From 2472e7392532b891081f1d8857d87f28c9d49f5d Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Mon, 20 Jun 2022 10:22:28 +0200 Subject: [PATCH] 5.10-stable patches added patches: comedi-vmk80xx-fix-expression-for-tx-buffer-size.patch crypto-memneq-move-into-lib.patch usb-dwc2-fix-memory-leak-in-dwc2_hcd_init.patch usb-gadget-lpc32xx_udc-fix-refcount-leak-in-lpc32xx_udc_probe.patch usb-serial-io_ti-add-agilent-e5805a-support.patch usb-serial-option-add-support-for-cinterion-mv31-with-new-baseline.patch --- ...xx-fix-expression-for-tx-buffer-size.patch | 35 ++ queue-5.10/crypto-memneq-move-into-lib.patch | 442 ++++++++++++++++++ queue-5.10/series | 6 + ...wc2-fix-memory-leak-in-dwc2_hcd_init.patch | 35 ++ ...x-refcount-leak-in-lpc32xx_udc_probe.patch | 33 ++ ...ial-io_ti-add-agilent-e5805a-support.patch | 49 ++ ...for-cinterion-mv31-with-new-baseline.patch | 75 +++ 7 files changed, 675 insertions(+) create mode 100644 queue-5.10/comedi-vmk80xx-fix-expression-for-tx-buffer-size.patch create mode 100644 queue-5.10/crypto-memneq-move-into-lib.patch create mode 100644 queue-5.10/usb-dwc2-fix-memory-leak-in-dwc2_hcd_init.patch create mode 100644 queue-5.10/usb-gadget-lpc32xx_udc-fix-refcount-leak-in-lpc32xx_udc_probe.patch create mode 100644 queue-5.10/usb-serial-io_ti-add-agilent-e5805a-support.patch create mode 100644 queue-5.10/usb-serial-option-add-support-for-cinterion-mv31-with-new-baseline.patch diff --git a/queue-5.10/comedi-vmk80xx-fix-expression-for-tx-buffer-size.patch b/queue-5.10/comedi-vmk80xx-fix-expression-for-tx-buffer-size.patch new file mode 100644 index 00000000000..6c962f1ac81 --- /dev/null +++ b/queue-5.10/comedi-vmk80xx-fix-expression-for-tx-buffer-size.patch @@ -0,0 +1,35 @@ +From 242439f7e279d86b3f73b5de724bc67b2f8aeb07 Mon Sep 17 00:00:00 2001 +From: Ian Abbott +Date: Tue, 7 Jun 2022 18:18:19 +0100 +Subject: comedi: vmk80xx: fix expression for tx buffer size + +From: Ian Abbott + +commit 242439f7e279d86b3f73b5de724bc67b2f8aeb07 upstream. + +The expression for setting the size of the allocated bulk TX buffer +(`devpriv->usb_tx_buf`) is calling `usb_endpoint_maxp(devpriv->ep_rx)`, +which is using the wrong endpoint (should be `devpriv->ep_tx`). Fix it. + +Fixes: a23461c47482 ("comedi: vmk80xx: fix transfer-buffer overflow") +Cc: Johan Hovold +Cc: stable@vger.kernel.org # 4.9+ +Reviewed-by: Johan Hovold +Signed-off-by: Ian Abbott +Link: https://lore.kernel.org/r/20220607171819.4121-1-abbotti@mev.co.uk +Signed-off-by: Greg Kroah-Hartman +--- + drivers/staging/comedi/drivers/vmk80xx.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/staging/comedi/drivers/vmk80xx.c ++++ b/drivers/staging/comedi/drivers/vmk80xx.c +@@ -685,7 +685,7 @@ static int vmk80xx_alloc_usb_buffers(str + if (!devpriv->usb_rx_buf) + return -ENOMEM; + +- size = max(usb_endpoint_maxp(devpriv->ep_rx), MIN_BUF_SIZE); ++ size = max(usb_endpoint_maxp(devpriv->ep_tx), MIN_BUF_SIZE); + devpriv->usb_tx_buf = kzalloc(size, GFP_KERNEL); + if (!devpriv->usb_tx_buf) + return -ENOMEM; diff --git a/queue-5.10/crypto-memneq-move-into-lib.patch b/queue-5.10/crypto-memneq-move-into-lib.patch new file mode 100644 index 00000000000..226713a4920 --- /dev/null +++ b/queue-5.10/crypto-memneq-move-into-lib.patch @@ -0,0 +1,442 @@ +From abfed87e2a12bd246047d78c01d81eb9529f1d06 Mon Sep 17 00:00:00 2001 +From: "Jason A. Donenfeld" +Date: Sat, 28 May 2022 12:24:29 +0200 +Subject: crypto: memneq - move into lib/ + +From: Jason A. Donenfeld + +commit abfed87e2a12bd246047d78c01d81eb9529f1d06 upstream. + +This is used by code that doesn't need CONFIG_CRYPTO, so move this into +lib/ with a Kconfig option so that it can be selected by whatever needs +it. + +This fixes a linker error Zheng pointed out when +CRYPTO_MANAGER_DISABLE_TESTS!