From e062f237e7cdc357e23ff54725362e56b262d608 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Fri, 24 Oct 2014 13:11:17 +0800 Subject: [PATCH] 3.10-stable patches added patches: bluetooth-fix-hci-h5-corrupted-ack-value.patch bluetooth-fix-issue-with-usb-suspend-in-btusb-driver.patch fanotify-enable-close-on-exec-on-events-fd-when-requested-in-fanotify_init.patch iwlwifi-add-missing-pci-ids-for-the-7260-series.patch kernel-add-support-for-gcc-5.patch mm-clear-__gfp_fs-when-pf_memalloc_noio-is-set.patch pci-generate-uppercase-hex-for-modalias-interface-class.patch pci-increase-ibm-ipr-sas-crocodile-bars-to-at-least-system-page-size.patch pci-pciehp-prevent-null-dereference-during-probe.patch rt2800-correct-bbp1_tx_power_ctrl-mask.patch --- ...tooth-fix-hci-h5-corrupted-ack-value.patch | 35 ++++++ ...sue-with-usb-suspend-in-btusb-driver.patch | 56 +++++++++ ...s-fd-when-requested-in-fanotify_init.patch | 112 ++++++++++++++++++ ...-missing-pci-ids-for-the-7260-series.patch | 39 ++++++ queue-3.10/kernel-add-support-for-gcc-5.patch | 95 +++++++++++++++ ..._gfp_fs-when-pf_memalloc_noio-is-set.patch | 65 ++++++++++ ...ase-hex-for-modalias-interface-class.patch | 42 +++++++ ...le-bars-to-at-least-system-page-size.patch | 65 ++++++++++ ...revent-null-dereference-during-probe.patch | 40 +++++++ ...2800-correct-bbp1_tx_power_ctrl-mask.patch | 32 +++++ queue-3.10/series | 10 ++ 11 files changed, 591 insertions(+) create mode 100644 queue-3.10/bluetooth-fix-hci-h5-corrupted-ack-value.patch create mode 100644 queue-3.10/bluetooth-fix-issue-with-usb-suspend-in-btusb-driver.patch create mode 100644 queue-3.10/fanotify-enable-close-on-exec-on-events-fd-when-requested-in-fanotify_init.patch create mode 100644 queue-3.10/iwlwifi-add-missing-pci-ids-for-the-7260-series.patch create mode 100644 queue-3.10/kernel-add-support-for-gcc-5.patch create mode 100644 queue-3.10/mm-clear-__gfp_fs-when-pf_memalloc_noio-is-set.patch create mode 100644 queue-3.10/pci-generate-uppercase-hex-for-modalias-interface-class.patch create mode 100644 queue-3.10/pci-increase-ibm-ipr-sas-crocodile-bars-to-at-least-system-page-size.patch create mode 100644 queue-3.10/pci-pciehp-prevent-null-dereference-during-probe.patch create mode 100644 queue-3.10/rt2800-correct-bbp1_tx_power_ctrl-mask.patch diff --git a/queue-3.10/bluetooth-fix-hci-h5-corrupted-ack-value.patch b/queue-3.10/bluetooth-fix-hci-h5-corrupted-ack-value.patch new file mode 100644 index 00000000000..0c87ae5fbed --- /dev/null +++ b/queue-3.10/bluetooth-fix-hci-h5-corrupted-ack-value.patch @@ -0,0 +1,35 @@ +From 4807b51895dce8aa650ebebc51fa4a795ed6b8b8 Mon Sep 17 00:00:00 2001 +From: Loic Poulain +Date: Fri, 8 Aug 2014 19:07:16 +0200 +Subject: Bluetooth: Fix HCI H5 corrupted ack value + +From: Loic Poulain + +commit 4807b51895dce8aa650ebebc51fa4a795ed6b8b8 upstream. + +In this expression: seq = (seq - 1) % 8 +seq (u8) is implicitly converted to an int in the arithmetic operation. +So if seq value is 0, operation is ((0 - 1) % 8) => (-1 % 8) => -1. +The new seq value is 0xff which is an invalid ACK value, we expect 0x07. +It leads to frequent dropped ACK and retransmission. +Fix this by using '&' binary operator instead of '%'. + +Signed-off-by: Loic Poulain +Signed-off-by: Marcel Holtmann +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/bluetooth/hci_h5.