--- /dev/null
+From 0a32b827ca78fc7714a919898b29cf3b6389ce6d Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Thu, 22 Oct 2020 01:43:59 +0100
+Subject: ARM: 9019/1: kprobes: Avoid fortify_panic() when copying optprobe
+ template
+
+From: Andrew Jeffery <andrew@aj.id.au>
+
+[ Upstream commit 9fa2e7af3d53a4b769136eccc32c02e128a4ee51 ]
+
+Setting both CONFIG_KPROBES=y and CONFIG_FORTIFY_SOURCE=y on ARM leads
+to a panic in memcpy() when injecting a kprobe despite the fixes found
+in commit e46daee53bb5 ("ARM: 8806/1: kprobes: Fix false positive with
+FORTIFY_SOURCE") and commit 0ac569bf6a79 ("ARM: 8834/1: Fix: kprobes:
+optimized kprobes illegal instruction").
+
+arch/arm/include/asm/kprobes.h effectively declares
+the target type of the optprobe_template_entry assembly label as a u32
+which leads memcpy()'s __builtin_object_size() call to determine that
+the pointed-to object is of size four. However, the symbol is used as a handle
+for the optimised probe assembly template that is at least 96 bytes in size.
+The symbol's use despite its type blows up the memcpy() in ARM's
+arch_prepare_optimized_kprobe() with a false-positive fortify_panic() when it
+should instead copy the optimised probe template into place:
+
+```
+$ sudo perf probe -a aspeed_g6_pinctrl_probe
+[ 158.457252] detected buffer overflow in memcpy
+[ 158.458069] ------------[ cut here ]------------
+[ 158.458283] kernel BUG at lib/string.c:1153!
+[ 158.458436] Internal error: Oops - BUG: 0 [#1] SMP ARM
+[ 158.458768] Modules linked in:
+[ 158.459043] CPU: 1 PID: 99 Comm: perf Not tainted 5.9.0-rc7-00038-gc53ebf8167e9 #158
+[ 158.459296] Hardware name: Generic DT based system
+[ 158.459529] PC is at fortify_panic+0x18/0x20
+[ 158.459658] LR is at __irq_work_queue_local+0x3c/0x74
+[ 158.459831] pc : [<8047451c>] lr : [<8020ecd4>] psr: 60000013
+[ 158.460032] sp : be2d1d50 ip : be2d1c58 fp : be2d1d5c
+[ 158.460174] r10: 00000006 r9 : 00000000 r8 : 00000060
+[ 158.460348] r7 : 8011e434 r6 : b9e0b800 r5 : 7f000000 r4 : b9fe4f0c
+[ 158.460557] r3 : 80c04cc8 r2 : 00000000 r1 : be7c03cc r0 : 00000022
+[ 158.460801] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none
+[ 158.461037] Control: 10c5387d Table: b9cd806a DAC: 00000051
+[ 158.461251] Process perf (pid: 99, stack limit = 0x81c71a69)
+[ 158.461472] Stack: (0xbe2d1d50 to 0xbe2d2000)
+[ 158.461757] 1d40: be2d1d84 be2d1d60 8011e724 80474510
+[ 158.462104] 1d60: b9e0b800 b9fe4f0c 00000000 b9fe4f14 80c8ec80 be235000 be2d1d9c be2d1d88
+[ 158.462436] 1d80: 801cee44 8011e57c b9fe4f0c 00000000 be2d1dc4 be2d1da0 801d0ad0 801cedec
+[ 158.462742] 1da0: 00000000 00000000 b9fe4f00 ffffffea 00000000 be235000 be2d1de4 be2d1dc8
+[ 158.463087] 1dc0: 80204604 801d0738 00000000 00000000 b9fe4004 ffffffea be2d1e94 be2d1de8
+[ 158.463428] 1de0: 80205434 80204570 00385c00 00000000 00000000 00000000 be2d1e14 be2d1e08
+[ 158.463880] 1e00: 802ba014 b9fe4f00 b9e718c0 b9fe4f84 b9e71ec8 be2d1e24 00000000 00385c00
+[ 158.464365] 1e20: 00000000 626f7270 00000065 802b905c be2d1e94 0000002e 00000000 802b9914
+[ 158.464829] 1e40: be2d1e84 be2d1e50 802b9914 8028ff78 804629d0 b9e71ec0 0000002e b9e71ec0
+[ 158.465141] 1e60: be2d1ea8 80c04cc8 00000cc0 b9e713c4 00000002 80205834 80205834 0000002e
+[ 158.465488] 1e80: be235000 be235000 be2d1ea4 be2d1e98 80205854 80204e94 be2d1ecc be2d1ea8
+[ 158.465806] 1ea0: 801ee4a0 80205840 00000002 80c04cc8 00000000 0000002e 0000002e 00000000
+[ 158.466110] 1ec0: be2d1f0c be2d1ed0 801ee5c8 801ee428 00000000 be2d0000 006b1fd0 00000051
+[ 158.466398] 1ee0: 00000000 b9eedf00 0000002e 80204410 006b1fd0 be2d1f60 00000000 00000004
+[ 158.466763] 1f00: be2d1f24 be2d1f10 8020442c 801ee4c4 80205834 802c613c be2d1f5c be2d1f28
+[ 158.467102] 1f20: 802c60ac 8020441c be2d1fac be2d1f38 8010c764 802e9888 be2d1f5c b9eedf00
+[ 158.467447] 1f40: b9eedf00 006b1fd0 0000002e 00000000 be2d1f94 be2d1f60 802c634c 802c5fec
+[ 158.467812] 1f60: 00000000 00000000 00000000 80c04cc8 006b1fd0 00000003 76f7a610 00000004
