--- /dev/null
+From cfb5d65f25959f724081bae8445a0241db606af6 Mon Sep 17 00:00:00 2001
+From: Roger Quadros <rogerq@ti.com>
+Date: Fri, 13 Mar 2020 11:47:17 +0200
+Subject: ARM: dts: dra7: Add bus_dma_limit for L3 bus
+
+From: Roger Quadros <rogerq@ti.com>
+
+commit cfb5d65f25959f724081bae8445a0241db606af6 upstream.
+
+The L3 interconnect's memory map is from 0x0 to
+0xffffffff. Out of this, System memory (SDRAM) can be
+accessed from 0x80000000 to 0xffffffff (2GB)
+
+DRA7 does support 4GB of SDRAM but upper 2GB can only be
+accessed by the MPU subsystem.
+
+Add the dma-ranges property to reflect the physical address limit
+of the L3 bus.
+
+Issues ere observed only with SATA on DRA7-EVM with 4GB RAM
+and CONFIG_ARM_LPAE enabled. This is because the controller
+supports 64-bit DMA and its driver sets the dma_mask to 64-bit
+thus resulting in DMA accesses beyond L3 limit of 2G.
+
+Setting the correct bus_dma_limit fixes the issue.
+
+Signed-off-by: Roger Quadros <rogerq@ti.com>
+Cc: stable@kernel.org
+Signed-off-by: Tony Lindgren <tony@atomide.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm/boot/dts/dra7.dtsi | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/arch/arm/boot/dts/dra7.dtsi
++++ b/arch/arm/boot/dts/dra7.dtsi
+@@ -137,6 +137,7 @@
+ #address-cells = <1>;
+ #size-cells = <1>;
+ ranges = <0x0 0x0 0x0 0xc0000000>;
++ dma-ranges = <0x80000000 0x0 0x80000000 0x80000000>;
+ ti,hwmods = "l3_main_1", "l3_main_2";
+ reg = <0x0 0x44000000 0x0 0x1000000>,
+ <0x0 0x45000000 0x0 0x1000>;
--- /dev/null
+From dfa7ea303f56a3a8b1ed3b91ef35af2da67ca4ee Mon Sep 17 00:00:00 2001
+From: Roger Quadros <rogerq@ti.com>
+Date: Mon, 16 Mar 2020 12:27:31 +0200
+Subject: ARM: dts: omap5: Add bus_dma_limit for L3 bus
+
+From: Roger Quadros <rogerq@ti.com>
+
+commit dfa7ea303f56a3a8b1ed3b91ef35af2da67ca4ee upstream.
+
+The L3 interconnect's memory map is from 0x0 to
+0xffffffff. Out of this, System memory (SDRAM) can be
+accessed from 0x80000000 to 0xffffffff (2GB)
+
+OMAP5 does support 4GB of SDRAM but upper 2GB can only be
+accessed by the MPU subsystem.
+
+Add the dma-ranges property to reflect the physical address limit
+of the L3 bus.
+
+Cc: stable@kernel.org
+Signed-off-by: Roger Quadros <rogerq@ti.com>
+Signed-off-by: Tony Lindgren <tony@atomide.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm/boot/dts/omap5.dtsi | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/arch/arm/boot/dts/omap5.dtsi
++++ b/arch/arm/boot/dts/omap5.dtsi
+@@ -131,6 +131,7 @@
+ #address-cells = <1>;
+ #size-cells = <1>;
+ ranges = <0 0 0 0xc0000000>;
++ dma-ranges = <0x80000000 0x0 0x80000000 0x80000000>;
+ ti,hwmods = "l3_main_1", "l3_main_2", "l3_main_3";
+ reg = <0 0x44000000 0 0x2000>,
+ <0 0x44800000 0 0x3000>,
--- /dev/null
+From ce2e1ca703071723ca2dd94d492a5ab6d15050da Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <jouni@codeaurora.org>
+Date: Thu, 26 Mar 2020 15:51:34 +0100
+Subject: mac80211: Check port authorization in the ieee80211_tx_dequeue() case
+
+From: Jouni Malinen <jouni@codeaurora.org>
+
+commit ce2e1ca703071723ca2dd94d492a5ab6d15050da upstream.
+
+mac80211 used to check port authorization in the Data frame enqueue case
+when going through start_xmit(). However, that authorization status may
+change while the frame is waiting in a queue. Add a similar check in the
+dequeue case to avoid sending previously accepted frames after
+authorization change. This provides additional protection against
+potential leaking of frames after a station has been disconnected and
+the keys for it are being removed.
+
+Cc: stable@vger.kernel.org
+Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
+Link: https://lore.kernel.org/r/20200326155133.ced84317ea29.I34d4c47cd8cc8a4042b38a76f16a601fbcbfd9b3@changeid
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ net/mac80211/tx.c | 19 ++++++++++++++++++-
+ 1 file changed, 18 insertions(+), 1 deletion(-)
+
+--- a/net/mac80211/tx.c
++++ b/net/mac80211/tx.c
+@@ -3451,8 +3451,25 @@ begin:
+ tx.skb = skb;
+ tx.sdata = vif_to_sdata(info->control.vif);
+
+- if (txq->sta)
++ if (txq->sta) {
+ tx.sta = container_of(txq->sta, struct sta_info, sta);
++ /*
++ * Drop unicast frames to unauthorised stations unless they are
++ * EAPOL frames from the local station.