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/bluetooth/hci_h5.c ++++ b/drivers/bluetooth/hci_h5.c +@@ -237,7 +237,7 @@ static void h5_pkt_cull(struct h5 *h5) + break; + + to_remove--; +- seq = (seq - 1) % 8; ++ seq = (seq - 1) & 0x07; + } + + if (seq != h5->rx_ack) diff --git a/queue-3.10/bluetooth-fix-issue-with-usb-suspend-in-btusb-driver.patch b/queue-3.10/bluetooth-fix-issue-with-usb-suspend-in-btusb-driver.patch new file mode 100644 index 00000000000..d570fe3f231 --- /dev/null +++ b/queue-3.10/bluetooth-fix-issue-with-usb-suspend-in-btusb-driver.patch @@ -0,0 +1,56 @@ +From 85560c4a828ec9c8573840c9b66487b6ae584768 Mon Sep 17 00:00:00 2001 +From: Champion Chen +Date: Sat, 6 Sep 2014 14:06:08 -0500 +Subject: Bluetooth: Fix issue with USB suspend in btusb driver + +From: Champion Chen + +commit 85560c4a828ec9c8573840c9b66487b6ae584768 upstream. + +Suspend could fail for some platforms because +btusb_suspend==> btusb_stop_traffic ==> usb_kill_anchored_urbs. + +When btusb_bulk_complete returns before system suspend and resubmits +an URB, the system cannot enter suspend state. + +Signed-off-by: Champion Chen +Signed-off-by: Larry Finger +Signed-off-by: Marcel Holtmann +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/bluetooth/btusb.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +--- a/drivers/bluetooth/btusb.c ++++ b/drivers/bluetooth/btusb.c +@@ -302,6 +302,9 @@ static void btusb_intr_complete(struct u + BT_ERR("%s corrupted event packet", hdev->name); + hdev->stat.err_rx++; + } ++ } else if (urb->status == -ENOENT) { ++ /* Avoid suspend failed when usb_kill_urb */ ++ return; + } + + if (!test_bit(BTUSB_INTR_RUNNING, &data->flags)) +@@ -390,6 +393,9 @@ static void btusb_bulk_complete(struct u + BT_ERR("%s corrupted ACL packet", hdev->name); + hdev->stat.err_rx++; + } ++ } else if (urb->status == -ENOENT) { ++ /* Avoid suspend failed when usb_kill_urb */ ++ return; + } + + if (!test_bit(BTUSB_BULK_RUNNING, &data->flags)) +@@ -484,6 +490,9 @@ static void btusb_isoc_complete(struct u + hdev->stat.err_rx++; + } + } ++ } else if (urb->status == -ENOENT) { ++ /* Avoid suspend failed when usb_kill_urb */ ++ return; + } + + if (!test_bit(BTUSB_ISOC_RUNNING, &data->flags)) diff --git a/queue-3.10/fanotify-enable-close-on-exec-on-events-fd-when-requested-in-fanotify_init.patch b/queue-3.10/fanotify-enable-close-on-exec-on-events-fd-when-requested-in-fanotify_init.patch new file mode 100644 index 00000000000..83fd85d0543 --- /dev/null +++ b/queue-3.10/fanotify-enable-close-on-exec-on-events-fd-when-requested-in-fanotify_init.patch @@ -0,0 +1,112 @@ +From 0b37e097a648aa71d4db1ad108001e95b69a2da4 Mon Sep 17 00:00:00 2001 +From: Yann Droneaud +Date: Thu, 9 Oct 2014 15:24:40 -0700 +Subject: fanotify: enable close-on-exec on events' fd when requested in fanotify_init() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Yann Droneaud + +commit 0b37e097a648aa71d4db1ad108001e95b69a2da4 upstream. + +According to commit 80af258867648 ("fanotify: groups can specify their +f_flags for new fd"), file descriptors created as part of file access +notification events inherit flags from the event_f_flags argument passed +to syscall fanotify_init(2)[1]. + +Unfortunately O_CLOEXEC is currently silently ignored. + +Indeed, event_f_flags are only given to