const unsigned i + cifs_dbg(FYI, "Link Speed %lld\n", + le64_to_cpu(out_buf->LinkSpeed)); + } +- ++ kfree(out_buf); + return rc; + } + #endif /* STATS2 */ +@@ -695,6 +695,7 @@ smb2_clone_range(const unsigned int xid, + + cchunk_out: + kfree(pcchunk); ++ kfree(retbuf); + return rc; + } + +@@ -819,7 +820,6 @@ smb2_duplicate_extents(const unsigned in + { + int rc; + unsigned int ret_data_len; +- char *retbuf = NULL; + struct duplicate_extents_to_file dup_ext_buf; + struct cifs_tcon *tcon = tlink_tcon(trgtfile->tlink); + +@@ -845,7 +845,7 @@ smb2_duplicate_extents(const unsigned in + FSCTL_DUPLICATE_EXTENTS_TO_FILE, + true /* is_fsctl */, (char *)&dup_ext_buf, + sizeof(struct duplicate_extents_to_file), +- (char **)&retbuf, ++ NULL, + &ret_data_len); + + if (ret_data_len > 0) +@@ -868,7 +868,6 @@ smb3_set_integrity(const unsigned int xi + struct cifsFileInfo *cfile) + { + struct fsctl_set_integrity_information_req integr_info; +- char *retbuf = NULL; + unsigned int ret_data_len; + + integr_info.ChecksumAlgorithm = cpu_to_le16(CHECKSUM_TYPE_UNCHANGED); +@@ -880,7 +879,7 @@ smb3_set_integrity(const unsigned int xi + FSCTL_SET_INTEGRITY_INFORMATION, + true /* is_fsctl */, (char *)&integr_info, + sizeof(struct fsctl_set_integrity_information_req), +- (char **)&retbuf, ++ NULL, + &ret_data_len); + + } diff --git a/queue-4.4/display-number-of-credits-available.patch b/queue-4.4/display-number-of-credits-available.patch new file mode 100644 index 00000000000..9540b611da2 --- /dev/null +++ b/queue-4.4/display-number-of-credits-available.patch @@ -0,0 +1,37 @@ +From 9742805d6b1bfb45d7f267648c34fb5bcd347397 Mon Sep 17 00:00:00 2001 +From: Steve French +Date: Mon, 19 Sep 2016 22:06:35 -0500 +Subject: Display number of credits available + +From: Steve French + +commit 9742805d6b1bfb45d7f267648c34fb5bcd347397 upstream. + +In debugging smb3, it is useful to display the number +of credits available, so we can see when the server has not granted +sufficient operations for the client to make progress, or alternatively +the client has requested too many credits (as we saw in a recent bug) +so we can compare with the number of credits the server thinks +we have. + +Add a /proc/fs/cifs/DebugData line to display the client view +on how many credits are available. + +Signed-off-by: Steve French +Reported-by: Germano Percossi +Signed-off-by: Greg Kroah-Hartman + +--- + fs/cifs/cifs_debug.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/fs/cifs/cifs_debug.c ++++ b/fs/cifs/cifs_debug.c +@@ -152,6 +152,7 @@ static int cifs_debug_data_proc_show(str + list_for_each(tmp1, &cifs_tcp_ses_list) { + server = list_entry(tmp1, struct TCP_Server_Info, + tcp_ses_list); ++ seq_printf(m, "\nNumber of credits: %d", server->credits); + i++; + list_for_each(tmp2, &server->smb_ses_list) { + ses = list_entry(tmp2, struct cifs_ses, diff --git a/queue-4.4/do-not-send-smb3-set_info-request-if-nothing-is-changing.patch b/queue-4.4/do-not-send-smb3-set_info-request-if-nothing-is-changing.patch new file mode 100644 index 00000000000..c12841d2336 --- /dev/null +++ b/queue-4.4/do-not-send-smb3-set_info-request-if-nothing-is-changing.patch @@ -0,0 +1,38 @@ +From 18dd8e1a65ddae2351d0f0d6dd4a334f441fc5fa Mon Sep 17 00:00:00 2001 +From: Steve French +Date: Mon, 26 Sep 2016 14:23:08 -0500 +Subject: Do not send SMB3 SET_INFO request if nothing is changing + +From: Steve French + +commit 18dd8e1a65ddae2351d0f0d6dd4a334f441fc5fa upstream. + +[CIFS] We had cases where we sent a SMB2/SMB3 setinfo request with all +timestamp (and DOS attribute) fields marked as 0 (ie do not change) +e.g. on chmod or chown. + +Signed-off-by: Steve French +Signed-off-by: Greg Kroah-Hartman + +--- + fs/cifs/smb2inode.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +--- a/fs/cifs/smb2inode.c ++++ b/fs/cifs/smb2inode.c +@@ -266,9 +266,15 @@ smb2_set_file_info(struct inode *inode, + struct tcon_link *tlink; + int rc; + ++ if ((buf->CreationTime == 0) && (buf->LastAccessTime == 0) && ++ (buf->LastWriteTime == 0) && (buf->ChangeTime) && ++ (buf->Attributes == 0)) ++ return 0; /* would be a no op, no sense sending this */ ++ + tlink = cifs_sb_tlink(cifs_sb); + if (IS_ERR(tlink)) + return PTR_ERR(tlink); ++ + rc = smb2_open_op_close(xid, tlink_tcon(tlink), cifs_sb, full_path, + FILE_WRITE_ATTRIBUTES, FILE_OPEN, 0, buf, + SMB2_OP_SET_INFO); diff --git a/queue-4.4/fix-regression-which-breaks-dfs-mounting.patch b/queue-4.4/fix-regression-which-breaks-dfs-mounting.patch new file mode 100644 index 00000000000..5aa5103b6a7 --- /dev/null +++ b/queue-4.4/fix-regression-which-breaks-dfs-mounting.patch @@ -0,0 +1,46 @@ +From d171356ff11ab1825e456dfb979755e01b3c54a1 Mon Sep 17 00:00:00 2001 +From: Sachin Prabhu +Date: Tue, 6 Sep 2016 13:22:34 +0100 +Subject: Fix regression which breaks DFS mounting + +From: Sachin Prabhu + +commit d171356ff11ab1825e456dfb979755e01b3c54a1 upstream. + +Patch a6b5058 results in -EREMOTE returned by is_path_accessible() in +cifs_mount() to be ignored which breaks