+[ 158.468155] 1f80: 80100284 be2d0000 be2d1fa4 be2d1f98 802c63ec 802c62e8 00000000 be2d1fa8
+[ 158.468508] 1fa0: 80100080 802c63e0 006b1fd0 00000003 00000003 006b1fd0 0000002e 00000000
+[ 158.468858] 1fc0: 006b1fd0 00000003 76f7a610 00000004 006b1fb0 0026d348 00000017 7ef2738c
+[ 158.469202] 1fe0: 76f3431c 7ef272d8 0014ec50 76f34338 60000010 00000003 00000000 00000000
+[ 158.469461] Backtrace:
+[ 158.469683] [<80474504>] (fortify_panic) from [<8011e724>] (arch_prepare_optimized_kprobe+0x1b4/0x1f8)
+[ 158.470021] [<8011e570>] (arch_prepare_optimized_kprobe) from [<801cee44>] (alloc_aggr_kprobe+0x64/0x70)
+[ 158.470287] r9:be235000 r8:80c8ec80 r7:b9fe4f14 r6:00000000 r5:b9fe4f0c r4:b9e0b800
+[ 158.470478] [<801cede0>] (alloc_aggr_kprobe) from [<801d0ad0>] (register_kprobe+0x3a4/0x5a0)
+[ 158.470685] r5:00000000 r4:b9fe4f0c
+[ 158.470790] [<801d072c>] (register_kprobe) from [<80204604>] (__register_trace_kprobe+0xa0/0xa4)
+[ 158.471001] r9:be235000 r8:00000000 r7:ffffffea r6:b9fe4f00 r5:00000000 r4:00000000
+[ 158.471188] [<80204564>] (__register_trace_kprobe) from [<80205434>] (trace_kprobe_create+0x5ac/0x9ac)
+[ 158.471408] r7:ffffffea r6:b9fe4004 r5:00000000 r4:00000000
+[ 158.471553] [<80204e88>] (trace_kprobe_create) from [<80205854>] (create_or_delete_trace_kprobe+0x20/0x3c)
+[ 158.471766] r10:be235000 r9:be235000 r8:0000002e r7:80205834 r6:80205834 r5:00000002
+[ 158.471949] r4:b9e713c4
+[ 158.472027] [<80205834>] (create_or_delete_trace_kprobe) from [<801ee4a0>] (trace_run_command+0x84/0x9c)
+[ 158.472255] [<801ee41c>] (trace_run_command) from [<801ee5c8>] (trace_parse_run_command+0x110/0x1f8)
+[ 158.472471] r6:00000000 r5:0000002e r4:0000002e
+[ 158.472594] [<801ee4b8>] (trace_parse_run_command) from [<8020442c>] (probes_write+0x1c/0x28)
+[ 158.472800] r10:00000004 r9:00000000 r8:be2d1f60 r7:006b1fd0 r6:80204410 r5:0000002e
+[ 158.472968] r4:b9eedf00
+[ 158.473046] [<80204410>] (probes_write) from [<802c60ac>] (vfs_write+0xcc/0x1e8)
+[ 158.473226] [<802c5fe0>] (vfs_write) from [<802c634c>] (ksys_write+0x70/0xf8)
+[ 158.473400] r8:00000000 r7:0000002e r6:006b1fd0 r5:b9eedf00 r4:b9eedf00
+[ 158.473567] [<802c62dc>] (ksys_write) from [<802c63ec>] (sys_write+0x18/0x1c)
+[ 158.473745] r9:be2d0000 r8:80100284 r7:00000004 r6:76f7a610 r5:00000003 r4:006b1fd0
+[ 158.473932] [<802c63d4>] (sys_write) from [<80100080>] (ret_fast_syscall+0x0/0x54)
+[ 158.474126] Exception stack(0xbe2d1fa8 to 0xbe2d1ff0)
+[ 158.474305] 1fa0: 006b1fd0 00000003 00000003 006b1fd0 0000002e 00000000
+[ 158.474573] 1fc0: 006b1fd0 00000003 76f7a610 00000004 006b1fb0 0026d348 00000017 7ef2738c
+[ 158.474811] 1fe0: 76f3431c 7ef272d8 0014ec50 76f34338
+[ 158.475171] Code: e24cb004 e1a01000 e59f0004 ebf40dd3 (e7f001f2)
+[ 158.475847] ---[ end trace 55a5b31c08a29f00 ]---
+[ 158.476088] Kernel panic - not syncing: Fatal exception
+[ 158.476375] CPU0: stopping
+[ 158.476709] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G D 5.9.0-rc7-00038-gc53ebf8167e9 #158
+[ 158.477176] Hardware name: Generic DT based system
+[ 158.477411] Backtrace:
+[ 158.477604] [<8010dd28>] (dump_backtrace) from [<8010dfd4>] (show_stack+0x20/0x24)
+[ 158.477990] r7:00000000 r6:60000193 r5:00000000 r4:80c2f634
+[ 158.478323] [<8010dfb4>] (show_stack) from [<8046390c>] (dump_stack+0xcc/0xe8)
+[ 158.478686] [<80463840>] (dump_stack) from [<80110750>] (handle_IPI+0x334/0x3a0)
+[ 158.479063] r7:00000000 r6:00000004 r5:80b65cc8 r4:80c78278
+[ 158.479352] [<8011041c>] (handle_IPI) from [<801013f8>] (gic_handle_irq+0x88/0x94)
+[ 158.479757] r10:10c5387d r9:80c01ed8 r8:00000000 r7:c0802000 r6:80c0537c r5:000003ff
+[ 158.480146] r4:c080200c r3:fffffff4
+[ 158.480364] [<80101370>] (gic_handle_irq) from [<80100b6c>] (__irq_svc+0x6c/0x90)
+[ 158.480748] Exception stack(0x80c01ed8 to 0x80c01f20)
+[ 158.481031] 1ec0: 000128bc 00000000
+[ 158.481499] 1ee0: be7b8174 8011d3a0 80c00000 00000000 80c04cec 80c04d28 80c5d7c2 80a026d4
+[ 158.482091] 1f00: 10c5387d 80c01f34 80c01f38 80c01f28 80109554 80109558 60000013 ffffffff
