From a0307ef7c84afe5e7f16ab8b2a0f41df6a21683c Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Wed, 4 Jan 2017 14:28:32 +0100 Subject: [PATCH] 4.4-stable patches added patches: asoc-intel-fix-crash-at-suspend-resume-without-card-registration.patch blk-mq-do-not-invoke-.queue_rq-for-a-stopped-queue.patch dm-crypt-mark-key-as-invalid-until-properly-loaded.patch dm-flakey-return-einval-on-interval-bounds-error-in-flakey_ctr.patch dm-space-map-metadata-fix-struct-sm_metadata-leak-on-failed-create.patch --- ...end-resume-without-card-registration.patch | 67 +++++++++++++++++++ ...invoke-.queue_rq-for-a-stopped-queue.patch | 42 ++++++++++++ ...key-as-invalid-until-properly-loaded.patch | 43 ++++++++++++ ...-interval-bounds-error-in-flakey_ctr.patch | 37 ++++++++++ ...ct-sm_metadata-leak-on-failed-create.patch | 57 ++++++++++++++++ queue-4.4/series | 5 ++ 6 files changed, 251 insertions(+) create mode 100644 queue-4.4/asoc-intel-fix-crash-at-suspend-resume-without-card-registration.patch create mode 100644 queue-4.4/blk-mq-do-not-invoke-.queue_rq-for-a-stopped-queue.patch create mode 100644 queue-4.4/dm-crypt-mark-key-as-invalid-until-properly-loaded.patch create mode 100644 queue-4.4/dm-flakey-return-einval-on-interval-bounds-error-in-flakey_ctr.patch create mode 100644 queue-4.4/dm-space-map-metadata-fix-struct-sm_metadata-leak-on-failed-create.patch diff --git a/queue-4.4/asoc-intel-fix-crash-at-suspend-resume-without-card-registration.patch b/queue-4.4/asoc-intel-fix-crash-at-suspend-resume-without-card-registration.patch new file mode 100644 index 00000000000..7b53485f607 --- /dev/null +++ b/queue-4.4/asoc-intel-fix-crash-at-suspend-resume-without-card-registration.patch @@ -0,0 +1,67 @@ +From 2fc995a87f2efcd803438f07bfecd35cc3d90d32 Mon Sep 17 00:00:00 2001 +From: Takashi Iwai +Date: Fri, 25 Nov 2016 16:54:06 +0100 +Subject: ASoC: intel: Fix crash at suspend/resume without card registration + +From: Takashi Iwai + +commit 2fc995a87f2efcd803438f07bfecd35cc3d90d32 upstream. + +When ASoC Intel SST Medfield driver is probed but without codec / card +assigned, it causes an Oops and freezes the kernel at suspend/resume, + + PM: Suspending system (freeze) + Suspending console(s) (use no_console_suspend to debug) + BUG: unable to handle kernel NULL pointer dereference at 0000000000000018 + IP: [] sst_soc_prepare+0x19/0xa0 [snd_soc_sst_mfld_platform] + Oops: 0000 [#1] PREEMPT SMP + CPU: 0 PID: 1552 Comm: systemd-sleep Tainted: G W 4.9.0-rc6-1.g5f5c2ad-default #1 + Call Trace: + [] dpm_prepare+0x209/0x460 + [] dpm_suspend_start+0x11/0x60 + [] suspend_devices_and_enter+0xb2/0x710 + [] pm_suspend+0x30e/0x390 + [] state_store+0x8a/0x90 + [] kobj_attr_store+0xf/0x20 + [] sysfs_kf_write+0x37/0x40 + [] kernfs_fop_write+0x11c/0x1b0 + [] __vfs_write+0x28/0x140 + [] ? apparmor_file_permission+0x18/0x20 + [] ? security_file_permission+0x3b/0xc0 + [] vfs_write+0xb5/0x1a0 + [] SyS_write+0x46/0xa0 + [] entry_SYSCALL_64_fastpath+0x1e/0xad + +Add proper NULL checks in the PM code of mdfld driver. + +Signed-off-by: Takashi Iwai +Acked-by: Vinod Koul +Signed-off-by: Mark Brown +Signed-off-by: Greg Kroah-Hartman + +--- + sound/soc/intel/atom/sst-mfld-platform-pcm.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +--- a/sound/soc/intel/atom/sst-mfld-platform-pcm.c ++++ b/sound/soc/intel/atom/sst-mfld-platform-pcm.c +@@ -762,6 +762,9 @@ static int sst_soc_prepare(struct device + struct sst_data *drv = dev_get_drvdata(dev); + int i; + ++ if (!drv->soc_card) ++ return 0; ++ + /* suspend all pcms first */ + snd_soc_suspend(drv->soc_card->dev); + snd_soc_poweroff(drv->soc_card->dev); +@@ -784,6 +787,9 @@ static void sst_soc_complete(struct devi + struct sst_data *drv = dev_get_drvdata(dev); + int i; + ++ if (!drv->soc_card) ++ return; ++ + /* restart SSPs */ + for (i = 0; i < drv->soc_card->num_rtd; i++) { + struct snd_soc_dai *dai = drv->soc_card->rtd[i].cpu_dai; diff --git a/queue-4.4/blk-mq-do-not-invoke-.queue_rq-for-a-stopped-queue.patch b/queue-4.4/blk-mq-do-not-invoke-.queue_rq-for-a-stopped-queue.patch new file mode 100644 index 00000000000..d9bd203a7e2 --- /dev/null +++ b/queue-4.4/blk-mq-do-not-invoke-.queue_rq-for-a-stopped-queue.patch @@ -0,0 +1,42 @@ +From bc27c01b5c46d3bfec42c96537c7a3fae0bb2cc4 Mon Sep 17 00:00:00 2001 +From: Bart Van Assche +Date: Fri, 28 Oct 2016 17:18:48 -0700 +Subject: blk-mq: Do not invoke .queue_rq() for a stopped queue + +From: Bart Van Assche + +commit bc27c01b5c46d3bfec42c96537c7a3fae0bb2cc4 upstream. + +The meaning of the BLK_MQ_S_STOPPED flag is "do not call +.queue_rq()". Hence modify blk_mq_make_request() such that requests +are queued instead of issued if a queue has been stopped. + +Reported-by: Ming Lei +Signed-off-by: Bart Van Assche +Reviewed-by: Christoph Hellwig +Reviewed-by: Ming Lei +Reviewed-by: Hannes Reinecke +Reviewed-by: Johannes Thumshirn +Reviewed-by: Sagi Grimberg +Signed-off-by: Jens Axboe +Signed-off-by: Greg Kroah-Hartman + +--- + block/blk-mq.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +--- a/block/blk-mq.c ++++ b/block/blk-mq.c +@@ -1313,9 +1313,9 @@ static blk_qc_t blk_mq_make_request(stru + blk_mq_put_ctx(data.ctx); + if (!old_rq) + goto done; +- if (!blk_mq_direct_issue_request(old_rq, &cookie)) +- goto done; +- blk_mq_insert_request(old_rq, false, true, true); ++ if (test_bit(BLK_MQ_S_STOPPED, &data.hctx->state) || ++ blk_mq_direct_issue_request(old_rq, &cookie) != 0) ++ blk_mq_insert_request(old_rq, false, true, true); + goto done; + } + diff --git a/queue-4.4/dm-crypt-mark-key-as-invalid-until-properly-loaded.patch b/queue-4.4/dm-crypt-mark-key-as-invalid-until-properly-loaded.patch new file mode 100644 index 00000000000..41ff7bc2905 --- /dev/null +++ b/queue-4.4/dm-crypt-mark-key-as-invalid-until-properly-loaded.patch @@ -0,0 +1,43 @@ +From 265e9098bac02bc5e36cda21fdbad34cb5b2f48d Mon Sep 17 00:00:00 2001 +From: Ondrej Kozina +Date: Wed, 2 Nov 2016 15:02:08 +0100 +Subject: dm crypt: mark key as invalid until properly loaded + +From: Ondrej Kozina + +commit 265e9098bac02bc5e36cda21fdbad34cb5b2f48d upstream. + +In crypt_set_key(), if a failure occurs while replacing the old key +(e.g. tfm->setkey() fails) the key must not have DM_CRYPT_KEY_VALID flag +set. Otherwise, the crypto layer would have an invalid key that still +has DM_CRYPT_KEY_VALID flag set. + +Signed-off-by: Ondrej Kozina +Reviewed-by: Mikulas Patocka +Signed-off-by: Mike Snitzer +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/md/dm-crypt.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +--- a/drivers/md/dm-crypt.c ++++ b/drivers/md/dm-crypt.c +@@ -1500,12 +1500,15 @@ static int crypt_set_key(struct crypt_co + if (!cc->key_size && strcmp(key, "-")) + goto out; + ++ /* clear the flag since following operations may invalidate previously valid key */ ++ clear_bit(DM_CRYPT_KEY_VALID, &cc->flags); ++ + if (cc->key_size && crypt_decode_key(cc->key, key, cc->key_size) < 0) + goto out; + +- set_bit(DM_CRYPT_KEY_VALID, &cc->flags); +- + r = crypt_setkey_allcpus(cc); ++ if (!r) ++ set_bit(DM_CRYPT_KEY_VALID, &cc->flags); + + out: + /* Hex key string not needed after here, so wipe it. */ diff --git a/queue-4.4/dm-flakey-return-einval-on-interval-bounds-error-in-flakey_ctr.patch b/queue-4.4/dm-flakey-return-einval-on-interval-bounds-error-in-flakey_ctr.patch new file mode 100644 index 00000000000..f6b3b4bc5cd --- /dev/null +++ b/queue-4.4/dm-flakey-return-einval-on-interval-bounds-error-in-flakey_ctr.patch @@ -0,0 +1,37 @@ +From bff7e067ee518f9ed7e1cbc63e4c9e01670d0b71 Mon Sep 17 00:00:00 2001 +From: Wei Yongjun +Date: Mon, 8 Aug 2016 14:09:27 +0000 +Subject: dm flakey: return -EINVAL on interval bounds error in flakey_ctr() + +From: Wei Yongjun + +commit bff7e067ee518f9ed7e1cbc63e4c9e01670d0b71 upstream. + +Fix to return error code -EINVAL instead of 0, as is done elsewhere in +this function. + +Fixes: e80d1c805a3b ("dm: do not override error code returned from dm_get_device()") +Signed-off-by: Wei Yongjun +Signed-off-by: Mike Snitzer +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/md/dm-flakey.