dentry_open(), which only seems to +care about O_ACCMODE and O_PATH in do_dentry_open(), O_DIRECT in +open_check_o_direct() and O_LARGEFILE in generic_file_open(). + +It's a pity, since, according to some lookup on various search engines and +http://codesearch.debian.net/, there's already some userspace code which +use O_CLOEXEC: + +- in systemd's readahead[2]: + + fanotify_fd = fanotify_init(FAN_CLOEXEC|FAN_NONBLOCK, O_RDONLY|O_LARGEFILE|O_CLOEXEC|O_NOATIME); + +- in clsync[3]: + + #define FANOTIFY_EVFLAGS (O_LARGEFILE|O_RDONLY|O_CLOEXEC) + + int fanotify_d = fanotify_init(FANOTIFY_FLAGS, FANOTIFY_EVFLAGS); + +- in examples [4] from "Filesystem monitoring in the Linux + kernel" article[5] by Aleksander Morgado: + + if ((fanotify_fd = fanotify_init (FAN_CLOEXEC, + O_RDONLY | O_CLOEXEC | O_LARGEFILE)) < 0) + +Additionally, since commit 48149e9d3a7e ("fanotify: check file flags +passed in fanotify_init"). having O_CLOEXEC as part of fanotify_init() +second argument is expressly allowed. + +So it seems expected to set close-on-exec flag on the file descriptors if +userspace is allowed to request it with O_CLOEXEC. + +But Andrew Morton raised[6] the concern that enabling now close-on-exec +might break existing applications which ask for O_CLOEXEC but expect the +file descriptor to be inherited across exec(). + +In the other hand, as reported by Mihai Dontu[7] close-on-exec on the file +descriptor returned as part of file access notify can break applications +due to deadlock. So close-on-exec is needed for most applications. + +More, applications asking for close-on-exec are likely expecting it to be +enabled, relying on O_CLOEXEC being effective. If not, it might weaken +their security, as noted by Jan Kara[8]. + +So this patch replaces call to macro get_unused_fd() by a call to function +get_unused_fd_flags() with event_f_flags value as argument. This way +O_CLOEXEC flag in the second argument of fanotify_init(2) syscall is +interpreted and close-on-exec get enabled when requested. + +[1] http://man7.org/linux/man-pages/man2/fanotify_init.2.html +[2] http://cgit.freedesktop.org/systemd/systemd/tree/src/readahead/readahead-collect.c?id=v208#n294 +[3] https://github.com/xaionaro/clsync/blob/v0.2.1/sync.c#L1631 + https://github.com/xaionaro/clsync/blob/v0.2.1/configuration.h#L38 +[4] http://www.lanedo.com/~aleksander/fanotify/fanotify-example.c +[5] http://www.lanedo.com/2013/filesystem-monitoring-linux-kernel/ +[6] http://lkml.kernel.org/r/20141001153621.65e9258e65a6167bf2e4cb50@linux-foundation.org +[7] http://lkml.kernel.org/r/20141002095046.3715eb69@mdontu-l +[8] http://lkml.kernel.org/r/20141002104410.GB19748@quack.suse.cz + +Link: http://lkml.kernel.org/r/cover.1411562410.git.ydroneaud@opteya.com +Signed-off-by: Yann Droneaud +Reviewed-by: Jan Kara +Reviewed by: Heinrich Schuchardt +Tested-by: Heinrich Schuchardt +Cc: Mihai Don\u021bu +Cc: Pádraig Brady +Cc: Heinrich Schuchardt +Cc: Jan Kara +Cc: Valdis Kletnieks +Cc: Michael Kerrisk-manpages +Cc: Lino Sanfilippo +Cc: Richard Guy Briggs +Cc: Eric Paris +Cc: Al Viro +Cc: Michael Kerrisk +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + fs/notify/fanotify/fanotify_user.