=y and CRYPTO=m: + + lib/crypto/curve25519-selftest.o: In function `curve25519_selftest': + curve25519-selftest.c:(.init.text+0x60): undefined reference to `__crypto_memneq' + curve25519-selftest.c:(.init.text+0xec): undefined reference to `__crypto_memneq' + curve25519-selftest.c:(.init.text+0x114): undefined reference to `__crypto_memneq' + curve25519-selftest.c:(.init.text+0x154): undefined reference to `__crypto_memneq' + +Reported-by: Zheng Bin +Cc: Eric Biggers +Cc: stable@vger.kernel.org +Fixes: aa127963f1ca ("crypto: lib/curve25519 - re-add selftests") +Signed-off-by: Jason A. Donenfeld +Reviewed-by: Eric Biggers +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman +--- + crypto/Kconfig | 1 + + crypto/Makefile | 2 +- + lib/Kconfig | 3 +++ + lib/Makefile | 1 + + lib/crypto/Kconfig | 1 + + {crypto => lib}/memneq.c | 0 + crypto/Kconfig | 1 + crypto/Makefile | 2 + crypto/memneq.c | 168 ----------------------------------------------------- + lib/Kconfig | 3 + lib/Makefile | 1 + lib/crypto/Kconfig | 1 + lib/memneq.c | 168 +++++++++++++++++++++++++++++++++++++++++++++++++++++ + 7 files changed, 175 insertions(+), 169 deletions(-) + rename {crypto => lib}/memneq.c (100%) + +--- a/crypto/Kconfig ++++ b/crypto/Kconfig +@@ -15,6 +15,7 @@ source "crypto/async_tx/Kconfig" + # + menuconfig CRYPTO + tristate "Cryptographic API" ++ select LIB_MEMNEQ + help + This option provides the core Cryptographic API. + +--- a/crypto/Makefile ++++ b/crypto/Makefile +@@ -4,7 +4,7 @@ + # + + obj-$(CONFIG_CRYPTO) += crypto.o +-crypto-y := api.o cipher.o compress.o memneq.o ++crypto-y := api.o cipher.o compress.o + + obj-$(CONFIG_CRYPTO_ENGINE) += crypto_engine.o + obj-$(CONFIG_CRYPTO_FIPS) += fips.o +--- a/crypto/memneq.c ++++ /dev/null +@@ -1,168 +0,0 @@ +-/* +- * Constant-time equality testing of memory regions. +- * +- * Authors: +- * +- * James Yonan +- * Daniel Borkmann +- * +- * This file is provided under a dual BSD/GPLv2 license. When using or +- * redistributing this file, you may do so under either license. +- * +- * GPL LICENSE SUMMARY +- * +- * Copyright(c) 2013 OpenVPN Technologies, Inc. All rights reserved. +- * +- * This program is free software; you can redistribute it and/or modify +- * it under the terms of version 2 of the GNU General Public License as +- * published by the Free Software Foundation. +- * +- * This program is distributed in the hope that it will be useful, but +- * WITHOUT ANY WARRANTY; without even the implied warranty of +- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +- * General Public License for more details. +- * +- * You should have received a copy of the GNU General Public License +- * along with this program; if not, write to the Free Software +- * Foundation, Inc., 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA. +- * The full GNU General Public License is included in this distribution +- * in the file called LICENSE.GPL. +- * +- * BSD LICENSE +- * +- * Copyright(c) 2013 OpenVPN Technologies, Inc. All rights