+[ 158.482621] r9:80c00000 r8:80c5d7c2 r7:80c01f0c r6:ffffffff r5:60000013 r4:80109558
+[ 158.482983] [<80109518>] (arch_cpu_idle) from [<80818780>] (default_idle_call+0x38/0x120)
+[ 158.483360] [<80818748>] (default_idle_call) from [<801585a8>] (do_idle+0xd4/0x158)
+[ 158.483945] r5:00000000 r4:80c00000
+[ 158.484237] [<801584d4>] (do_idle) from [<801588f4>] (cpu_startup_entry+0x28/0x2c)
+[ 158.484784] r9:80c78000 r8:00000000 r7:80c78000 r6:80c78040 r5:80c04cc0 r4:000000d6
+[ 158.485328] [<801588cc>] (cpu_startup_entry) from [<80810a78>] (rest_init+0x9c/0xbc)
+[ 158.485930] [<808109dc>] (rest_init) from [<80b00ae4>] (arch_call_rest_init+0x18/0x1c)
+[ 158.486503] r5:80c04cc0 r4:00000001
+[ 158.486857] [<80b00acc>] (arch_call_rest_init) from [<80b00fcc>] (start_kernel+0x46c/0x548)
+[ 158.487589] [<80b00b60>] (start_kernel) from [<00000000>] (0x0)
+```
+
+Fixes: e46daee53bb5 ("ARM: 8806/1: kprobes: Fix false positive with FORTIFY_SOURCE")
+Fixes: 0ac569bf6a79 ("ARM: 8834/1: Fix: kprobes: optimized kprobes illegal instruction")
+Suggested-by: Kees Cook <keescook@chromium.org>
+Signed-off-by: Andrew Jeffery <andrew@aj.id.au>
+Tested-by: Luka Oreskovic <luka.oreskovic@sartura.hr>
+Tested-by: Joel Stanley <joel@jms.id.au>
+Reviewed-by: Joel Stanley <joel@jms.id.au>
+Acked-by: Masami Hiramatsu <mhiramat@kernel.org>
+Cc: Luka Oreskovic <luka.oreskovic@sartura.hr>
+Cc: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr>
+Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/arm/include/asm/kprobes.h | 22 +++++++++++-----------
+ arch/arm/probes/kprobes/opt-arm.c | 18 +++++++++---------
+ 2 files changed, 20 insertions(+), 20 deletions(-)
+
+diff --git a/arch/arm/include/asm/kprobes.h b/arch/arm/include/asm/kprobes.h
+index 82290f212d8e7..e1eb662e0f9e0 100644
+--- a/arch/arm/include/asm/kprobes.h
++++ b/arch/arm/include/asm/kprobes.h
+@@ -52,20 +52,20 @@ int kprobe_exceptions_notify(struct notifier_block *self,
+ unsigned long val, void *data);
+
+ /* optinsn template addresses */
+-extern __visible kprobe_opcode_t optprobe_template_entry;
+-extern __visible kprobe_opcode_t optprobe_template_val;
+-extern __visible kprobe_opcode_t optprobe_template_call;
+-extern __visible kprobe_opcode_t optprobe_template_end;
+-extern __visible kprobe_opcode_t optprobe_template_sub_sp;
+-extern __visible kprobe_opcode_t optprobe_template_add_sp;
+-extern __visible kprobe_opcode_t optprobe_template_restore_begin;
+-extern __visible kprobe_opcode_t optprobe_template_restore_orig_insn;
+-extern __visible kprobe_opcode_t optprobe_template_restore_end;
++extern __visible kprobe_opcode_t optprobe_template_entry[];
++extern __visible kprobe_opcode_t optprobe_template_val[];
++extern __visible kprobe_opcode_t optprobe_template_call[];
++extern __visible kprobe_opcode_t optprobe_template_end[];
++extern __visible kprobe_opcode_t optprobe_template_sub_sp[];
++extern __visible kprobe_opcode_t optprobe_template_add_sp[];
++extern __visible kprobe_opcode_t optprobe_template_restore_begin[];
++extern __visible kprobe_opcode_t optprobe_template_restore_orig_insn[];
++extern __visible kprobe_opcode_t optprobe_template_restore_end[];
+
+ #define MAX_OPTIMIZED_LENGTH 4
+ #define MAX_OPTINSN_SIZE \
+- ((unsigned long)&optprobe_template_end - \
+- (unsigned long)&optprobe_template_entry)
++ ((unsigned long)optprobe_template_end - \
++ (unsigned long)optprobe_template_entry)
+ #define RELATIVEJUMP_SIZE 4
+
+ struct arch_optimized_insn {
+diff --git a/arch/arm/probes/kprobes/opt-arm.c b/arch/arm/probes/kprobes/opt-arm.c
+index 0dc23fc227ed2..cf08cb7267670 100644
+--- a/arch/arm/probes/kprobes/opt-arm.c
++++ b/arch/arm/probes/kprobes/opt-arm.c
+@@ -98,21 +98,21 @@ asm (
+ "optprobe_template_end:\n");
+
+ #define TMPL_VAL_IDX \
+- ((unsigned long *)&optprobe_template_val - (unsigned long *)&optprobe_template_entry)
++ ((unsigned long *)optprobe_template_val - (unsigned long *)optprobe_template_entry)
+ #define TMPL_CALL_IDX \
+- ((unsigned long *)&optprobe_template_call - (unsigned long *)&optprobe_template_entry)