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/fs/notify/fanotify/fanotify_user.c ++++ b/fs/notify/fanotify/fanotify_user.c +@@ -69,7 +69,7 @@ static int create_fd(struct fsnotify_gro + + pr_debug("%s: group=%p event=%p\n", __func__, group, event); + +- client_fd = get_unused_fd(); ++ client_fd = get_unused_fd_flags(group->fanotify_data.f_flags); + if (client_fd < 0) + return client_fd; + diff --git a/queue-3.10/iwlwifi-add-missing-pci-ids-for-the-7260-series.patch b/queue-3.10/iwlwifi-add-missing-pci-ids-for-the-7260-series.patch new file mode 100644 index 00000000000..45e0f497468 --- /dev/null +++ b/queue-3.10/iwlwifi-add-missing-pci-ids-for-the-7260-series.patch @@ -0,0 +1,39 @@ +From 4f08970f5284dce486f0e2290834aefb2a262189 Mon Sep 17 00:00:00 2001 +From: Oren Givon +Date: Wed, 17 Sep 2014 10:31:56 +0300 +Subject: iwlwifi: Add missing PCI IDs for the 7260 series + +From: Oren Givon + +commit 4f08970f5284dce486f0e2290834aefb2a262189 upstream. + +Add 4 missing PCI IDs for the 7260 series. + +Signed-off-by: Oren Givon +Signed-off-by: Emmanuel Grumbach +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/net/wireless/iwlwifi/pcie/drv.c | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/drivers/net/wireless/iwlwifi/pcie/drv.c ++++ b/drivers/net/wireless/iwlwifi/pcie/drv.c +@@ -269,6 +269,8 @@ static DEFINE_PCI_DEVICE_TABLE(iwl_hw_ca + {IWL_PCI_DEVICE(0x08B1, 0x4070, iwl7260_2ac_cfg)}, + {IWL_PCI_DEVICE(0x08B1, 0x4072, iwl7260_2ac_cfg)}, + {IWL_PCI_DEVICE(0x08B1, 0x4170, iwl7260_2ac_cfg)}, ++ {IWL_PCI_DEVICE(0x08B1, 0x4C60, iwl7260_2ac_cfg)}, ++ {IWL_PCI_DEVICE(0x08B1, 0x4C70, iwl7260_2ac_cfg)}, + {IWL_PCI_DEVICE(0x08B1, 0x4060, iwl7260_2n_cfg)}, + {IWL_PCI_DEVICE(0x08B1, 0x406A, iwl7260_2n_cfg)}, + {IWL_PCI_DEVICE(0x08B1, 0x4160, iwl7260_2n_cfg)}, +@@ -306,6 +308,8 @@ static DEFINE_PCI_DEVICE_TABLE(iwl_hw_ca + {IWL_PCI_DEVICE(0x08B1, 0xC770, iwl7260_2ac_cfg)}, + {IWL_PCI_DEVICE(0x08B1, 0xC760, iwl7260_2n_cfg)}, + {IWL_PCI_DEVICE(0x08B2, 0xC270, iwl7260_2ac_cfg)}, ++ {IWL_PCI_DEVICE(0x08B1, 0xCC70, iwl7260_2ac_cfg)}, ++ {IWL_PCI_DEVICE(0x08B1, 0xCC60, iwl7260_2ac_cfg)}, + {IWL_PCI_DEVICE(0x08B2, 0xC272, iwl7260_2ac_cfg)}, + {IWL_PCI_DEVICE(0x08B2, 0xC260, iwl7260_2n_cfg)}, + {IWL_PCI_DEVICE(0x08B2, 0xC26A, iwl7260_n_cfg)}, diff --git a/queue-3.10/kernel-add-support-for-gcc-5.patch b/queue-3.10/kernel-add-support-for-gcc-5.patch new file mode 100644 index 00000000000..8e39ebce1fc --- /dev/null +++ b/queue-3.10/kernel-add-support-for-gcc-5.patch @@ -0,0 +1,95 @@ +From 71458cfc782eafe4b27656e078d379a34e472adf Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Mon, 13 Oct 2014 15:51:05 -0700 +Subject: kernel: add support for gcc 5 + +From: Sasha Levin + +commit 71458cfc782eafe4b27656e078d379a34e472adf upstream. + +We're missing include/linux/compiler-gcc5.h which is required now +because gcc branched off to v5 in trunk. + +Just copy the relevant bits out of include/linux/compiler-gcc4.h, +no new code is added as of now. + +This fixes a build error when using gcc 5. + +Signed-off-by: Sasha Levin +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + include/linux/compiler-gcc5.h | 66 ++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 66 insertions(+) + +--- /dev/null ++++ b/include/linux/compiler-gcc5.h +@@ -0,0 +1,66 @@ ++#ifndef __LINUX_COMPILER_H ++#error "Please don't include directly, include instead." ++#endif ++ ++#define __used __attribute__((__used__)) ++#define __must_check __attribute__((warn_unused_result)) ++#define __compiler_offsetof(a, b) __builtin_offsetof(a, b) ++ ++/* Mark functions as cold. gcc will assume any path leading to a call ++ to them will be unlikely. This means a lot of manual unlikely()s ++ are unnecessary now for any paths leading to the usual suspects ++ like BUG(), printk(), panic() etc. [but let's keep them for now for ++ older compilers] ++ ++ Early snapshots of gcc 4.3 don't support this and we can't detect this ++ in the preprocessor, but we can live with this because they're unreleased. ++ Maketime probing would be overkill here. ++ ++ gcc also has a __attribute__((__hot__)) to move hot functions into ++ a special section, but I don't see any sense in this right now in ++ the kernel context */ ++#define __cold __attribute__((__cold__)) ++ ++#define __UNIQUE_ID(prefix) __PASTE(__PASTE(__UNIQUE_ID_, prefix), __COUNTER__) ++ ++#ifndef __CHECKER__ ++# define __compiletime_warning(message) __attribute__((warning(message))) ++# define __compiletime_error(message) __attribute__((error(message))) ++#endif /* __CHECKER__ */ ++ ++/* ++ * Mark a position in code as unreachable. This can be used to ++ * suppress control flow warnings after asm blocks that transfer ++ * control elsewhere. ++ * ++ * Early snapshots of gcc 4.5 don't support this and we can't detect ++ * this in the preprocessor, but we can live with this because they're ++ * unreleased. Really, we need to have autoconf for the kernel. ++ */ ++#define unreachable() __builtin_unreachable() ++ ++/* Mark a function definition as prohibited from being cloned. */ ++#define __noclone __attribute__((__noclone__)) ++ ++/* ++ * Tell the optimizer that something else uses this function or variable. ++ */ ++#define __visible __attribute__((externally_visible)) ++ ++/* ++ * GCC 'asm goto' miscompiles certain code sequences: ++ * ++ * http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58670 ++ * ++ * Work it around via a compiler barrier quirk suggested by Jakub Jelinek. ++ * Fixed in GCC 4.8.2 and later versions. ++ * ++ * (asm goto is automatically volatile - the naming reflects this.) ++ */ ++#define asm_volatile_goto(x...) do { asm goto(x); asm (""); } while (0) ++ ++#ifdef CONFIG_ARCH_USE_BUILTIN_BSWAP ++#define __HAVE_BUILTIN_BSWAP32__ ++#define __HAVE_BUILTIN_BSWAP64__ ++#define __HAVE_BUILTIN_BSWAP16__ ++#endif /* CONFIG_ARCH_USE_BUILTIN_BSWAP */ diff --git a/queue-3.10/mm-clear-__gfp_fs-when-pf_memalloc_noio-is-set.patch b/queue-3.10/mm-clear-__gfp_fs-when-pf_memalloc_noio-is-set.patch new file mode 100644 index 00000000000..19ff452d96e --- /dev/null +++ b/queue-3.10/mm-clear-__gfp_fs-when-pf_memalloc_noio-is-set.patch @@ -0,0 +1,65 @@ +From 934f3072c17cc8886f4c043b47eeeb1b12f8de33 Mon Sep 17 00:00:00 2001 +From: Junxiao Bi +Date: Thu, 9 Oct 2014 15:28:23 -0700 +Subject: mm: clear __GFP_FS when PF_MEMALLOC_NOIO is set + +From: Junxiao Bi + +commit 934f3072c17cc8886f4c043b47eeeb1b12f8de33 upstream. + +commit 21caf2fc1931 ("mm: teach mm by current context info to not do I/O +during memory allocation") introduces PF_MEMALLOC_NOIO flag to avoid doing +I/O inside memory allocation, __GFP_IO is cleared when this flag is set, +but __GFP_FS implies __GFP_IO, it should also be cleared. Or it may still +run into I/O, like in superblock shrinker. And this will make the kernel +run