DFS mounting. + +Signed-off-by: Sachin Prabhu +Reviewed-by: Aurelien Aptel +Signed-off-by: Steve French +Signed-off-by: Greg Kroah-Hartman + +--- + fs/cifs/connect.c | 14 ++++++++------ + 1 file changed, 8 insertions(+), 6 deletions(-) + +--- a/fs/cifs/connect.c ++++ b/fs/cifs/connect.c +@@ -3693,14 +3693,16 @@ remote_path_check: + goto mount_fail_check; + } + +- rc = cifs_are_all_path_components_accessible(server, ++ if (rc != -EREMOTE) { ++ rc = cifs_are_all_path_components_accessible(server, + xid, tcon, cifs_sb, + full_path); +- if (rc != 0) { +- cifs_dbg(VFS, "cannot query dirs between root and final path, " +- "enabling CIFS_MOUNT_USE_PREFIX_PATH\n"); +- cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_USE_PREFIX_PATH; +- rc = 0; ++ if (rc != 0) { ++ cifs_dbg(VFS, "cannot query dirs between root and final path, " ++ "enabling CIFS_MOUNT_USE_PREFIX_PATH\n"); ++ cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_USE_PREFIX_PATH; ++ rc = 0; ++ } + } + kfree(full_path); + } diff --git a/queue-4.4/fs-cifs-keep-guid-when-assigning-fid-to-fileinfo.patch b/queue-4.4/fs-cifs-keep-guid-when-assigning-fid-to-fileinfo.patch new file mode 100644 index 00000000000..4fad0f77904 --- /dev/null +++ b/queue-4.4/fs-cifs-keep-guid-when-assigning-fid-to-fileinfo.patch @@ -0,0 +1,34 @@ +From 94f873717571c759b7928399cbbddfa3d569bd01 Mon Sep 17 00:00:00 2001 +From: Aurelien Aptel +Date: Thu, 22 Sep 2016 07:38:50 +0200 +Subject: fs/cifs: keep guid when assigning fid to fileinfo + +From: Aurelien Aptel + +commit 94f873717571c759b7928399cbbddfa3d569bd01 upstream. + +When we open a durable handle we give a Globally Unique +Identifier (GUID) to the server which we must keep for later reference +e.g. when reopening persistent handles on reconnection. + +Without this the GUID generated for a new persistent handle was lost and +16 zero bytes were used instead on re-opening. + +Signed-off-by: Aurelien Aptel +Signed-off-by: Steve French +Signed-off-by: Greg Kroah-Hartman + +--- + fs/cifs/smb2ops.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/fs/cifs/smb2ops.c ++++ b/fs/cifs/smb2ops.c +@@ -536,6 +536,7 @@ smb2_set_fid(struct cifsFileInfo *cfile, + server->ops->set_oplock_level(cinode, oplock, fid->epoch, + &fid->purge_cache); + cinode->can_cache_brlcks = CIFS_CACHE_WRITE(cinode); ++ memcpy(cfile->fid.create_guid, fid->create_guid, 16); + } + + static void diff --git a/queue-4.4/hpsa-correct-skipping-masked-peripherals.patch b/queue-4.4/hpsa-correct-skipping-masked-peripherals.patch new file mode 100644 index 00000000000..97a7a61c7bd --- /dev/null +++ b/queue-4.4/hpsa-correct-skipping-masked-peripherals.patch @@ -0,0 +1,135 @@ +From 64ce60cab24603ac0fcd59c9fbc3be78f4c4d229 Mon Sep 17 00:00:00 2001 +From: Don Brace +Date: Fri, 1 Jul 2016 13:37:31 -0500 +Subject: hpsa: correct skipping masked peripherals + +From: Don Brace + +commit 64ce60cab24603ac0fcd59c9fbc3be78f4c4d229 upstream. + +The SA controller spins down RAID drive spares. + +A REGNEWD event causes an inquiry to be sent to all physical +drives. This causes the SA controller to spin up the spare. + +The controller suspends all I/O to a logical volume until +the spare is spun up. The spin-up can take over 50 seconds. + +This can result in one or both of the following: + - SML sends down aborts and resets to the logical volume + and can cause the logical volume to be off-lined. + - a negative impact on the logical volume's I/O performance + each time a REGNEWD is triggered. + +Reviewed-by: Scott Teel +Reviewed-by: Kevin Barnett +Signed-off-by: Don Brace +Signed-off-by: Martin K. Petersen +Signed-off-by: Juerg Haefliger +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/scsi/hpsa.c | 78 +++++++++++++++++++++++++++++++++++++++++++++++++--- + 1 file changed, 74 insertions(+), 4 deletions(-) + +--- a/drivers/scsi/hpsa.c ++++ b/drivers/scsi/hpsa.c +@@ -3930,6 +3930,70 @@ static int hpsa_set_local_logical_count( + return rc; + } + ++static bool hpsa_is_disk_spare(struct ctlr_info *h, u8 *lunaddrbytes) ++{ ++ struct bmic_identify_physical_device *id_phys; ++ bool is_spare = false; ++ int rc; ++ ++ id_phys = kzalloc(sizeof(*id_phys), GFP_KERNEL); ++ if (!id_phys) ++ return false; ++ ++ rc = hpsa_bmic_id_physical_device(h, ++ lunaddrbytes, ++ GET_BMIC_DRIVE_NUMBER(lunaddrbytes), ++ id_phys, sizeof(*id_phys)); ++ if (rc == 0) ++ is_spare = (id_phys->more_flags >> 6) & 0x01; ++ ++ kfree(id_phys); ++ return is_spare; ++} ++ ++#define RPL_DEV_FLAG_NON_DISK 0x1 ++#define RPL_DEV_FLAG_UNCONFIG_DISK_REPORTING_SUPPORTED 0x2 ++#define RPL_DEV_FLAG_UNCONFIG_DISK 0x4 ++ ++#define BMIC_DEVICE_TYPE_ENCLOSURE 6 ++ ++static bool hpsa_skip_device(struct ctlr_info *h, u8 *lunaddrbytes, ++ struct ext_report_lun_entry *rle) ++{ ++ u8 device_flags; ++ u8 device_type; ++ ++ if (!MASKED_DEVICE(lunaddrbytes)) ++ return false; ++ ++ device_flags = rle->device_flags; ++ device_type = rle->device_type; ++ ++ if (device_flags & RPL_DEV_FLAG_NON_DISK) { ++ if (device_type == BMIC_DEVICE_TYPE_ENCLOSURE) ++ return false; ++ return true; ++ } ++ ++ if (!