++ ((unsigned long *)optprobe_template_call - (unsigned long *)optprobe_template_entry)
+ #define TMPL_END_IDX \
+- ((unsigned long *)&optprobe_template_end - (unsigned long *)&optprobe_template_entry)
++ ((unsigned long *)optprobe_template_end - (unsigned long *)optprobe_template_entry)
+ #define TMPL_ADD_SP \
+- ((unsigned long *)&optprobe_template_add_sp - (unsigned long *)&optprobe_template_entry)
++ ((unsigned long *)optprobe_template_add_sp - (unsigned long *)optprobe_template_entry)
+ #define TMPL_SUB_SP \
+- ((unsigned long *)&optprobe_template_sub_sp - (unsigned long *)&optprobe_template_entry)
++ ((unsigned long *)optprobe_template_sub_sp - (unsigned long *)optprobe_template_entry)
+ #define TMPL_RESTORE_BEGIN \
+- ((unsigned long *)&optprobe_template_restore_begin - (unsigned long *)&optprobe_template_entry)
++ ((unsigned long *)optprobe_template_restore_begin - (unsigned long *)optprobe_template_entry)
+ #define TMPL_RESTORE_ORIGN_INSN \
+- ((unsigned long *)&optprobe_template_restore_orig_insn - (unsigned long *)&optprobe_template_entry)
++ ((unsigned long *)optprobe_template_restore_orig_insn - (unsigned long *)optprobe_template_entry)
+ #define TMPL_RESTORE_END \
+- ((unsigned long *)&optprobe_template_restore_end - (unsigned long *)&optprobe_template_entry)
++ ((unsigned long *)optprobe_template_restore_end - (unsigned long *)optprobe_template_entry)
+
+ /*
+ * ARM can always optimize an instruction when using ARM ISA, except
+@@ -247,7 +247,7 @@ int arch_prepare_optimized_kprobe(struct optimized_kprobe *op, struct kprobe *or
+ }
+
+ /* Copy arch-dep-instance from template. */
+- memcpy(code, (unsigned long *)&optprobe_template_entry,
++ memcpy(code, (unsigned long *)optprobe_template_entry,
+ TMPL_END_IDX * sizeof(kprobe_opcode_t));
+
+ /* Adjust buffer according to instruction. */
+--
+2.27.0
+
--- /dev/null
+From f0c033480dcd7dfb47f0630462a5433f748a1d64 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 10 Nov 2020 22:46:14 +0800
+Subject: cosa: Add missing kfree in error path of cosa_write
+
+From: Wang Hai <wanghai38@huawei.com>
+
+[ Upstream commit 52755b66ddcef2e897778fac5656df18817b59ab ]
+
+If memory allocation for 'kbuf' succeed, cosa_write() doesn't have a
+corresponding kfree() in exception handling. Thus add kfree() for this
+function implementation.
+
+Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
+Reported-by: Hulk Robot <hulkci@huawei.com>
+Signed-off-by: Wang Hai <wanghai38@huawei.com>
+Acked-by: Jan "Yenya" Kasprzak <kas@fi.muni.cz>
+Link: https://lore.kernel.org/r/20201110144614.43194-1-wanghai38@huawei.com
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/net/wan/cosa.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/drivers/net/wan/cosa.c b/drivers/net/wan/cosa.c
+index f6b000ddcd151..b7bfc0caa5dc8 100644
+--- a/drivers/net/wan/cosa.c
++++ b/drivers/net/wan/cosa.c
+@@ -902,6 +902,7 @@ static ssize_t cosa_write(struct file *file,
+ chan->tx_status = 1;
+ spin_unlock_irqrestore(&cosa->lock, flags);
+ up(&chan->wsem);
++ kfree(kbuf);
+ return -ERESTARTSYS;
+ }
+ }
+--
+2.27.0
+
--- /dev/null
+From 36606f6467914817f0c93b7d6600152f65f640c7 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 9 Nov 2020 15:38:28 -0500
+Subject: lan743x: fix "BUG: invalid wait context" when setting rx mode
+
+From: Sven Van Asbroeck <thesven73@gmail.com>
+
+[ Upstream commit 2b52a4b65bc8f14520fe6e996ea7fb3f7e400761 ]
+
+In the net core, the struct net_device_ops -> ndo_set_rx_mode()
+callback is called with the dev->addr_list_lock spinlock held.
+
+However, this driver's ndo_set_rx_mode callback eventually calls
+lan743x_dp_write(), which acquires a mutex. Mutex acquisition
+may sleep, and this is not allowed when holding a spinlock.
+
+Fix by removing the dp_lock mutex entirely. Its purpose is to
+prevent concurrent accesses to the data port. No concurrent
+accesses are possible, because the dev->addr_list_lock
+spinlock in the core only lets through one thread at a time.