into the deadlock case described in that commit. + +See Dave Chinner's comment about io in superblock shrinker: + +Filesystem shrinkers do indeed perform IO from the superblock shrinker and +have for years. Even clean inodes can require IO before they can be freed +- e.g. on an orphan list, need truncation of post-eof blocks, need to +wait for ordered operations to complete before it can be freed, etc. + +IOWs, Ext4, btrfs and XFS all can issue and/or block on arbitrary amounts +of IO in the superblock shrinker context. XFS, in particular, has been +doing transactions and IO from the VFS inode cache shrinker since it was +first introduced.... + +Fix this by clearing __GFP_FS in memalloc_noio_flags(), this function has +masked all the gfp_mask that will be passed into fs for the processes +setting PF_MEMALLOC_NOIO in the direct reclaim path. + +v1 thread at: https://lkml.org/lkml/2014/9/3/32 + +Signed-off-by: Junxiao Bi +Cc: Dave Chinner +Cc: joyce.xue +Cc: Ming Lei +Cc: Trond Myklebust +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + include/linux/sched.h | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +--- a/include/linux/sched.h ++++ b/include/linux/sched.h +@@ -1670,11 +1670,13 @@ extern void thread_group_cputime_adjuste + #define tsk_used_math(p) ((p)->flags & PF_USED_MATH) + #define used_math() tsk_used_math(current) + +-/* __GFP_IO isn't allowed if PF_MEMALLOC_NOIO is set in current->flags */ ++/* __GFP_IO isn't allowed if PF_MEMALLOC_NOIO is set in current->flags ++ * __GFP_FS is also cleared as it implies __GFP_IO. ++ */ + static inline gfp_t memalloc_noio_flags(gfp_t flags) + { + if (unlikely(current->flags & PF_MEMALLOC_NOIO)) +- flags &= ~__GFP_IO; ++ flags &= ~(__GFP_IO | __GFP_FS); + return flags; + } + diff --git a/queue-3.10/pci-generate-uppercase-hex-for-modalias-interface-class.patch b/queue-3.10/pci-generate-uppercase-hex-for-modalias-interface-class.patch new file mode 100644 index 00000000000..41f5aa1da92 --- /dev/null +++ b/queue-3.10/pci-generate-uppercase-hex-for-modalias-interface-class.patch @@ -0,0 +1,42 @@ +From 89ec3dcf17fd3fa009ecf8faaba36828dd6bc416 Mon Sep 17 00:00:00 2001 +From: Ricardo Ribalda Delgado +Date: Wed, 27 Aug 2014 14:57:57 +0200 +Subject: PCI: Generate uppercase hex for modalias interface class + +From: Ricardo Ribalda Delgado + +commit 89ec3dcf17fd3fa009ecf8faaba36828dd6bc416 upstream. + +Some implementations of modprobe fail to load the driver for a PCI device +automatically because the "interface" part of the modalias from the kernel +is lowercase, and the modalias from file2alias is uppercase. + +The "interface" is the low-order byte of the Class Code, defined in PCI +r3.0, Appendix D. Most interface types defined in the spec do not use +alpha characters, so they won't be affected. For example, 00h, 01h, 10h, +20h, etc. are unaffected. + +Print the "interface" byte of the Class Code in uppercase hex, as we +already do for the Vendor ID, Device ID, Class, etc. + +[bhelgaas: changelog] +Signed-off-by: Ricardo Ribalda Delgado +Signed-off-by: Bjorn Helgaas +Acked-by: Greg Kroah-Hartman +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/pci/pci-sysfs.