(device_flags & RPL_DEV_FLAG_UNCONFIG_DISK_REPORTING_SUPPORTED)) ++ return false; ++ ++ if (device_flags & RPL_DEV_FLAG_UNCONFIG_DISK) ++ return false; ++ ++ /* ++ * Spares may be spun down, we do not want to ++ * do an Inquiry to a RAID set spare drive as ++ * that would have them spun up, that is a ++ * performance hit because I/O to the RAID device ++ * stops while the spin up occurs which can take ++ * over 50 seconds. ++ */ ++ if (hpsa_is_disk_spare(h, lunaddrbytes)) ++ return true; ++ ++ return false; ++} + + static void hpsa_update_scsi_devices(struct ctlr_info *h) + { +@@ -4023,6 +4087,7 @@ static void hpsa_update_scsi_devices(str + u8 *lunaddrbytes, is_OBDR = 0; + int rc = 0; + int phys_dev_index = i - (raid_ctlr_position == 0); ++ bool skip_device = false; + + physical_device = i < nphysicals + (raid_ctlr_position == 0); + +@@ -4030,10 +4095,15 @@ static void hpsa_update_scsi_devices(str + lunaddrbytes = figure_lunaddrbytes(h, raid_ctlr_position, + i, nphysicals, nlogicals, physdev_list, logdev_list); + +- /* skip masked non-disk devices */ +- if (MASKED_DEVICE(lunaddrbytes) && physical_device && +- (physdev_list->LUN[phys_dev_index].device_flags & 0x01)) +- continue; ++ /* ++ * Skip over some devices such as a spare. ++ */ ++ if (!tmpdevice->external && physical_device) { ++ skip_device = hpsa_skip_device(h, lunaddrbytes, ++ &physdev_list->LUN[phys_dev_index]); ++ if (skip_device) ++ continue; ++ } + + /* Get device type, vendor, model, device id */ + rc = hpsa_update_device_info(h, lunaddrbytes, tmpdevice, diff --git a/queue-4.4/irqchip-gicv3-handle-loop-timeout-proper.patch b/queue-4.4/irqchip-gicv3-handle-loop-timeout-proper.patch new file mode 100644 index 00000000000..2fbb8f9e46e --- /dev/null +++ b/queue-4.4/irqchip-gicv3-handle-loop-timeout-proper.patch @@ -0,0 +1,42 @@ +From d102eb5c1ac5e6743b1c6d145c06a25d98ad1375 Mon Sep 17 00:00:00 2001 +From: Dan Carpenter +Date: Fri, 14 Oct 2016 10:26:21 +0300 +Subject: irqchip/gicv3: Handle loop timeout proper + +From: Dan Carpenter + +commit d102eb5c1ac5e6743b1c6d145c06a25d98ad1375 upstream. + +The timeout loop terminates when the loop count is zero, but the decrement +of the count variable is post check. So count is -1 when we check for the +timeout and therefor the error message is supressed. + +Change it to predecrement, so the error message is emitted. + +[ tglx: Massaged changelog ] + +Fixes: a2c225101234 ("irqchip: gic-v3: Refactor gic_enable_redist to support both enabling and disabling") +Signed-off-by: Dan Carpenter +Acked-by: Sudeep Holla +Cc: Marc Zyngier +Cc: kernel-janitors@vger.kernel.org +Cc: Jason Cooper +Link: http://lkml.kernel.org/r/20161014072534.GA15168@mwanda +Signed-off-by: Thomas Gleixner +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/irqchip/irq-gic-v3.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/irqchip/irq-gic-v3.c ++++ b/drivers/irqchip/irq-gic-v3.c +@@ -142,7 +142,7 @@ static void gic_enable_redist(bool enabl + return; /* No PM support in this redistributor */ + } + +- while (count--) { ++ while (--count) { + val = readl_relaxed(rbase + GICR_WAKER); + if (enable ^ (val & GICR_WAKER_ChildrenAsleep)) + break; diff --git a/queue-4.4/kvm-x86-memset-whole-irq_eoi.patch b/queue-4.4/kvm-x86-memset-whole-irq_eoi.patch new file mode 100644 index 00000000000..32dd09ee57a --- /dev/null +++ b/queue-4.4/kvm-x86-memset-whole-irq_eoi.patch @@ -0,0 +1,47 @@ +From 8678654e3c7ad7b0f4beb03fa89691279cba71f9 Mon Sep 17 00:00:00 2001 +From: Jiri Slaby +Date: Thu, 13 Oct 2016 17:45:20 +0200 +Subject: kvm: x86: memset whole irq_eoi +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Jiri Slaby + +commit 8678654e3c7ad7b0f4beb03fa89691279cba71f9 upstream. + +gcc 7 warns: +arch/x86/kvm/ioapic.c: In function 'kvm_ioapic_reset': +arch/x86/kvm/ioapic.c:597:2: warning: 'memset' used with length equal to number of elements without multiplication by element size [-Wmemset-elt-size] + +And it is right. Memset whole array using sizeof operator. + +Signed-off-by: Jiri Slaby +Cc: Paolo Bonzini +Cc: Radim Krčmář +Cc: Thomas Gleixner +Cc: Ingo Molnar +Cc: H. Peter Anvin +Cc: x86@kernel.org +Cc: kvm@vger.kernel.org +Cc: linux-kernel@vger.kernel.org +Reviewed-by: Paolo Bonzini +[Added x86 subject tag] +Signed-off-by: Radim Krčmář +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/kvm/ioapic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/x86/kvm/ioapic.c ++++ b/arch/x86/kvm/ioapic.c +@@ -580,7 +580,7 @@ static void kvm_ioapic_reset(struct kvm_ + ioapic->irr = 0; + ioapic->irr_delivered = 0; + ioapic->id = 0; +- memset(ioapic->irq_eoi, 0x00, IOAPIC_NUM_PINS); ++ memset(ioapic->irq_eoi, 0x00, sizeof(ioapic->irq_eoi)); + rtc_irq_eoi_tracking_reset(ioapic); + } + diff --git a/queue-4.4/net-mlx4_core-allow-resetting-vf-admin-mac-to-zero.patch b/queue-4.4/net-mlx4_core-allow-resetting-vf-admin-mac-to-zero.patch new file mode 100644 index 00000000000..786be09128c --- /dev/null +++ b/queue-4.4/net-mlx4_core-allow-resetting-vf-admin-mac-to-zero.patch @@ -0,0 +1,47 @@ +From 6e5224224faa50ec4c8949dcefadf895e565f0d1 Mon Sep 17 00:00:00 2001 +From: Jack Morgenstein +Date: Wed, 2 Mar 2016 17:47:46 +0200 +Subject: net/mlx4_core: Allow resetting VF admin mac to zero + +From: Jack Morgenstein + +commit 6e5224224faa50ec4c8949dcefadf895e565f0d1 upstream. + +The VF administrative mac addresses (stored in the PF driver) are +initialized to zero when the PF driver starts up. + +These addresses may be modified in the PF driver through ndo calls +initiated by iproute2 or libvirt. + +While we allow the PF/host to change the VF admin mac address from zero +to a valid unicast mac, we do not allow restoring the VF admin mac to +zero. We currently only allow changing this mac to a different unicast mac. + +This leads to problems when libvirt scripts are used to deal with +VF mac addresses, and libvirt attempts to revoke the mac so this +host will not use it anymore. + +Fix this by allowing resetting a VF administrative MAC back to zero. + +Fixes: 8f7ba3ca12f6 ('net/mlx4: Add set VF mac address support') +Signed-off-by: Jack Morgenstein +Reported-by: Moshe Levi +Signed-off-by: David S. Miller +Signed-off-by: Juerg Haefliger +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/net/ethernet/mellanox/mlx4/en_netdev.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/net/ethernet/mellanox/mlx4/en_netdev.c ++++ b/drivers/net/ethernet/mellanox/mlx4/en_netdev.c +@@ -2282,7 +2282,7 @@ static int mlx4_en_set_vf_mac(struct net + struct mlx4_en_dev *mdev = en_priv->mdev; + u64 mac_u64 = mlx4_mac_to_u64(mac); + +- if (!is_valid_ether_addr(mac)) ++ if (is_multicast_ether_addr(mac)) + return -EINVAL; + + return mlx4_set_vf_mac(mdev->dev, en_priv->port, queue, mac_u64); diff --git a/queue-4.4/pinctrl-intel-only-restore-pins-that-are-used-by-the-driver.patch b/queue-4.4/pinctrl-intel-only-restore-pins-that-are-used-by-the-driver.patch new file mode 100644 index 00000000000..667799fd28f --- /dev/null +++ b/queue-4.4/pinctrl-intel-only-restore-pins-that-are-used-by-the-driver.patch @@ -0,0 +1,92 @@ +From c538b9436751a0be2e1246b48353bc23156bdbcc Mon Sep 17 00:00:00 2001 +From: Mika Westerberg +Date: Mon, 10 Oct 2016 16:39:31 +0300 +Subject: pinctrl: intel: Only restore pins that are used by the driver + +From: Mika Westerberg + +commit c538b9436751a0be2e1246b48353bc23156bdbcc upstream. + +Dell XPS 13 (and maybe some others) uses a GPIO (CPU_GP_1) during suspend +to explicitly disable USB touchscreen interrupt. This is done to prevent +situation where the lid is closed the touchscreen is left functional. + +The pinctrl driver (wrongly) assumes it owns all pins which are owned by +host and not locked down. It is perfectly fine for BIOS to use those pins +as it is also considered as host in this context. + +What happens is that when the lid of Dell XPS 13 is closed, the BIOS +configures CPU_GP_1 low disabling the touchscreen interrupt. During resume +we restore all host owned pins to the known state which includes CPU_GP_1 +and this overwrites what the BIOS has programmed there causing the +touchscreen to fail as no interrupts are reaching the CPU anymore. + +Fix this by restoring only those pins we know are explicitly requested by +the kernel one way or other. + +Link: https://bugzilla.kernel.org/show_bug.cgi?id=176361 +Reported-by: AceLan Kao +Tested-by: AceLan Kao +Signed-off-by: Mika Westerberg +Signed-off-by: Linus Walleij +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/pinctrl/intel/pinctrl-intel.c | 25 +++++++++++++++++++++++-- + 1 file changed, 23 insertions(+), 2 deletions(-) + +--- a/drivers/pinctrl/intel/pinctrl-intel.c ++++ b/drivers/pinctrl/intel/pinctrl-intel.c +@@ -23,6 +23,7 @@ + #include + #include + ++#include "../core.h" + #include "pinctrl-intel.h" + + /* Offset from regs */ +@@ -1049,6 +1050,26 @@ int intel_pinctrl_remove(struct platform + EXPORT_SYMBOL_GPL(intel_pinctrl_remove); + + #ifdef CONFIG_PM_SLEEP ++static bool intel_pinctrl_should_save(struct intel_pinctrl *pctrl, unsigned pin) ++{ ++ const struct pin_desc *pd = pin_desc_get(pctrl->pctldev, pin); ++ ++ if (!pd || !intel_pad_usable(pctrl, pin)) ++ return false; ++ ++ /* ++ * Only restore the pin if it is actually in use by the kernel (or ++ * by userspace). It is possible that some pins are used by the ++ * BIOS during resume and those are not always locked down so leave ++ * them alone. ++ */ ++ if (pd->mux_owner || pd->gpio_owner || ++ gpiochip_line_is_irq(&pctrl->chip, pin)) ++ return true; ++ ++ return false; ++} ++ + int intel_pinctrl_suspend(struct device *dev) + { + struct platform_device *pdev = to_platform_device(dev); +@@ -1062,7 +1083,7 @@ int intel_pinctrl_suspend(struct device + const struct pinctrl_pin_desc *desc = &pctrl->soc->pins[i]; + u32 val; + +- if (!intel_pad_usable(pctrl, desc->number)) ++ if (!intel_pinctrl_should_save(pctrl, desc->number)) + continue; + + val = readl(intel_get_padcfg(pctrl, desc->number, PADCFG0)); +@@ -1123,7 +1144,7 @@ int intel_pinctrl_resume(struct device * + void __iomem *padcfg; + u32 val; + +- if (!intel_pad_usable(pctrl, desc->number)) ++ if (!intel_pinctrl_should_save(pctrl, desc->number)) + continue; + + padcfg = intel_get_padcfg(pctrl, desc->number, PADCFG0); diff --git a/queue-4.4/pkcs-7-don-t-require-spcspopusinfo-in-authenticode-pkcs7-signatures.patch b/queue-4.4/pkcs-7-don-t-require-spcspopusinfo-in-authenticode-pkcs7-signatures.patch new file mode 100644 index 00000000000..f371e788c5f --- /dev/null +++ b/queue-4.4/pkcs-7-don-t-require-spcspopusinfo-in-authenticode-pkcs7-signatures.patch @@ -0,0 +1,123 @@ +From 7ee7014d0eb6bcac679c0bd5fe9ce65bc4325648 Mon Sep 17 00:00:00 2001 +From: Peter Jones +Date: Mon, 18 Jan 2016 10:49:58 -0500 +Subject: PKCS#7: Don't require SpcSpOpusInfo in Authenticode pkcs7 signatures + +From: Peter Jones + +commit 7ee7014d0eb6bcac679c0bd5fe9ce65bc4325648 upstream. + +Dave Young reported: +> Hi, +> +> I saw the warning "Missing required AuthAttr" when testing kexec, +> known issue? Idea about how to fix it? +> +> The kernel is latest linus tree plus sevral patches from Toshi to +> cleanup io resource structure. +> +> in function pkcs7_sig_note_set_of_authattrs(): +> if (!test_bit(sinfo_has_content_type, &sinfo->aa_set) || +> !test_bit(sinfo_has_message_digest, &sinfo->aa_set) || +> (ctx->msg->data_type == OID_msIndirectData && +> !test_bit(sinfo_has_ms_opus_info, &sinfo->aa_set))) { +> pr_warn("Missing required AuthAttr\n"); +> return -EBADMSG; +> } +> +> The third condition below is true: +> (ctx->msg->data_type == OID_msIndirectData && +> !test_bit(sinfo_has_ms_opus_info, &sinfo->aa_set)) +> +> I signed the kernel with redhat test key like below: +> pesign -c 'Red Hat Test Certificate' -i arch/x86/boot/bzImage -o /boot/vmlinuz-4.4.0-rc8+ -s --force + +And right he is! The Authenticode specification is a paragon amongst +technical documents, and has this pearl of wisdom to offer: + +--------------------------------- +Authenticode-Specific SignerInfo UnauthenticatedAttributes Structures + + The following Authenticode-specific data structures are present in + SignerInfo authenticated attributes. + + SpcSpOpusInfo + SpcSpOpusInfo is identified by SPC_SP_OPUS_INFO_OBJID + (1.3.6.1.4.1.311.2.1.12) and is defined as follows: + SpcSpOpusInfo ::= SEQUENCE { + programName [0] EXPLICIT SpcString OPTIONAL, + moreInfo [1] EXPLICIT SpcLink OPTIONAL, + } --#public-- + + SpcSpOpusInfo has two fields: + programName + This field contains the program description: + If publisher chooses not to specify a description, the SpcString + structure contains a zero-length program name. + If the publisher chooses to specify a + description, the SpcString structure contains a Unicode string. + moreInfo + This field is set to an SPCLink structure that contains a URL for + a Web site with more information about the signer. The URL is an + ASCII string. +--------------------------------- + +Which is to say that this is an optional *unauthenticated* field which +may be present in the Authenticated Attribute list. This is not how +pkcs7 is supposed to work, so when David implemented this, he didn't +appreciate the subtlety the original spec author was working with, and +missed the part of the sublime prose that says this Authenticated +Attribute is an Unauthenticated Attribute. As a result, the code in +question simply takes as given that the Authenticated Attributes should +be authenticated. + +But this one should not, individually. Because it says it's not +authenticated. + +It still has to hash right so the TBS digest is correct. So it is both +authenticated and unauthenticated, all at once. Truly, a wonder of +technical accomplishment. + +Additionally, pesign's implementation has always attempted to be +compatible with the signatures emitted from contemporary versions of +Microsoft's signtool.exe. During the initial implementation, Microsoft +signatures always produced the same values for SpcSpOpusInfo - +{U"Microsoft Windows", "http://www.microsoft.com"} - without regard to +who the signer was. + +Sometime between Windows 8 and Windows 8.1 they stopped including the +field in their signatures altogether, and as such pesign stopped +producing them in commits c0c4da6 and d79cb0c, sometime around June of +2012. The theory here is that anything that breaks with +pesign signatures would also be breaking with signtool.exe sigs as well, +and that'll be a more noticed problem for firmwares parsing it, so it'll +get fixed. The fact that we've done exactly this bug in Linux code is +first class, grade A irony. + +So anyway, we should not be checking this field for presence or any +particular value: if the field exists, it should be at the right place, +but aside from that, as long as the hash matches the field is good. + +Signed-off-by: Peter Jones +Tested-by: Dave Young +Signed-off-by: Herbert Xu +Signed-off-by: Juerg Haefliger +Signed-off-by: Greg Kroah-Hartman + +--- + crypto/asymmetric_keys/pkcs7_parser.c | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +--- a/crypto/asymmetric_keys/pkcs7_parser.c ++++ b/crypto/asymmetric_keys/pkcs7_parser.c +@@ -547,9 +547,7 @@ int pkcs7_sig_note_set_of_authattrs(void + struct pkcs7_signed_info *sinfo = ctx->sinfo; + + if (!test_bit(sinfo_has_content_type, &sinfo->aa_set) || +- !test_bit(sinfo_has_message_digest, &sinfo->aa_set) || +- (ctx->msg->data_type == OID_msIndirectData && +- !test_bit(sinfo_has_ms_opus_info, &sinfo->aa_set))) { ++ !test_bit(sinfo_has_message_digest, &sinfo->aa_set)) { + pr_warn("Missing required AuthAttr\n"); + return -EBADMSG; + } diff --git a/queue-4.4/sched-fair-fix-min_vruntime-tracking.patch b/queue-4.4/sched-fair-fix-min_vruntime-tracking.patch new file mode 100644 index 00000000000..9d6e55c29cb --- /dev/null +++ b/queue-4.4/sched-fair-fix-min_vruntime-tracking.patch @@ -0,0 +1,104 @@ +From b60205c7c558330e4e2b5df498355ec959457358 Mon Sep 17 00:00:00 2001 +From: Peter Zijlstra +Date: Tue, 20 Sep 2016 21:58:12 +0200 +Subject: sched/fair: Fix min_vruntime tracking + +From: Peter Zijlstra + +commit b60205c7c558330e4e2b5df498355ec959457358 upstream. + +While going through enqueue/dequeue to review the movement of +set_curr_task() I noticed that the (2nd) update_min_vruntime() call in +dequeue_entity() is suspect. + +It turns out, its actually wrong because it will consider +cfs_rq->curr, which could be the entry we just normalized. This mixes +different vruntime forms and leads to fail. + +The purpose of the second update_min_vruntime() is to move +min_vruntime forward if the entity we just removed is the one that was +holding it back; _except_ for the DEQUEUE_SAVE case, because then we +know its a temporary removal and it will come back. + +However, since we do put_prev_task() _after_ dequeue(), cfs_rq->curr +will still be set (and per the above, can be tranformed into a +different unit), so update_min_vruntime() should also consider +curr->on_rq. This also fixes another corner case where the enqueue +(which also does update_curr()->update_min_vruntime()) happens on the +rq->lock break in schedule(), between dequeue and put_prev_task. + +Signed-off-by: Peter Zijlstra (Intel) +Cc: Linus Torvalds +Cc: Mike Galbraith +Cc: Peter Zijlstra +Cc: Thomas Gleixner +Cc: linux-kernel@vger.kernel.org +Fixes: 1e876231785d ("sched: Fix ->min_vruntime calculation in dequeue_entity()") +Signed-off-by: Ingo Molnar +Signed-off-by: Greg Kroah-Hartman + +--- + kernel/sched/fair.c | 29 ++++++++++++++++++++++------- + 1 file changed, 22 insertions(+), 7 deletions(-) + +--- a/kernel/sched/fair.c ++++ b/kernel/sched/fair.c +@@ -456,17 +456,23 @@ static inline int entity_before(struct s + + static void update_min_vruntime(struct cfs_rq *cfs_rq) + { ++ struct sched_entity *curr = cfs_rq->curr; ++ + u64 vruntime = cfs_rq->min_vruntime; + +- if (cfs_rq->curr) +- vruntime = cfs_rq->curr->vruntime; ++ if (curr) { ++ if (curr->on_rq) ++ vruntime = curr->vruntime; ++ else ++ curr = NULL; ++ } + + if (cfs_rq->rb_leftmost) { + struct sched_entity *se = rb_entry(cfs_rq->rb_leftmost, + struct sched_entity, + run_node); + +- if (!cfs_rq->curr) ++ if (!curr) + vruntime = se->vruntime; + else + vruntime = min_vruntime(vruntime, se->vruntime); +@@ -3139,9 +3145,10 @@ dequeue_entity(struct cfs_rq *cfs_rq, st + account_entity_dequeue(cfs_rq, se); + + /* +- * Normalize the entity after updating the min_vruntime because the +- * update can refer to the ->curr item and we need to reflect this +- * movement in our normalized position. ++ * Normalize after update_curr(); which will also have moved ++ * min_vruntime if @se is the one holding it back. But before doing ++ * update_min_vruntime() again, which will discount @se's position and ++ * can move min_vruntime forward still more. + */ + if (!(flags & DEQUEUE_SLEEP)) + se->vruntime -= cfs_rq->min_vruntime; +@@ -3149,8 +3156,16 @@ dequeue_entity(struct cfs_rq *cfs_rq, st + /* return excess runtime on last dequeue */ + return_cfs_rq_runtime(cfs_rq); + +- update_min_vruntime(cfs_rq); + update_cfs_shares(cfs_rq); ++ ++ /* ++ * Now advance min_vruntime if @se was the entity holding it back, ++ * except when: DEQUEUE_SAVE && !DEQUEUE_MOVE, in this case we'll be ++ * put back on, and if we advance min_vruntime, we'll be placed back ++ * further than we started -- ie. we'll be penalized. ++ */ ++ if ((flags & (DEQUEUE_SAVE | DEQUEUE_MOVE)) == DEQUEUE_SAVE) ++ update_min_vruntime(cfs_rq); + } + + /* diff --git a/queue-4.4/sd-fix-rw_max-for-devices-that-report-an-optimal-xfer-size.patch b/queue-4.4/sd-fix-rw_max-for-devices-that-report-an-optimal-xfer-size.patch new file mode 100644 index 00000000000..199f0304594 --- /dev/null +++ b/queue-4.4/sd-fix-rw_max-for-devices-that-report-an-optimal-xfer-size.patch @@ -0,0 +1,58 @@ +From 6b7e9cde49691e04314342b7dce90c67ad567fcc Mon Sep 17 00:00:00 2001 +From: "Martin K. Petersen" +Date: Thu, 12 May 2016 22:17:34 -0400 +Subject: sd: Fix rw_max for