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/drivers/md/dm-flakey.c ++++ b/drivers/md/dm-flakey.c +@@ -200,11 +200,13 @@ static int flakey_ctr(struct dm_target * + + if (!(fc->up_interval + fc->down_interval)) { + ti->error = "Total (up + down) interval is zero"; ++ r = -EINVAL; + goto bad; + } + + if (fc->up_interval + fc->down_interval < fc->up_interval) { + ti->error = "Interval overflow"; ++ r = -EINVAL; + goto bad; + } + diff --git a/queue-4.4/dm-space-map-metadata-fix-struct-sm_metadata-leak-on-failed-create.patch b/queue-4.4/dm-space-map-metadata-fix-struct-sm_metadata-leak-on-failed-create.patch new file mode 100644 index 00000000000..ca15acff1dd --- /dev/null +++ b/queue-4.4/dm-space-map-metadata-fix-struct-sm_metadata-leak-on-failed-create.patch @@ -0,0 +1,57 @@ +From 314c25c56c1ee5026cf99c570bdfe01847927acb Mon Sep 17 00:00:00 2001 +From: Benjamin Marzinski +Date: Wed, 30 Nov 2016 17:56:14 -0600 +Subject: dm space map metadata: fix 'struct sm_metadata' leak on failed create + +From: Benjamin Marzinski + +commit 314c25c56c1ee5026cf99c570bdfe01847927acb upstream. + +In dm_sm_metadata_create() we temporarily change the dm_space_map +operations from 'ops' (whose .destroy function deallocates the +sm_metadata) to 'bootstrap_ops' (whose .destroy function doesn't). + +If dm_sm_metadata_create() fails in sm_ll_new_metadata() or +sm_ll_extend(), it exits back to dm_tm_create_internal(), which calls +dm_sm_destroy() with the intention of freeing the sm_metadata, but it +doesn't (because the dm_space_map operations is still set to +'bootstrap_ops'). + +Fix this by setting the dm_space_map operations back to 'ops' if +dm_sm_metadata_create() fails when it is set to 'bootstrap_ops'. + +Signed-off-by: Benjamin Marzinski +Acked-by: Joe Thornber +Signed-off-by: Mike Snitzer +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/md/persistent-data/dm-space-map-metadata.c | 14 ++++++-------- + 1 file changed, 6 insertions(+), 8 deletions(-) + +--- a/drivers/md/persistent-data/dm-space-map-metadata.c ++++ b/drivers/md/persistent-data/dm-space-map-metadata.c +@@ -775,17 +775,15 @@ int dm_sm_metadata_create(struct dm_spac + memcpy(&smm->sm, &bootstrap_ops, sizeof(smm->sm)); + + r = sm_ll_new_metadata(&smm->ll, tm); ++ if (!r) { ++ if (nr_blocks > DM_SM_METADATA_MAX_BLOCKS) ++ nr_blocks = DM_SM_METADATA_MAX_BLOCKS; ++ r = sm_ll_extend(&smm->ll, nr_blocks); ++ } ++ memcpy(&smm->sm, &ops, sizeof(smm->sm)); + if (r) + return r; + +- if (nr_blocks > DM_SM_METADATA_MAX_BLOCKS) +- nr_blocks = DM_SM_METADATA_MAX_BLOCKS; +- r = sm_ll_extend(&smm->ll, nr_blocks); +- if (r) +- return r; +- +- memcpy(&smm->sm, &ops, sizeof(smm->sm)); +- + /* + * Now we need to update the newly created data structures with the + * allocated blocks that they were built from. diff --git a/queue-4.4/series b/queue-4.4/series index b0cd3d37886..9349b05650b 100644 --- a/queue-4.4/series +++ b/queue-4.4/series @@ -43,3 +43,8 @@ mm-vmscan.c-set-correct-defer-count-for-shrinker.patch fs-exec-apply-cloexec-before-changing-dumpable-task-flags.patch exec-ensure-mm-user_ns-contains-the-execed-files.patch usb-gadget-composite-always-set-ep-mult-to-a-sensible-value.patch +blk-mq-do-not-invoke-.queue_rq-for-a-stopped-queue.patch +dm-flakey-return-einval-on-interval-bounds-error-in-flakey_ctr.patch +dm-crypt-mark-key-as-invalid-until-properly-loaded.patch +dm-space-map-metadata-fix-struct-sm_metadata-leak-on-failed-create.patch +asoc-intel-fix-crash-at-suspend-resume-without-card-registration.patch -- 2.47.3