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/pci/pci-sysfs.c ++++ b/drivers/pci/pci-sysfs.c +@@ -175,7 +175,7 @@ static ssize_t modalias_show(struct devi + { + struct pci_dev *pci_dev = to_pci_dev(dev); + +- return sprintf(buf, "pci:v%08Xd%08Xsv%08Xsd%08Xbc%02Xsc%02Xi%02x\n", ++ return sprintf(buf, "pci:v%08Xd%08Xsv%08Xsd%08Xbc%02Xsc%02Xi%02X\n", + pci_dev->vendor, pci_dev->device, + pci_dev->subsystem_vendor, pci_dev->subsystem_device, + (u8)(pci_dev->class >> 16), (u8)(pci_dev->class >> 8), diff --git a/queue-3.10/pci-increase-ibm-ipr-sas-crocodile-bars-to-at-least-system-page-size.patch b/queue-3.10/pci-increase-ibm-ipr-sas-crocodile-bars-to-at-least-system-page-size.patch new file mode 100644 index 00000000000..8c626736cad --- /dev/null +++ b/queue-3.10/pci-increase-ibm-ipr-sas-crocodile-bars-to-at-least-system-page-size.patch @@ -0,0 +1,65 @@ +From 9fe373f9997b48fcd6222b95baf4a20c134b587a Mon Sep 17 00:00:00 2001 +From: Douglas Lehr +Date: Thu, 21 Aug 2014 09:26:52 +1000 +Subject: PCI: Increase IBM ipr SAS Crocodile BARs to at least system page size + +From: Douglas Lehr + +commit 9fe373f9997b48fcd6222b95baf4a20c134b587a upstream. + +The Crocodile chip occasionally comes up with 4k and 8k BAR sizes. Due to +an erratum, setting the SR-IOV page size causes the physical function BARs +to expand to the system page size. Since ppc64 uses 64k pages, when Linux +tries to assign the smaller resource sizes to the now 64k BARs the address +will be truncated and the BARs will overlap. + +Force Linux to allocate the resource as a full page, which avoids the +overlap. + +[bhelgaas: print expanded resource, too] +Signed-off-by: Douglas Lehr +Signed-off-by: Anton Blanchard +Signed-off-by: Bjorn Helgaas +Acked-by: Milton Miller +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/pci/quirks.c | 20 ++++++++++++++++++++ + 1 file changed, 20 insertions(+) + +--- a/drivers/pci/quirks.c ++++ b/drivers/pci/quirks.c +@@ -28,6 +28,7 @@ + #include + #include + #include ++#include + #include /* isa_dma_bridge_buggy */ + #include "pci.h" + +@@ -291,6 +292,25 @@ static void quirk_citrine(struct pci_dev + } + DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_IBM, PCI_DEVICE_ID_IBM_CITRINE, quirk_citrine); + ++/* On IBM Crocodile ipr SAS adapters, expand BAR to system page size */ ++static void quirk_extend_bar_to_page(struct pci_dev *dev) ++{ ++ int i; ++ ++ for (i = 0; i < PCI_STD_RESOURCE_END; i++) { ++ struct resource *r = &dev->resource[i]; ++ ++ if (r->flags & IORESOURCE_MEM && resource_size(r) < PAGE_SIZE) { ++ r->end = PAGE_SIZE - 1; ++ r->start = 0; ++ r->flags |= IORESOURCE_UNSET; ++ dev_info(&dev->dev, "expanded BAR %d to page size: %pR\n", ++ i, r); ++ } ++ } ++} ++DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_IBM, 0x034a, quirk_extend_bar_to_page); ++ + /* + * S3 868 and 968 chips report region size equal to 32M, but they decode 64M. + * If it's needed, re-allocate the region. diff --git a/queue-3.10/pci-pciehp-prevent-null-dereference-during-probe.patch b/queue-3.10/pci-pciehp-prevent-null-dereference-during-probe.patch new file mode 100644 index 00000000000..59ecd4323ce --- /dev/null +++ b/queue-3.10/pci-pciehp-prevent-null-dereference-during-probe.patch @@ -0,0 +1,40 @@ +From bceee4a97eb58bd0e80e39eff11b506ddd9e7ad3 Mon Sep 17 00:00:00 2001 +From: Andreas Noever +Date: Tue, 16 Sep 2014 15:16:02 -0600 +Subject: PCI: pciehp: Prevent NULL dereference during probe + +From: Andreas Noever + +commit