+
+Fixes: 23f0703c125b ("lan743x: Add main source files for new lan743x driver")
+Signed-off-by: Sven Van Asbroeck <thesven73@gmail.com>
+Link: https://lore.kernel.org/r/20201109203828.5115-1-TheSven73@gmail.com
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/net/ethernet/microchip/lan743x_main.c | 12 +++---------
+ drivers/net/ethernet/microchip/lan743x_main.h | 3 ---
+ 2 files changed, 3 insertions(+), 12 deletions(-)
+
+diff --git a/drivers/net/ethernet/microchip/lan743x_main.c b/drivers/net/ethernet/microchip/lan743x_main.c
+index 208341541087e..085fdceb3821b 100644
+--- a/drivers/net/ethernet/microchip/lan743x_main.c
++++ b/drivers/net/ethernet/microchip/lan743x_main.c
+@@ -672,14 +672,12 @@ clean_up:
+ static int lan743x_dp_write(struct lan743x_adapter *adapter,
+ u32 select, u32 addr, u32 length, u32 *buf)
+ {
+- int ret = -EIO;
+ u32 dp_sel;
+ int i;
+
+- mutex_lock(&adapter->dp_lock);
+ if (lan743x_csr_wait_for_bit(adapter, DP_SEL, DP_SEL_DPRDY_,
+ 1, 40, 100, 100))
+- goto unlock;
++ return -EIO;
+ dp_sel = lan743x_csr_read(adapter, DP_SEL);
+ dp_sel &= ~DP_SEL_MASK_;
+ dp_sel |= select;
+@@ -691,13 +689,10 @@ static int lan743x_dp_write(struct lan743x_adapter *adapter,
+ lan743x_csr_write(adapter, DP_CMD, DP_CMD_WRITE_);
+ if (lan743x_csr_wait_for_bit(adapter, DP_SEL, DP_SEL_DPRDY_,
+ 1, 40, 100, 100))
+- goto unlock;
++ return -EIO;
+ }
+- ret = 0;
+
+-unlock:
+- mutex_unlock(&adapter->dp_lock);
+- return ret;
++ return 0;
+ }
+
+ static u32 lan743x_mac_mii_access(u16 id, u16 index, int read)
+@@ -2679,7 +2674,6 @@ static int lan743x_hardware_init(struct lan743x_adapter *adapter,
+
+ adapter->intr.irq = adapter->pdev->irq;
+ lan743x_csr_write(adapter, INT_EN_CLR, 0xFFFFFFFF);
+- mutex_init(&adapter->dp_lock);
+
+ ret = lan743x_gpio_init(adapter);
+ if (ret)
+diff --git a/drivers/net/ethernet/microchip/lan743x_main.h b/drivers/net/ethernet/microchip/lan743x_main.h
+index 2d6eea18973e8..77273be2d1ee0 100644
+--- a/drivers/net/ethernet/microchip/lan743x_main.h
++++ b/drivers/net/ethernet/microchip/lan743x_main.h
+@@ -702,9 +702,6 @@ struct lan743x_adapter {
+ struct lan743x_csr csr;
+ struct lan743x_intr intr;
+
+- /* lock, used to prevent concurrent access to data port */
+- struct mutex dp_lock;
+-
+ struct lan743x_gpio gpio;
+ struct lan743x_ptp ptp;
+
+--
+2.27.0
+
--- /dev/null
+From d5bb125ce9df92abbab775ace63daa8fde51112b Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 9 Nov 2020 18:30:59 +0100
+Subject: nbd: fix a block_device refcount leak in nbd_release
+
+From: Christoph Hellwig <hch@lst.de>
+
+[ Upstream commit 2bd645b2d3f0bacadaa6037f067538e1cd4e42ef ]
+
+bdget_disk needs to be paired with bdput to not leak a reference
+on the block device inode.
+
+Fixes: 08ba91ee6e2c ("nbd: Add the nbd NBD_DISCONNECT_ON_CLOSE config flag.")
+Signed-off-by: Christoph Hellwig <hch@lst.de>
+Reviewed-by: Josef Bacik <josef@toxicpanda.com>
+Signed-off-by: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/block/nbd.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/drivers/block/nbd.c b/drivers/block/nbd.c
+index 706115ecd9bee..517318bb350cf 100644
+--- a/drivers/block/nbd.c
++++ b/drivers/block/nbd.c
+@@ -1448,6 +1448,7 @@ static void nbd_release(struct gendisk *disk, fmode_t mode)
+ if (test_bit(NBD_DISCONNECT_ON_CLOSE, &nbd->config->runtime_flags) &&
+ bdev->bd_openers == 0)
+ nbd_disconnect_and_put(nbd);
++ bdput(bdev);
+
+ nbd_config_put(nbd);
+ nbd_put(nbd);
+--
+2.27.0
+
--- /dev/null
+From f4088729d33ca9db77e6162b6df5da3b9c864f31 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 10 Nov 2020 15:28:25 +1300
+Subject: of/address: Fix of_node memory leak in of_dma_is_coherent
+
+From: Evan Nimmo <evan.nimmo@alliedtelesis.co.nz>
+
+[ Upstream commit a5bea04fcc0b3c0aec71ee1fd58fd4ff7ee36177 ]
+
+Commit dabf6b36b83a ("of: Add OF_DMA_DEFAULT_COHERENT & select it on
+powerpc") added a check to of_dma_is_coherent which returns early
+if OF_DMA_DEFAULT_COHERENT is enabled. This results in the of_node_put()
+being skipped causing a memory leak. Moved the of_node_get() below this
+check so we now we only get the node if OF_DMA_DEFAULT_COHERENT is not
+enabled.
+
+Fixes: dabf6b36b83a ("of: Add OF_DMA_DEFAULT_COHERENT & select it on powerpc")
+Signed-off-by: Evan Nimmo <evan.nimmo@alliedtelesis.co.nz>
+Link: https://lore.kernel.org/r/20201110022825.30895-1-evan.nimmo@alliedtelesis.co.nz
+Signed-off-by: Rob Herring <robh@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/of/address.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/drivers/of/address.c b/drivers/of/address.c
+index c42aebba35ab8..30806dd357350 100644
+--- a/drivers/of/address.c
++++ b/drivers/of/address.c
+@@ -975,11 +975,13 @@ EXPORT_SYMBOL_GPL(of_dma_get_range);
+ */
+ bool of_dma_is_coherent(struct device_node *np)
+ {
+- struct device_node *node = of_node_get(np);
++ struct device_node *node;
+
+ if (IS_ENABLED(CONFIG_OF_DMA_DEFAULT_COHERENT))
+ return true;
+
++ node = of_node_get(np);
++
+ while (node) {
+ if (of_property_read_bool(node, "dma-coherent")) {
+ of_node_put(node);
+--
+2.27.0
+
--- /dev/null
+From b87e96c11ed83b4d959dca4483fe7ceaab8c0c93 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 30 Oct 2020 12:49:45 +0100
+Subject: perf: Fix get_recursion_context()
+
+From: Peter Zijlstra <peterz@infradead.org>
+
+[ Upstream commit ce0f17fc93f63ee91428af10b7b2ddef38cd19e5 ]
+
+One should use in_serving_softirq() to detect SoftIRQ context.