reserved. +- * +- * Redistribution and use in source and binary forms, with or without +- * modification, are permitted provided that the following conditions +- * are met: +- * +- * * Redistributions of source code must retain the above copyright +- * notice, this list of conditions and the following disclaimer. +- * * Redistributions in binary form must reproduce the above copyright +- * notice, this list of conditions and the following disclaimer in +- * the documentation and/or other materials provided with the +- * distribution. +- * * Neither the name of OpenVPN Technologies nor the names of its +- * contributors may be used to endorse or promote products derived +- * from this software without specific prior written permission. +- * +- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +- */ +- +-#include +- +-#ifndef __HAVE_ARCH_CRYPTO_MEMNEQ +- +-/* Generic path for arbitrary size */ +-static inline unsigned long +-__crypto_memneq_generic(const void *a, const void *b, size_t size) +-{ +- unsigned long neq = 0; +- +-#if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) +- while (size >= sizeof(unsigned long)) { +- neq |= *(unsigned long *)a ^ *(unsigned long *)b; +- OPTIMIZER_HIDE_VAR(neq); +- a += sizeof(unsigned long); +- b += sizeof(unsigned long); +- size -= sizeof(unsigned long); +- } +-#endif /* CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS */ +- while (size > 0) { +- neq |= *(unsigned char *)a ^ *(unsigned char *)b; +- OPTIMIZER_HIDE_VAR(neq); +- a += 1; +- b += 1; +- size -= 1; +- } +- return neq; +-} +- +-/* Loop-free fast-path for frequently used 16-byte size */ +-static inline unsigned long __crypto_memneq_16(const void *a, const void *b) +-{ +- unsigned long neq = 0; +- +-#ifdef CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS +- if (sizeof(unsigned long) == 8) { +- neq |= *(unsigned long *)(a) ^ *(unsigned long *)(b); +- OPTIMIZER_HIDE_VAR(neq); +- neq |= *(unsigned long *)(a+8) ^ *(unsigned long *)(b+8); +- OPTIMIZER_HIDE_VAR(neq); +- } else if (sizeof(unsigned int) == 4) { +- neq |= *(unsigned int *)(a) ^ *(unsigned int *)(b); +- OPTIMIZER_HIDE_VAR(neq); +- neq |= *(unsigned int *)(a+4) ^ *(unsigned int *)(b+4); +- OPTIMIZER_HIDE_VAR(neq); +- neq |= *(unsigned int *)(a+8) ^ *(unsigned int *)(b+8); +- OPTIMIZER_HIDE_VAR(neq); +- neq |= *(unsigned int *)(a+12) ^ *(unsigned int *)(b+12); +- OPTIMIZER_HIDE_VAR(neq); +- } else +-#endif /* CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS */ +- { +- neq |= *(unsigned char *)(a) ^ *(unsigned char *)(b); +- OPTIMIZER_HIDE_VAR(neq); +- neq |= *(unsigned char *)(a+1) ^ *(unsigned char *)(b+1); +- OPTIMIZER_HIDE_VAR(neq); +- neq |= *(unsigned char *)(a+2) ^ *(unsigned char *)(b+2); +- OPTIMIZER_HIDE_VAR(neq); +- neq |= *(unsigned char *)(a+3) ^ *(unsigned char *)(b+3); +- OPTIMIZER_HIDE_VAR(neq); +- neq |= *(unsigned char *)(a+4) ^ *(unsigned char *)(b+4); +- OPTIMIZER_HIDE_VAR(neq); +- neq |= *(unsigned char *)(a+5) ^ *(unsigned char *)(b+5); +- OPTIMIZER_HIDE_VAR(neq); +- neq |= *(unsigned char *)(a+6) ^ *(unsigned char *)(b+6); +- OPTIMIZER_HIDE_VAR(neq); +- neq |= *(unsigned char *)(a+7) ^ *(unsigned char *)(b+7); +- OPTIMIZER_HIDE_VAR(neq); +- neq |= *(unsigned char *)(a+8) ^ *(unsigned char *)(b+8); +- OPTIMIZER_HIDE_VAR(neq); +- neq |= *(unsigned char *)(a+9) ^ *(unsigned char *)(b+9); +- OPTIMIZER_HIDE_VAR(neq); +- neq |= *(unsigned char *)(a+10) ^ *(unsigned char *)(b+10); +- OPTIMIZER_HIDE_VAR(neq); +- neq |= *(unsigned char *)(a+11) ^ *(unsigned char *)(b+11); +- OPTIMIZER_HIDE_VAR(neq); +- neq |= *(unsigned char *)(a+12) ^ *(unsigned char *)(b+12); +- OPTIMIZER_HIDE_VAR(neq); +- neq |= *(unsigned char *)(a+13) ^ *(unsigned char *)(b+13); +- OPTIMIZER_HIDE_VAR(neq); +- neq |= *(unsigned char *)(a+14) ^ *(unsigned char *)(b+14); +- OPTIMIZER_HIDE_VAR(neq); +- neq |= *(unsigned char *)(a+15) ^ *(unsigned char *)(b+15); +- OPTIMIZER_HIDE_VAR(neq); +- } +- +- return neq; +-} +- +-/* Compare two areas of memory without leaking timing information, +- * and with special optimizations for common sizes. Users should +- * not call this function directly, but should instead use +- * crypto_memneq defined in crypto/algapi.h. +- */ +-noinline unsigned long __crypto_memneq(const void *a, const void *b, +- size_t size) +-{ +- switch (size) { +- case 16: +- return __crypto_memneq_16(a, b); +- default: +- return __crypto_memneq_generic(a, b, size); +- } +-} +-EXPORT_SYMBOL(__crypto_memneq); +- +-#endif /* __HAVE_ARCH_CRYPTO_MEMNEQ */ +--- a/lib/Kconfig ++++ b/lib/Kconfig +@@ -103,6 +103,9 @@ config INDIRECT_PIO + + source "lib/crypto/Kconfig" + ++config LIB_MEMNEQ ++ bool ++ + config CRC_CCITT + tristate "CRC-CCITT functions" + help +--- a/lib/Makefile ++++ b/lib/Makefile +@@ -248,6 +248,7 @@ obj-$(CONFIG_DIMLIB) += dim/ + obj-$(CONFIG_SIGNATURE) += digsig.o + + lib-$(CONFIG_CLZ_TAB) += clz_tab.o ++lib-$(CONFIG_LIB_MEMNEQ) += memneq.o + + obj-$(CONFIG_GENERIC_STRNCPY_FROM_USER) += strncpy_from_user.o + obj-$(CONFIG_GENERIC_STRNLEN_USER) += strnlen_user.o +--- a/lib/crypto/Kconfig ++++ b/lib/crypto/Kconfig +@@ -71,6 +71,7 @@ config CRYPTO_LIB_CURVE25519 + tristate "Curve25519 scalar multiplication library" + depends on CRYPTO_ARCH_HAVE_LIB_CURVE25519 || !CRYPTO_ARCH_HAVE_LIB_CURVE25519 + select CRYPTO_LIB_CURVE25519_GENERIC if CRYPTO_ARCH_HAVE_LIB_CURVE25519=n ++ select LIB_MEMNEQ + help + Enable the Curve25519 library interface. This interface may be + fulfilled by either the generic implementation or an arch-specific +--- /dev/null ++++ b/lib/memneq.c +@@ -0,0 +1,168 @@ ++/* ++ * Constant-time equality testing of memory regions. ++ * ++ * Authors: ++ * ++ * James Yonan ++ * Daniel Borkmann ++ * ++ * This file is provided under a dual BSD/GPLv2 license. When using or ++ * redistributing this file, you may do so under either license. ++ * ++ * GPL LICENSE SUMMARY ++ * ++ * Copyright(c) 2013 OpenVPN Technologies, Inc. All rights reserved. ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of version 2 of the GNU General Public License as ++ * published by the Free Software Foundation. ++ * ++ * This program is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA. ++ * The full GNU General Public License is included in this distribution ++ * in the file called LICENSE.GPL. ++ * ++ * BSD LICENSE ++ * ++ * Copyright(c) 2013 OpenVPN Technologies, Inc. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * * Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * * Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * * Neither the name of OpenVPN Technologies nor the names of its ++ * contributors may be used to endorse or promote products derived ++ * from this software without specific prior written permission. ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ++ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT ++ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR ++ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT ++ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT ++ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, ++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY ++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT ++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE ++ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ++ */ ++ ++#include ++ ++#ifndef __HAVE_ARCH_CRYPTO_MEMNEQ ++ ++/* Generic path for arbitrary size */ ++static inline unsigned long ++__crypto_memneq_generic(const void *a, const void *b, size_t size) ++{ ++ unsigned long neq = 0; ++ ++#if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) ++ while (size >= sizeof(unsigned long)) { ++ neq |= *(unsigned long *)a ^ *(unsigned long *)b; ++ OPTIMIZER_HIDE_VAR(neq); ++ a += sizeof(unsigned long); ++ b += sizeof(unsigned long); ++ size -= sizeof(unsigned long); ++ } ++#endif /* CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS */ ++ while (size > 0) { ++ neq |= *(unsigned char *)a ^ *(unsigned char *)b; ++ OPTIMIZER_HIDE_VAR(neq); ++ a += 1; ++ b += 1; ++ size -= 1; ++ } ++ return neq; ++} ++ ++/* Loop-free fast-path for frequently used 16-byte size */ ++static inline unsigned long __crypto_memneq_16(const void *a, const void *b) ++{ ++ unsigned long neq = 0; ++ ++#ifdef CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS ++ if (sizeof(unsigned long) == 8) { ++ neq |= *(unsigned long *)(a) ^ *(unsigned long *)(b); ++ OPTIMIZER_HIDE_VAR(neq); ++ neq |= *(unsigned long *)(a+8) ^ *(unsigned long *)(b+8); ++ OPTIMIZER_HIDE_VAR(neq); ++ } else if (sizeof(unsigned int) == 4) { ++ neq |= *(unsigned int *)(a) ^ *(unsigned int *)(b); ++ OPTIMIZER_HIDE_VAR(neq); ++ neq |= *(unsigned int *)(a+4) ^ *(unsigned int *)(b+4); ++ OPTIMIZER_HIDE_VAR(neq); ++ neq |= *(unsigned int *)(a+8) ^ *(unsigned int *)(b+8); ++ OPTIMIZER_HIDE_VAR(neq); ++ neq |= *(unsigned int *)(a+12) ^ *(unsigned int *)(b+12); ++ OPTIMIZER_HIDE_VAR(neq); ++ } else ++#endif /* CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS */ ++ { ++ neq |= *(unsigned char *)(a) ^ *(unsigned char *)(b); ++ OPTIMIZER_HIDE_VAR(neq); ++ neq |= *(unsigned char *)(a+1) ^ *(unsigned char *)(b+1); ++ OPTIMIZER_HIDE_VAR(neq); ++ neq |= *(unsigned char *)(a+2) ^ *(unsigned char *)(b+2); ++ OPTIMIZER_HIDE_VAR(neq); ++ neq |= *(unsigned char *)(a+3) ^ *(unsigned char *)(b+3); ++ OPTIMIZER_HIDE_VAR(neq); ++ neq |= *(unsigned char *)(a+4) ^ *(unsigned char *)(b+4); ++ OPTIMIZER_HIDE_VAR(neq); ++ neq |= *(unsigned char *)(a+5) ^ *(unsigned char *)(b+5); ++ OPTIMIZER_HIDE_VAR(neq); ++ neq |= *(unsigned char *)(a+6) ^ *(unsigned char *)(b+6); ++ OPTIMIZER_HIDE_VAR(neq); ++ neq |= *(unsigned char *)(a+7) ^ *(unsigned char *)(b+7); ++ OPTIMIZER_HIDE_VAR(neq); ++ neq |= *(unsigned char *)(a+8) ^ *(unsigned char *)(b+8); ++ OPTIMIZER_HIDE_VAR(neq); ++ neq |= *(unsigned char *)(a+9) ^ *(unsigned char *)(b+9); ++ OPTIMIZER_HIDE_VAR(neq); ++ neq |= *(unsigned char *)(a+10) ^ *(unsigned char *)(b+10); ++ OPTIMIZER_HIDE_VAR(neq); ++ neq |= *(unsigned char *)(a+11) ^ *(unsigned char *)(b+11); ++ OPTIMIZER_HIDE_VAR(neq); ++ neq |= *(unsigned char *)(a+12) ^ *(unsigned char *)(b+12); ++ OPTIMIZER_HIDE_VAR(neq); ++ neq |= *(unsigned char *)(a+13) ^ *(unsigned char *)(b+13); ++ OPTIMIZER_HIDE_VAR(neq); ++ neq |= *(unsigned char *)(a+14) ^ *(unsigned char *)(b+14); ++ OPTIMIZER_HIDE_VAR(neq); ++ neq |= *(unsigned char *)(a+15) ^ *(unsigned char *)(b+15); ++ OPTIMIZER_HIDE_VAR(neq); ++ } ++ ++ return neq; ++} ++ ++/* Compare two areas of memory without leaking timing information, ++ * and with special optimizations for common sizes. Users should ++ * not call this function directly, but should instead use ++ * crypto_memneq defined in crypto/algapi.h. ++ */ ++noinline unsigned long __crypto_memneq(const void *a, const void *b, ++ size_t size) ++{ ++ switch (size) { ++ case 16: ++ return __crypto_memneq_16(a, b); ++ default: ++ return __crypto_memneq_generic(a, b, size); ++ } ++} ++EXPORT_SYMBOL(__crypto_memneq); ++ ++#endif /* __HAVE_ARCH_CRYPTO_MEMNEQ */ diff --git a/queue-5.10/series b/queue-5.10/series index d25eac3bcf5..7d734b1e40d 100644 --- a/queue-5.10/series +++ b/queue-5.10/series @@ -58,3 +58,9 @@ irqchip-gic-v3-fix-error-handling-in-gic_populate_pp.patch irqchip-gic-v3-fix-refcount-leak-in-gic_populate_ppi.patch i2c-designware-use-standard-optional-ref-clock-imple.patch mei-me-add-raptor-lake-point-s-did.patch +comedi-vmk80xx-fix-expression-for-tx-buffer-size.patch +crypto-memneq-move-into-lib.patch +usb-serial-option-add-support-for-cinterion-mv31-with-new-baseline.patch +usb-serial-io_ti-add-agilent-e5805a-support.patch +usb-dwc2-fix-memory-leak-in-dwc2_hcd_init.patch +usb-gadget-lpc32xx_udc-fix-refcount-leak-in-lpc32xx_udc_probe.patch diff --git a/queue-5.10/usb-dwc2-fix-memory-leak-in-dwc2_hcd_init.patch b/queue-5.10/usb-dwc2-fix-memory-leak-in-dwc2_hcd_init.patch new file mode 100644 index 00000000000..205bf1a4aae --- /dev/null +++ b/queue-5.10/usb-dwc2-fix-memory-leak-in-dwc2_hcd_init.patch @@ -0,0 +1,35 @@ +From 3755278f078460b021cd0384562977bf2039a57a Mon Sep 17 00:00:00 2001 +From: Miaoqian Lin +Date: Mon, 30 May 2022 12:54:12 +0400 +Subject: usb: dwc2: Fix memory leak in dwc2_hcd_init + +From: Miaoqian Lin + +commit 3755278f078460b021cd0384562977bf2039a57a upstream. + +usb_create_hcd will alloc memory for hcd, and we should +call usb_put_hcd to free it when platform_get_resource() +fails to prevent memory leak. +goto error2 label instead error1 to fix this. + +Fixes: 856e6e8e0f93 ("usb: dwc2: check return value after calling platform_get_resource()") +Cc: stable +Acked-by: Minas Harutyunyan +Signed-off-by: Miaoqian Lin +Link: https://lore.kernel.org/r/20220530085413.44068-1-linmq006@gmail.com +Signed-off-by: Greg Kroah-Hartman +--- + drivers/usb/dwc2/hcd.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/usb/dwc2/hcd.c ++++ b/drivers/usb/dwc2/hcd.c +@@ -5076,7 +5076,7 @@ int dwc2_hcd_init(struct dwc2_hsotg *hso + res = platform_get_resource(pdev, IORESOURCE_MEM, 0); + if (!res) { + retval = -EINVAL; +- goto error1; ++ goto error2; + } + hcd->rsrc_start = res->start; + hcd->rsrc_len = resource_size(res); diff --git a/queue-5.10/usb-gadget-lpc32xx_udc-fix-refcount-leak-in-lpc32xx_udc_probe.patch b/queue-5.10/usb-gadget-lpc32xx_udc-fix-refcount-leak-in-lpc32xx_udc_probe.patch new file mode 100644 index 00000000000..b2155a36e2c --- /dev/null +++ b/queue-5.10/usb-gadget-lpc32xx_udc-fix-refcount-leak-in-lpc32xx_udc_probe.patch @@ -0,0 +1,33 @@ +From 4757c9ade34178b351580133771f510b5ffcf9c8 Mon Sep 17 00:00:00 2001 +From: Miaoqian Lin +Date: Fri, 3 Jun 2022 18:02:44 +0400 +Subject: usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe + +From: Miaoqian Lin + +commit 4757c9ade34178b351580133771f510b5ffcf9c8 upstream. + +of_parse_phandle() returns a node pointer with refcount +incremented, we should use of_node_put() on it when not need anymore. +Add missing of_node_put() to avoid refcount leak. +of_node_put() will check NULL pointer. + +Fixes: 24a28e428351 ("USB: gadget driver for LPC32xx") +Cc: stable +Signed-off-by: Miaoqian Lin +Link: https://lore.kernel.org/r/20220603140246.64529-1-linmq006@gmail.com +Signed-off-by: Greg Kroah-Hartman +--- + drivers/usb/gadget/udc/lpc32xx_udc.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/drivers/usb/gadget/udc/lpc32xx_udc.c ++++ b/drivers/usb/gadget/udc/lpc32xx_udc.c +@@ -3015,6 +3015,7 @@ static int lpc32xx_udc_probe(struct plat + } + + udc->isp1301_i2c_client = isp1301_get_client(isp1301_node); ++ of_node_put(isp1301_node); + if (!udc->isp1301_i2c_client) { + return -EPROBE_DEFER; + } diff --git a/queue-5.10/usb-serial-io_ti-add-agilent-e5805a-support.patch b/queue-5.10/usb-serial-io_ti-add-agilent-e5805a-support.patch new file mode 100644 index 00000000000..541e585f4e5 --- /dev/null +++ b/queue-5.10/usb-serial-io_ti-add-agilent-e5805a-support.patch @@ -0,0 +1,49 @@ +From 908e698f2149c3d6a67d9ae15c75545a3f392559 Mon Sep 17 00:00:00 2001 +From: Robert Eckelmann +Date: Sat, 21 May 2022 23:08:08 +0900 +Subject: USB: serial: io_ti: add Agilent E5805A support + +From: Robert Eckelmann + +commit 908e698f2149c3d6a67d9ae15c75545a3f392559 upstream. + +Add support for Agilent E5805A (rebranded ION Edgeport/4) to io_ti. + +Signed-off-by: Robert Eckelmann +Link: https://lore.kernel.org/r/20220521230808.30931eca@octoberrain +Cc: stable@vger.kernel.org +Signed-off-by: Johan Hovold +Signed-off-by: Greg Kroah-Hartman +--- + drivers/usb/serial/io_ti.c | 2 ++ + drivers/usb/serial/io_usbvend.h | 1 + + 2 files changed, 3 insertions(+) + +--- a/drivers/usb/serial/io_ti.c ++++ b/drivers/usb/serial/io_ti.c +@@ -168,6 +168,7 @@ static const struct usb_device_id edgepo + { USB_DEVICE(USB_VENDOR_ID_ION, ION_DEVICE_ID_TI_EDGEPORT_8S) }, + { USB_DEVICE(USB_VENDOR_ID_ION, ION_DEVICE_ID_TI_EDGEPORT_416) }, + { USB_DEVICE(USB_VENDOR_ID_ION, ION_DEVICE_ID_TI_EDGEPORT_416B) }, ++ { USB_DEVICE(USB_VENDOR_ID_ION, ION_DEVICE_ID_E5805A) }, + { } + }; + +@@ -206,6 +207,7 @@ static const struct usb_device_id id_tab + { USB_DEVICE(USB_VENDOR_ID_ION, ION_DEVICE_ID_TI_EDGEPORT_8S) }, + { USB_DEVICE(USB_VENDOR_ID_ION, ION_DEVICE_ID_TI_EDGEPORT_416) }, + { USB_DEVICE(USB_VENDOR_ID_ION, ION_DEVICE_ID_TI_EDGEPORT_416B) }, ++ { USB_DEVICE(USB_VENDOR_ID_ION, ION_DEVICE_ID_E5805A) }, + { } + }; + +--- a/drivers/usb/serial/io_usbvend.h ++++ b/drivers/usb/serial/io_usbvend.h +@@ -212,6 +212,7 @@ + // + // Definitions for other product IDs + #define ION_DEVICE_ID_MT4X56USB 0x1403 // OEM device ++#define ION_DEVICE_ID_E5805A 0x1A01 // OEM device (rebranded Edgeport/4) + + + #define GENERATION_ID_FROM_USB_PRODUCT_ID(ProductId) \ diff --git a/queue-5.10/usb-serial-option-add-support-for-cinterion-mv31-with-new-baseline.patch b/queue-5.10/usb-serial-option-add-support-for-cinterion-mv31-with-new-baseline.patch new file mode 100644 index 00000000000..5852b0a8922 --- /dev/null +++ b/queue-5.10/usb-serial-option-add-support-for-cinterion-mv31-with-new-baseline.patch @@ -0,0 +1,75 @@ +From 158f7585bfcea4aae0ad4128d032a80fec550df1 