devices that report an optimal xfer size + +From: Martin K. Petersen + +commit 6b7e9cde49691e04314342b7dce90c67ad567fcc upstream. + +For historic reasons, io_opt is in bytes and max_sectors in block layer +sectors. This interface inconsistency is error prone and should be +fixed. But for 4.4--4.7 let's make the unit difference explicit via a +wrapper function. + +Fixes: d0eb20a863ba ("sd: Optimal I/O size is in bytes, not sectors") +Reported-by: Fam Zheng +Reviewed-by: Bart Van Assche +Reviewed-by: Christoph Hellwig +Tested-by: Andrew Patterson +Signed-off-by: Martin K. Petersen +Signed-off-by: Juerg Haefliger +Signed-off-by: Greg Kroah-Hartman +--- + drivers/scsi/sd.c | 8 ++++---- + drivers/scsi/sd.h | 5 +++++ + 2 files changed, 9 insertions(+), 4 deletions(-) + +--- a/drivers/scsi/sd.c ++++ b/drivers/scsi/sd.c +@@ -2879,10 +2879,10 @@ static int sd_revalidate_disk(struct gen + if (sdkp->opt_xfer_blocks && + sdkp->opt_xfer_blocks <= dev_max && + sdkp->opt_xfer_blocks <= SD_DEF_XFER_BLOCKS && +- sdkp->opt_xfer_blocks * sdp->sector_size >= PAGE_CACHE_SIZE) +- rw_max = q->limits.io_opt = +- sdkp->opt_xfer_blocks * sdp->sector_size; +- else ++ logical_to_bytes(sdp, sdkp->opt_xfer_blocks) >= PAGE_CACHE_SIZE) { ++ q->limits.io_opt = logical_to_bytes(sdp, sdkp->opt_xfer_blocks); ++ rw_max = logical_to_sectors(sdp, sdkp->opt_xfer_blocks); ++ } else + rw_max = BLK_DEF_MAX_SECTORS; + + /* Combine with controller limits */ +--- a/drivers/scsi/sd.h ++++ b/drivers/scsi/sd.h +@@ -151,6 +151,11 @@ static inline sector_t logical_to_sector + return blocks << (ilog2(sdev->sector_size) - 9); + } + ++static inline unsigned int logical_to_bytes(struct scsi_device *sdev, sector_t blocks) ++{ ++ return blocks * sdev->sector_size; ++} ++ + /* + * A DIF-capable target device can be formatted with different + * protection schemes. Currently 0 through 3 are defined: diff --git a/queue-4.4/series b/queue-4.4/series index c422ff9d65a..a74f25075b6 100644 --- a/queue-4.4/series +++ b/queue-4.4/series @@ -69,3 +69,24 @@ ipc-sem.c-fix-complex_count-vs.-simple-op-race.patch lightnvm-ensure-that-nvm_dev_ops-can-be-used-without-config_nvm.patch arc-don-t-leak-bits-of-kernel-stack-into-coredump.patch fs-super.c-fix-race-between-freeze_super-and-thaw_super.patch +cifs-limit-the-overall-credit-acquired.patch +fs-cifs-keep-guid-when-assigning-fid-to-fileinfo.patch +clarify-locking-of-cifs-file-and-tcon-structures-and-make-more-granular.patch +display-number-of-credits-available.patch +set-previous-session-id-correctly-on-smb3-reconnect.patch +smb3-guids-should-be-constructed-as-random-but-valid-uuids.patch +do-not-send-smb3-set_info-request-if-nothing-is-changing.patch +cleanup-missing-frees-on-some-ioctls.patch +fix-regression-which-breaks-dfs-mounting.patch +blkcg-unlock-blkcg_pol_mutex-only-once-when-cpd-null.patch +x86-e820-don-t-merge-consecutive-e820_pram-ranges.patch +kvm-x86-memset-whole-irq_eoi.patch +pinctrl-intel-only-restore-pins-that-are-used-by-the-driver.patch +sched-fair-fix-min_vruntime-tracking.patch +irqchip-gicv3-handle-loop-timeout-proper.patch +sd-fix-rw_max-for-devices-that-report-an-optimal-xfer-size.patch +hpsa-correct-skipping-masked-peripherals.patch +pkcs-7-don-t-require-spcspopusinfo-in-authenticode-pkcs7-signatures.patch +bnx2x-prevent-false-warning-for-lack-of-fc-npiv.patch +net-mlx4_core-allow-resetting-vf-admin-mac-to-zero.patch +acpi-nfit-check-for-the-correct-event-code-in-notifications.patch diff --git a/queue-4.4/set-previous-session-id-correctly-on-smb3-reconnect.patch b/queue-4.4/set-previous-session-id-correctly-on-smb3-reconnect.patch new file mode 100644 index 00000000000..c27ba576878 --- /dev/null +++ b/queue-4.4/set-previous-session-id-correctly-on-smb3-reconnect.patch @@ -0,0 +1,50 @@ +From c2afb8147e69819885493edf3a7c1ce03aaf2d4e Mon Sep 17 00:00:00 2001 +From: Steve French +Date: Tue, 20 Sep 2016 22:56:13 -0500 +Subject: Set previous session id correctly on SMB3 reconnect + +From: Steve French + +commit c2afb8147e69819885493edf3a7c1ce03aaf2d4e upstream. + +Signed-off-by: Steve French +Reported-by: David Goebel +Signed-off-by: Greg Kroah-Hartman + +--- + fs/cifs/smb2pdu.c | 5 +++++ + fs/cifs/smb2pdu.h | 2 +- + 2 files changed, 6 insertions(+), 1 deletion(-) + +--- a/fs/cifs/smb2pdu.c ++++ b/fs/cifs/smb2pdu.c +@@ -607,6 +607,7 @@ SMB2_sess_setup(const unsigned int xid, + char *security_blob = NULL; + unsigned char *ntlmssp_blob = NULL; + bool use_spnego = false; /* else use raw ntlmssp */ ++ u64 previous_session = ses->Suid; + + cifs_dbg(FYI, "Session Setup\n"); + +@@ -644,6 +645,10 @@ ssetup_ntlmssp_authenticate: + return rc; + + req->hdr.SessionId = 0; /* First session, not a reauthenticate */ ++ ++ /* if reconnect, we need to send previous sess id, otherwise it is 0 */ ++ req->PreviousSessionId = previous_session; ++ + req->Flags = 0; /* MBZ */ + /* to enable echos and oplocks */ + req->hdr.CreditRequest = cpu_to_le16(3); +--- a/fs/cifs/smb2pdu.h ++++ b/fs/cifs/smb2pdu.h +@@ -276,7 +276,7 @@ struct smb2_sess_setup_req { + __le32 Channel; + __le16 SecurityBufferOffset; + __le16 SecurityBufferLength; +- __le64 PreviousSessionId; ++ __u64 PreviousSessionId; + __u8 Buffer[1]; /* variable length GSS security buffer */ + } __packed; + diff --git a/queue-4.4/smb3-guids-should-be-constructed-as-random-but-valid-uuids.patch b/queue-4.4/smb3-guids-should-be-constructed-as-random-but-valid-uuids.patch new file mode 100644 index 00000000000..afe3d3550d7 --- /dev/null +++ b/queue-4.4/smb3-guids-should-be-constructed-as-random-but-valid-uuids.patch @@ -0,0 +1,68 @@ +From fa70b87cc6641978b20e12cc5d517e9ffc0086d4 Mon Sep 17 00:00:00 2001 +From: Steve French +Date: Thu, 22 Sep 2016 00:39:34 -0500 +Subject: SMB3: GUIDs should be constructed as random but valid uuids + +From: Steve French + +commit fa70b87cc6641978b20e12cc5d517e9ffc0086d4 upstream. + +GUIDs although random, and 16 bytes, need to be generated as +proper uuids. + +Signed-off-by: Steve French +Reviewed-by: Aurelien Aptel +Reported-by: David Goebels +Signed-off-by: Greg Kroah-Hartman + +--- + fs/cifs/cifsfs.c | 2 +- + fs/cifs/connect.c | 2 +- + fs/cifs/smb2ops.c | 2 +- + fs/cifs/smb2pdu.c | 2 +- + 4 files changed, 4 insertions(+), 4 deletions(-) + +--- a/fs/cifs/cifsfs.c ++++ b/fs/cifs/cifsfs.c +@@ -268,7 +268,7 @@ cifs_alloc_inode(struct super_block *sb) + cifs_inode->createtime = 0; + cifs_inode->epoch = 0; + #ifdef CONFIG_CIFS_SMB2 +- get_random_bytes(cifs_inode->lease_key, SMB2_LEASE_KEY_SIZE); ++ generate_random_uuid(cifs_inode->lease_key); + #endif + /* + * Can not set i_flags here - they get immediately overwritten to zero +--- a/fs/cifs/connect.c ++++ b/fs/cifs/connect.c +@@ -2200,7 +2200,7 @@ cifs_get_tcp_session(struct smb_vol *vol + memcpy(&tcp_ses->dstaddr, &volume_info->dstaddr, + sizeof(tcp_ses->dstaddr)); + #ifdef CONFIG_CIFS_SMB2 +- get_random_bytes(tcp_ses->client_guid, SMB2_CLIENT_GUID_SIZE); ++ generate_random_uuid(tcp_ses->client_guid); + #endif + /* + * at this point we are the only ones with the pointer +--- a/fs/cifs/smb2ops.c ++++ b/fs/cifs/smb2ops.c +@@ -1037,7 +1037,7 @@ smb2_set_lease_key(struct inode *inode, + static void + smb2_new_lease_key(struct cifs_fid *fid) + { +- get_random_bytes(fid->lease_key, SMB2_LEASE_KEY_SIZE); ++ generate_random_uuid(fid->lease_key); + } + + #define SMB2_SYMLINK_STRUCT_SIZE \ +--- a/fs/cifs/smb2pdu.c ++++ b/fs/cifs/smb2pdu.c +@@ -1186,7 +1186,7 @@ create_durable_v2_buf(struct cifs_fid *p + + buf->dcontext.Timeout = 0; /* Should this be configurable by workload */ + buf->dcontext.Flags = cpu_to_le32(SMB2_DHANDLE_FLAG_PERSISTENT); +- get_random_bytes(buf->dcontext.CreateGuid, 16); ++ generate_random_uuid(buf->dcontext.CreateGuid); + memcpy(pfid->create_guid, buf->dcontext.CreateGuid, 16); + + /* SMB2_CREATE_DURABLE_HANDLE_REQUEST is "DH2Q" */ diff --git a/queue-4.4/x86-e820-don-t-merge-consecutive-e820_pram-ranges.patch b/queue-4.4/x86-e820-don-t-merge-consecutive-e820_pram-ranges.patch new file mode 100644 index 00000000000..b5ed9a06454 --- /dev/null +++ b/queue-4.4/x86-e820-don-t-merge-consecutive-e820_pram-ranges.patch @@ -0,0 +1,58 @@ +From 23446cb66c073b827779e5eb3dec301623299b32 Mon Sep 17 00:00:00 2001 +From: Dan Williams +Date: Wed, 12 Oct 2016 11:01:48 -0700 +Subject: x86/e820: Don't merge consecutive E820_PRAM ranges + +From: Dan Williams + +commit 23446cb66c073b827779e5eb3dec301623299b32 upstream. + +Commit: + + 917db484dc6a ("x86/boot: Fix kdump, cleanup aborted E820_PRAM max_pfn manipulation") + +... fixed up the broken manipulations of max_pfn in the presence of +E820_PRAM ranges. + +However, it also broke the sanitize_e820_map() support for not merging +E820_PRAM ranges. + +Re-introduce the enabling to keep resource boundaries between +consecutive defined ranges. Otherwise, for example, an environment that +boots with memmap=2G!8G,2G!10G will end up with a single 4G /dev/pmem0 +device instead of a /dev/pmem0 and /dev/pmem1 device 2G in size. + +Reported-by: Dave Chinner +Signed-off-by: Dan Williams +Cc: Andy Lutomirski +Cc: Borislav Petkov +Cc: Brian Gerst +Cc: Denys Vlasenko +Cc: H. Peter Anvin +Cc: Jeff Moyer +Cc: Josh Poimboeuf +Cc: Linus Torvalds +Cc: Peter Zijlstra +Cc: Thomas Gleixner +Cc: Zhang Yi +Cc: linux-nvdimm@lists.01.org +Fixes: 917db484dc6a ("x86/boot: Fix kdump, cleanup aborted E820_PRAM max_pfn manipulation") +Link: http://lkml.kernel.org/r/147629530854.10618.10383744751594021268.stgit@dwillia2-desk3.amr.corp.intel.com +Signed-off-by: Ingo Molnar +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/kernel/e820.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/x86/kernel/e820.c ++++ b/arch/x86/kernel/e820.c +@@ -347,7 +347,7 @@ int __init sanitize_e820_map(struct e820 + * continue building up new bios map based on this + * information + */ +- if (current_type != last_type) { ++ if (current_type != last_type || current_type == E820_PRAM) { + if (last_type != 0) { + new_bios[new_bios_entry].size = + change_point[chgidx]->addr - last_addr; -- 2.47.3