+
+Fixes: 96f6d4444302 ("perf_counter: avoid recursion")
+Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
+Link: https://lkml.kernel.org/r/20201030151955.120572175@infradead.org
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ kernel/events/internal.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/kernel/events/internal.h b/kernel/events/internal.h
+index 6dc725a7e7bc9..8fc0ddc38cb69 100644
+--- a/kernel/events/internal.h
++++ b/kernel/events/internal.h
+@@ -209,7 +209,7 @@ static inline int get_recursion_context(int *recursion)
+ rctx = 3;
+ else if (in_irq())
+ rctx = 2;
+- else if (in_softirq())
++ else if (in_serving_softirq())
+ rctx = 1;
+ else
+ rctx = 0;
+--
+2.27.0
+
--- /dev/null
+From 1049122e138615bcbdbe12a59b9f03dc8aa43260 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 30 Oct 2020 13:54:50 +0800
+Subject: pinctrl: aspeed: Fix GPI only function problem.
+
+From: Billy Tsai <billy_tsai@aspeedtech.com>
+
+[ Upstream commit 9b92f5c51e9a41352d665f6f956bd95085a56a83 ]
+
+Some gpio pin at aspeed soc is input only and the prefix name of these
+pin is "GPI" only.
+This patch fine-tune the condition of GPIO check from "GPIO" to "GPI"
+and it will fix the usage error of banks D and E in the AST2400/AST2500
+and banks T and U in the AST2600.
+
+Fixes: 4d3d0e4272d8 ("pinctrl: Add core support for Aspeed SoCs")
+Signed-off-by: Billy Tsai <billy_tsai@aspeedtech.com>
+Reviewed-by: Andrew Jeffery <andrew@aj.id.au>
+Link: https://lore.kernel.org/r/20201030055450.29613-1-billy_tsai@aspeedtech.com
+Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/pinctrl/aspeed/pinctrl-aspeed.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/drivers/pinctrl/aspeed/pinctrl-aspeed.c b/drivers/pinctrl/aspeed/pinctrl-aspeed.c
+index aefe3c33dffd8..8dec302dc067a 100644
+--- a/drivers/pinctrl/aspeed/pinctrl-aspeed.c
++++ b/drivers/pinctrl/aspeed/pinctrl-aspeed.c
+@@ -458,13 +458,14 @@ int aspeed_pinmux_set_mux(struct pinctrl_dev *pctldev, unsigned int function,
+ static bool aspeed_expr_is_gpio(const struct aspeed_sig_expr *expr)
+ {
+ /*
+- * The signal type is GPIO if the signal name has "GPIO" as a prefix.
++ * The signal type is GPIO if the signal name has "GPI" as a prefix.
+ * strncmp (rather than strcmp) is used to implement the prefix
+ * requirement.
+ *
+- * expr->signal might look like "GPIOT3" in the GPIO case.
++ * expr->signal might look like "GPIOB1" in the GPIO case.
++ * expr->signal might look like "GPIT0" in the GPI case.
+ */
+- return strncmp(expr->signal, "GPIO", 4) == 0;
++ return strncmp(expr->signal, "GPI", 3) == 0;
+ }
+
+ static bool aspeed_gpio_in_exprs(const struct aspeed_sig_expr **exprs)
+--
+2.27.0
+
--- /dev/null
+From 97739cc3a3f2e8b5c9eb54fd0a9b478ea5c2cc8c Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Wed, 14 Oct 2020 13:46:38 +0300
+Subject: pinctrl: intel: Set default bias in case no particular value given
+
+From: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
+
+[ Upstream commit f3c75e7a9349d1d33eb53ddc1b31640994969f73 ]
+
+When GPIO library asks pin control to set the bias, it doesn't pass
+any value of it and argument is considered boolean (and this is true
+for ACPI GpioIo() / GpioInt() resources, by the way). Thus, individual
+drivers must behave well, when they got the resistance value of 1 Ohm,
+i.e. transforming it to sane default.
+
+In case of Intel pin control hardware the 5 kOhm sounds plausible
+because on one hand it's a minimum of resistors present in all
+hardware generations and at the same time it's high enough to minimize
+leakage current (will be only 200 uA with the above choice).
+
+Fixes: e57725eabf87 ("pinctrl: intel: Add support for hardware debouncer")
+Reported-by: Jamie McClymont <jamie@kwiius.com>
+Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
+Acked-by: Mika Westerberg <mika.westerberg@linux.intel.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/pinctrl/intel/pinctrl-intel.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/drivers/pinctrl/intel/pinctrl-intel.c b/drivers/pinctrl/intel/pinctrl-intel.c
+index 89ff2795a8b55..5e0adb00b4307 100644
+--- a/drivers/pinctrl/intel/pinctrl-intel.c
++++ b/drivers/pinctrl/intel/pinctrl-intel.c
+@@ -621,6 +621,10 @@ static int intel_config_set_pull(struct intel_pinctrl *pctrl, unsigned pin,
+
+ value |= PADCFG1_TERM_UP;
+
++ /* Set default strength value in case none is given */
++ if (arg == 1)
++ arg = 5000;
++
+ switch (arg) {
+ case 20000:
+ value |= PADCFG1_TERM_20K << PADCFG1_TERM_SHIFT;
+@@ -643,6 +647,10 @@ static int intel_config_set_pull(struct intel_pinctrl *pctrl, unsigned pin,
+ case PIN_CONFIG_BIAS_PULL_DOWN:
+ value &= ~(PADCFG1_TERM_UP | PADCFG1_TERM_MASK);
+
++ /* Set default strength value in case none is given */
++ if (arg == 1)
++ arg = 5000;
++
+ switch (arg) {
+ case 20000:
+ value |= PADCFG1_TERM_20K << PADCFG1_TERM_SHIFT;
+--
+2.27.0
+
tpm_tis-disable-interrupts-on-thinkpad-t490s.patch
tick-common-touch-watchdog-in-tick_unfreeze-on-all-cpus.patch
mfd-sprd-add-wakeup-capability-for-pmic-irq.patch
+pinctrl-intel-set-default-bias-in-case-no-particular.patch
+arm-9019-1-kprobes-avoid-fortify_panic-when-copying-.patch
+pinctrl-aspeed-fix-gpi-only-function-problem.patch
+nbd-fix-a-block_device-refcount-leak-in-nbd_release.patch
+xfs-fix-flags-argument-to-rmap-lookup-when-convertin.patch
+xfs-set-the-unwritten-bit-in-rmap-lookup-flags-in-xc.patch
+xfs-fix-rmap-key-and-record-comparison-functions.patch
+xfs-fix-brainos-in-the-refcount-scrubber-s-rmap-frag.patch
+lan743x-fix-bug-invalid-wait-context-when-setting-rx.patch
+xfs-fix-a-missing-unlock-on-error-in-xfs_fs_map_bloc.patch
+of-address-fix-of_node-memory-leak-in-of_dma_is_cohe.patch
+cosa-add-missing-kfree-in-error-path-of-cosa_write.patch
+perf-fix-get_recursion_context.patch
--- /dev/null
+From 65990684ce219c37056ad49f29551261688f8e23 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Wed, 11 Nov 2020 08:07:37 -0800
+Subject: xfs: fix a missing unlock on error in xfs_fs_map_blocks
+
+From: Christoph Hellwig <hch@lst.de>
+
+[ Upstream commit 2bd3fa793aaa7e98b74e3653fdcc72fa753913b5 ]
+
+We also need to drop the iolock when invalidate_inode_pages2 fails, not
+only on all other error or successful cases.