bceee4a97eb58bd0e80e39eff11b506ddd9e7ad3 upstream. + +pciehp assumes that dev->subordinate, the struct pci_bus for a bridge's +secondary bus, exists. But we do not create that bus if we run out of bus +numbers during enumeration. This leads to a NULL dereference in +init_slot() (and other places). + +Change pciehp_probe() to return -ENODEV when no secondary bus is present. + +Signed-off-by: Andreas Noever +Signed-off-by: Bjorn Helgaas +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/pci/hotplug/pciehp_core.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +--- a/drivers/pci/hotplug/pciehp_core.c ++++ b/drivers/pci/hotplug/pciehp_core.c +@@ -237,6 +237,13 @@ static int pciehp_probe(struct pcie_devi + else if (pciehp_acpi_slot_detection_check(dev->port)) + goto err_out_none; + ++ if (!dev->port->subordinate) { ++ /* Can happen if we run out of bus numbers during probe */ ++ dev_err(&dev->device, ++ "Hotplug bridge without secondary bus, ignoring\n"); ++ goto err_out_none; ++ } ++ + ctrl = pcie_init(dev); + if (!ctrl) { + dev_err(&dev->device, "Controller initialization failed\n"); diff --git a/queue-3.10/rt2800-correct-bbp1_tx_power_ctrl-mask.patch b/queue-3.10/rt2800-correct-bbp1_tx_power_ctrl-mask.patch new file mode 100644 index 00000000000..9b099f55651 --- /dev/null +++ b/queue-3.10/rt2800-correct-bbp1_tx_power_ctrl-mask.patch @@ -0,0 +1,32 @@ +From 01f7feeaf4528bec83798316b3c811701bac5d3e Mon Sep 17 00:00:00 2001 +From: Stanislaw Gruszka +Date: Wed, 24 Sep 2014 11:24:54 +0200 +Subject: rt2800: correct BBP1_TX_POWER_CTRL mask + +From: Stanislaw Gruszka + +commit 01f7feeaf4528bec83798316b3c811701bac5d3e upstream. + +Two bits control TX power on BBP_R1 register. Correct the mask, +otherwise we clear additional bit on BBP_R1 register, what can have +unknown, possible negative effect. + +Signed-off-by: Stanislaw Gruszka +Signed-off-by: John W. Linville +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/net/wireless/rt2x00/rt2800.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/net/wireless/rt2x00/rt2800.h ++++ b/drivers/net/wireless/rt2x00/rt2800.h +@@ -1920,7 +1920,7 @@ struct mac_iveiv_entry { + * 2 - drop tx power by 12dBm, + * 3 - increase tx power by 6dBm + */ +-#define BBP1_TX_POWER_CTRL FIELD8(0x07) ++#define BBP1_TX_POWER_CTRL FIELD8(0x03) + #define BBP1_TX_ANTENNA FIELD8(0x18) + + /* diff --git a/queue-3.10/series b/queue-3.10/series index f7f6d36f6ad..f91af592506 100644 --- a/queue-3.10/series +++ b/queue-3.10/series @@ -27,3 +27,13 @@ lzo-check-for-length-overrun-in-variable-length-encoding.patch nfsv4-fix-lock-recovery-when-create_session-setclientid_confirm-fails.patch nfsv4-fix-open-lock-state-recovery-error-handling.patch nfsv4.1-fix-an-nfsv4.1-state-renewal-regression.patch +iwlwifi-add-missing-pci-ids-for-the-7260-series.patch +pci-pciehp-prevent-null-dereference-during-probe.patch +pci-increase-ibm-ipr-sas-crocodile-bars-to-at-least-system-page-size.patch +pci-generate-uppercase-hex-for-modalias-interface-class.patch +rt2800-correct-bbp1_tx_power_ctrl-mask.patch +bluetooth-fix-hci-h5-corrupted-ack-value.patch +bluetooth-fix-issue-with-usb-suspend-in-btusb-driver.patch +mm-clear-__gfp_fs-when-pf_memalloc_noio-is-set.patch +fanotify-enable-close-on-exec-on-events-fd-when-requested-in-fanotify_init.patch +kernel-add-support-for-gcc-5.patch -- 2.47.3