Mon Sep 17 00:00:00 2001 +From: Slark Xiao +Date: Wed, 1 Jun 2022 11:47:40 +0800 +Subject: USB: serial: option: add support for Cinterion MV31 with new baseline + +From: Slark Xiao + +commit 158f7585bfcea4aae0ad4128d032a80fec550df1 upstream. + +Adding support for Cinterion device MV31 with Qualcomm +new baseline. Use different PIDs to separate it from +previous base line products. +All interfaces settings keep same as previous. + +Below is test evidence: +T: Bus=03 Lev=01 Prnt=01 Port=00 Cnt=01 Dev#= 6 Spd=480 MxCh= 0 +D: Ver= 2.10 Cls=ef(misc ) Sub=02 Prot=01 MxPS=64 #Cfgs= 1 +P: Vendor=1e2d ProdID=00b8 Rev=04.14 +S: Manufacturer=Cinterion +S: Product=Cinterion PID 0x00B8 USB Mobile Broadband +S: SerialNumber=90418e79 +C: #Ifs= 6 Cfg#= 1 Atr=a0 MxPwr=500mA +I: If#=0x0 Alt= 0 #EPs= 1 Cls=02(commc) Sub=0e Prot=00 Driver=cdc_mbim +I: If#=0x1 Alt= 1 #EPs= 2 Cls=0a(data ) Sub=00 Prot=02 Driver=cdc_mbim +I: If#=0x2 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=40 Driver=option +I: If#=0x3 Alt= 0 #EPs= 1 Cls=ff(vend.) Sub=ff Prot=ff Driver=(none) +I: If#=0x4 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=60 Driver=option +I: If#=0x5 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=30 Driver=option + +T: Bus=03 Lev=01 Prnt=01 Port=00 Cnt=01 Dev#= 7 Spd=480 MxCh= 0 +D: Ver= 2.10 Cls=ef(misc ) Sub=02 Prot=01 MxPS=64 #Cfgs= 1 +P: Vendor=1e2d ProdID=00b9 Rev=04.14 +S: Manufacturer=Cinterion +S: Product=Cinterion PID 0x00B9 USB Mobile Broadband +S: SerialNumber=90418e79 +C: #Ifs= 4 Cfg#= 1 Atr=a0 MxPwr=500mA +I: If#=0x0 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=50 Driver=qmi_wwan +I: If#=0x1 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=40 Driver=option +I: If#=0x2 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=60 Driver=option +I: If#=0x3 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=30 Driver=option + +For PID 00b8, interface 3 is GNSS port which don't use serial driver. + +Signed-off-by: Slark Xiao +Link: https://lore.kernel.org/r/20220601034740.5438-1-slark_xiao@163.com +[ johan: rename defines using a "2" infix ] +Cc: stable@vger.kernel.org +Signed-off-by: Johan Hovold +Signed-off-by: Greg Kroah-Hartman +--- + drivers/usb/serial/option.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +--- a/drivers/usb/serial/option.c ++++ b/drivers/usb/serial/option.c +@@ -432,6 +432,8 @@ static void option_instat_callback(struc + #define CINTERION_PRODUCT_CLS8 0x00b0 + #define CINTERION_PRODUCT_MV31_MBIM 0x00b3 + #define CINTERION_PRODUCT_MV31_RMNET 0x00b7 ++#define CINTERION_PRODUCT_MV31_2_MBIM 0x00b8 ++#define CINTERION_PRODUCT_MV31_2_RMNET 0x00b9 + #define CINTERION_PRODUCT_MV32_WA 0x00f1 + #define CINTERION_PRODUCT_MV32_WB 0x00f2 + +@@ -1979,6 +1981,10 @@ static const struct usb_device_id option + .driver_info = RSVD(3)}, + { USB_DEVICE_INTERFACE_CLASS(CINTERION_VENDOR_ID, CINTERION_PRODUCT_MV31_RMNET, 0xff), + .driver_info = RSVD(0)}, ++ { USB_DEVICE_INTERFACE_CLASS(CINTERION_VENDOR_ID, CINTERION_PRODUCT_MV31_2_MBIM, 0xff), ++ .driver_info = RSVD(3)}, ++ { USB_DEVICE_INTERFACE_CLASS(CINTERION_VENDOR_ID, CINTERION_PRODUCT_MV31_2_RMNET, 0xff), ++ .driver_info = RSVD(0)}, + { USB_DEVICE_INTERFACE_CLASS(CINTERION_VENDOR_ID, CINTERION_PRODUCT_MV32_WA, 0xff), + .driver_info = RSVD(3)}, + { USB_DEVICE_INTERFACE_CLASS(CINTERION_VENDOR_ID, CINTERION_PRODUCT_MV32_WB, 0xff), -- 2.47.3