+
+Fixes: 527851124d10 ("xfs: implement pNFS export operations")
+Signed-off-by: Christoph Hellwig <hch@lst.de>
+Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
+Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/xfs/xfs_pnfs.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/fs/xfs/xfs_pnfs.c b/fs/xfs/xfs_pnfs.c
+index f44c3599527d0..1c9bced3e8601 100644
+--- a/fs/xfs/xfs_pnfs.c
++++ b/fs/xfs/xfs_pnfs.c
+@@ -141,7 +141,7 @@ xfs_fs_map_blocks(
+ goto out_unlock;
+ error = invalidate_inode_pages2(inode->i_mapping);
+ if (WARN_ON_ONCE(error))
+- return error;
++ goto out_unlock;
+
+ end_fsb = XFS_B_TO_FSB(mp, (xfs_ufsize_t)offset + length);
+ offset_fsb = XFS_B_TO_FSBT(mp, offset);
+--
+2.27.0
+
--- /dev/null
+From bd4b773ccd939b3ec31384312c792d679e126d9a Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Sun, 8 Nov 2020 16:32:42 -0800
+Subject: xfs: fix brainos in the refcount scrubber's rmap fragment processor
+
+From: Darrick J. Wong <darrick.wong@oracle.com>
+
+[ Upstream commit 54e9b09e153842ab5adb8a460b891e11b39e9c3d ]
+
+Fix some serious WTF in the reference count scrubber's rmap fragment
+processing. The code comment says that this loop is supposed to move
+all fragment records starting at or before bno onto the worklist, but
+there's no obvious reason why nr (the number of items added) should
+increment starting from 1, and breaking the loop when we've added the
+target number seems dubious since we could have more rmap fragments that
+should have been added to the worklist.
+
+This seems to manifest in xfs/411 when adding one to the refcount field.
+
+Fixes: dbde19da9637 ("xfs: cross-reference the rmapbt data with the refcountbt")
+Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
+Reviewed-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/xfs/scrub/refcount.c | 8 +++-----
+ 1 file changed, 3 insertions(+), 5 deletions(-)
+
+diff --git a/fs/xfs/scrub/refcount.c b/fs/xfs/scrub/refcount.c
+index e8c82b026083e..76e4f16a9fab2 100644
+--- a/fs/xfs/scrub/refcount.c
++++ b/fs/xfs/scrub/refcount.c
+@@ -180,7 +180,6 @@ xchk_refcountbt_process_rmap_fragments(
+ */
+ INIT_LIST_HEAD(&worklist);
+ rbno = NULLAGBLOCK;
+- nr = 1;
+
+ /* Make sure the fragments actually /are/ in agbno order. */
+ bno = 0;
+@@ -194,15 +193,14 @@ xchk_refcountbt_process_rmap_fragments(
+ * Find all the rmaps that start at or before the refc extent,
+ * and put them on the worklist.
+ */
++ nr = 0;
+ list_for_each_entry_safe(frag, n, &refchk->fragments, list) {
+- if (frag->rm.rm_startblock > refchk->bno)
+- goto done;
++ if (frag->rm.rm_startblock > refchk->bno || nr > target_nr)
++ break;
+ bno = frag->rm.rm_startblock + frag->rm.rm_blockcount;
+ if (bno < rbno)
+ rbno = bno;
+ list_move_tail(&frag->list, &worklist);
+- if (nr == target_nr)
+- break;
+ nr++;
+ }
+
+--
+2.27.0
+
--- /dev/null
+From ca08174f4589250e8fa246aa5c7c797b395764be Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Sun, 8 Nov 2020 16:32:43 -0800
+Subject: xfs: fix flags argument to rmap lookup when converting shared file
+ rmaps
+
+From: Darrick J. Wong <darrick.wong@oracle.com>
+
+[ Upstream commit ea8439899c0b15a176664df62aff928010fad276 ]
+
+Pass the same oldext argument (which contains the existing rmapping's
+unwritten state) to xfs_rmap_lookup_le_range at the start of
+xfs_rmap_convert_shared. At this point in the code, flags is zero,
+which means that we perform lookups using the wrong key.
+
+Fixes: 3f165b334e51 ("xfs: convert unwritten status of reverse mappings for shared files")
+Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
+Reviewed-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/xfs/libxfs/xfs_rmap.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/fs/xfs/libxfs/xfs_rmap.c b/fs/xfs/libxfs/xfs_rmap.c
+index 245af452840ef..ab3e72e702f00 100644
+--- a/fs/xfs/libxfs/xfs_rmap.c
++++ b/fs/xfs/libxfs/xfs_rmap.c
+@@ -1387,7 +1387,7 @@ xfs_rmap_convert_shared(
+ * record for our insertion point. This will also give us the record for
+ * start block contiguity tests.
+ */
+- error = xfs_rmap_lookup_le_range(cur, bno, owner, offset, flags,
++ error = xfs_rmap_lookup_le_range(cur, bno, owner, offset, oldext,
+ &PREV, &i);
+ if (error)
+ goto done;
+--
+2.27.0
+
--- /dev/null
+From b45ea4e74a6a019c523f56e60cbcfee39bdbd823 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Sun, 8 Nov 2020 16:32:44 -0800
+Subject: xfs: fix rmap key and record comparison functions
+
+From: Darrick J. Wong <darrick.wong@oracle.com>
+
+[ Upstream commit 6ff646b2ceb0eec916101877f38da0b73e3a5b7f ]
+
+Keys for extent interval records in the reverse mapping btree are
+supposed to be computed as follows:
+
+(physical block, owner, fork, is_btree, is_unwritten, offset)
+
+This provides users the ability to look up a reverse mapping from a bmbt
+record -- start with the physical block; then if there are multiple
+records for the same block, move on to the owner; then the inode fork
+type; and so on to the file offset.
+
+However, the key comparison functions incorrectly remove the
+fork/btree/unwritten information that's encoded in the on-disk offset.
+This means that lookup comparisons are only done with:
+
+(physical block, owner, offset)
+
+This means that queries can return incorrect results. On consistent
+filesystems this hasn't been an issue because blocks are never shared
+between forks or with bmbt blocks; and are never unwritten. However,
+this bug means that online repair cannot always detect corruption in the
+key information in internal rmapbt nodes.
+
+Found by fuzzing keys[1].attrfork = ones on xfs/371.
+
+Fixes: 4b8ed67794fe ("xfs: add rmap btree operations")
+Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
+Reviewed-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/xfs/libxfs/xfs_rmap_btree.c | 16 ++++++++--------
+ 1 file changed, 8 insertions(+), 8 deletions(-)
+
+diff --git a/fs/xfs/libxfs/xfs_rmap_btree.c b/fs/xfs/libxfs/xfs_rmap_btree.c
+index f79cf040d7450..77528f413286b 100644
+--- a/fs/xfs/libxfs/xfs_rmap_btree.c
++++ b/fs/xfs/libxfs/xfs_rmap_btree.c
+@@ -247,8 +247,8 @@ xfs_rmapbt_key_diff(
+ else if (y > x)
+ return -1;
+
+- x = XFS_RMAP_OFF(be64_to_cpu(kp->rm_offset));
+- y = rec->rm_offset;
++ x = be64_to_cpu(kp->rm_offset);
++ y = xfs_rmap_irec_offset_pack(rec);
+ if (x > y)
+ return 1;
+ else if (y > x)
+@@ -279,8 +279,8 @@ xfs_rmapbt_diff_two_keys(
+ else if (y > x)
+ return -1;
+
+- x = XFS_RMAP_OFF(be64_to_cpu(kp1->rm_offset));
+- y = XFS_RMAP_OFF(be64_to_cpu(kp2->rm_offset));
++ x = be64_to_cpu(kp1->rm_offset);
++ y = be64_to_cpu(kp2->rm_offset);
+ if (x > y)
+ return 1;
+ else if (y > x)
+@@ -393,8 +393,8 @@ xfs_rmapbt_keys_inorder(
+ return 1;
+ else if (a > b)
+ return 0;
+- a = XFS_RMAP_OFF(be64_to_cpu(k1->rmap.rm_offset));
+- b = XFS_RMAP_OFF(be64_to_cpu(k2->rmap.rm_offset));
++ a = be64_to_cpu(k1->rmap.rm_offset);
++ b = be64_to_cpu(k2->rmap.rm_offset);
+ if (a <= b)
+ return 1;
+ return 0;
+@@ -423,8 +423,8 @@ xfs_rmapbt_recs_inorder(
+ return 1;
+ else if (a > b)
+ return 0;
+- a = XFS_RMAP_OFF(be64_to_cpu(r1->rmap.rm_offset));
+- b = XFS_RMAP_OFF(be64_to_cpu(r2->rmap.rm_offset));
++ a = be64_to_cpu(r1->rmap.rm_offset);
++ b = be64_to_cpu(r2->rmap.rm_offset);
+ if (a <= b)
+ return 1;
+ return 0;
+--
+2.27.0
+
--- /dev/null
+From a43575a3b28ad3d3786648515dd39dbdf0663dd3 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Sun, 8 Nov 2020 16:32:43 -0800
+Subject: xfs: set the unwritten bit in rmap lookup flags in
+ xchk_bmap_get_rmapextents
+
+From: Darrick J. Wong <darrick.wong@oracle.com>
+
+[ Upstream commit 5dda3897fd90783358c4c6115ef86047d8c8f503 ]
+
+When the bmbt scrubber is looking up rmap extents, we need to set the
+extent flags from the bmbt record fully. This will matter once we fix
+the rmap btree comparison functions to check those flags correctly.
+
+Fixes: d852657ccfc0 ("xfs: cross-reference reverse-mapping btree")
+Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
+Reviewed-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/xfs/scrub/bmap.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/fs/xfs/scrub/bmap.c b/fs/xfs/scrub/bmap.c
+index f84a58e523bc8..b05d65fd360b3 100644
+--- a/fs/xfs/scrub/bmap.c
++++ b/fs/xfs/scrub/bmap.c
+@@ -120,6 +120,8 @@ xchk_bmap_get_rmap(
+
+ if (info->whichfork == XFS_ATTR_FORK)
+ rflags |= XFS_RMAP_ATTR_FORK;
++ if (irec->br_state == XFS_EXT_UNWRITTEN)
++ rflags |= XFS_RMAP_UNWRITTEN;
+
+ /*
+ * CoW staging extents are owned (on disk) by the refcountbt, so
+--
+2.27.0
+
projects / thirdparty / kernel / stable-queue.git / commitdiff