++ */
++ if (unlikely(!ieee80211_vif_is_mesh(&tx.sdata->vif) &&
++ tx.sdata->vif.type != NL80211_IFTYPE_OCB &&
++ !is_multicast_ether_addr(hdr->addr1) &&
++ !test_sta_flag(tx.sta, WLAN_STA_AUTHORIZED) &&
++ (!(info->control.flags &
++ IEEE80211_TX_CTRL_PORT_CTRL_PROTO) ||
++ !ether_addr_equal(tx.sdata->vif.addr,
++ hdr->addr2)))) {
++ I802_DEBUG_INC(local->tx_handlers_drop_unauth_port);
++ ieee80211_free_txskb(&local->hw, skb);
++ goto begin;
++ }
++ }
+
+ /*
+ * The key can be removed while the packet was queued, so need to call
--- /dev/null
+From b16798f5b907733966fd1a558fca823b3c67e4a1 Mon Sep 17 00:00:00 2001
+From: Johannes Berg <johannes.berg@intel.com>
+Date: Thu, 26 Mar 2020 15:51:35 +0100
+Subject: mac80211: mark station unauthorized before key removal
+
+From: Johannes Berg <johannes.berg@intel.com>
+
+commit b16798f5b907733966fd1a558fca823b3c67e4a1 upstream.
+
+If a station is still marked as authorized, mark it as no longer
+so before removing its keys. This allows frames transmitted to it
+to be rejected, providing additional protection against leaking
+plain text data during the disconnection flow.
+
+Cc: stable@vger.kernel.org
+Link: https://lore.kernel.org/r/20200326155133.ccb4fb0bb356.If48f0f0504efdcf16b8921f48c6d3bb2cb763c99@changeid
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ net/mac80211/sta_info.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/net/mac80211/sta_info.c
++++ b/net/mac80211/sta_info.c
+@@ -3,6 +3,7 @@
+ * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
+ * Copyright 2013-2014 Intel Mobile Communications GmbH
+ * Copyright (C) 2015 - 2017 Intel Deutschland GmbH
++ * Copyright (C) 2018-2020 Intel Corporation
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+@@ -951,6 +952,11 @@ static void __sta_info_destroy_part2(str
+ might_sleep();
+ lockdep_assert_held(&local->sta_mtx);
+
++ while (sta->sta_state == IEEE80211_STA_AUTHORIZED) {
++ ret = sta_info_move_state(sta, IEEE80211_STA_ASSOC);
++ WARN_ON_ONCE(ret);
++ }
++
+ /* now keys can no longer be reached */
+ ieee80211_free_sta_keys(local, sta);
+
--- /dev/null
+From 1efde2754275dbd9d11c6e0132a4f09facf297ab Mon Sep 17 00:00:00 2001
+From: Masami Hiramatsu <mhiramat@kernel.org>
+Date: Fri, 28 Feb 2020 00:42:01 +0900
+Subject: perf probe: Do not depend on dwfl_module_addrsym()
+
+From: Masami Hiramatsu <mhiramat@kernel.org>
+
+commit 1efde2754275dbd9d11c6e0132a4f09facf297ab upstream.
+
+Do not depend on dwfl_module_addrsym() because it can fail on user-space
+shared libraries.
+
+Actually, same bug was fixed by commit 664fee3dc379 ("perf probe: Do not
+use dwfl_module_addrsym if dwarf_diename finds symbol name"), but commit
+07d369857808 ("perf probe: Fix wrong address verification) reverted to
+get actual symbol address from symtab.
+
+This fixes it again by getting symbol address from DIE, and only if the
+DIE has only address range, it uses dwfl_module_addrsym().
+
+Fixes: 07d369857808 ("perf probe: Fix wrong address verification)
+Reported-by: Alexandre Ghiti <alex@ghiti.fr>
+Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
+Tested-by: Alexandre Ghiti <alex@ghiti.fr>
+Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
+Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: Jiri Olsa <jolsa@redhat.com>
+Cc: Namhyung Kim <namhyung@kernel.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Cc: Sasha Levin <sashal@kernel.org>
+Link: http://lore.kernel.org/lkml/158281812176.476.14164573830975116234.stgit@devnote2
+Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ tools/perf/util/probe-finder.c | 11 ++++++++---
+ 1 file changed, 8 insertions(+), 3 deletions(-)
+
+--- a/tools/perf/util/probe-finder.c
++++ b/tools/perf/util/probe-finder.c
+@@ -626,14 +626,19 @@ static int convert_to_trace_point(Dwarf_
+ return -EINVAL;
+ }
+
+- /* Try to get actual symbol name from symtab */
+- symbol = dwfl_module_addrsym(mod, paddr, &sym, NULL);
++ if (dwarf_entrypc(sp_die, &eaddr) == 0) {
++ /* If the DIE has entrypc, use it. */
++ symbol = dwarf_diename(sp_die);
++ } else {
++ /* Try to get actual symbol name and address from symtab */
++ symbol = dwfl_module_addrsym(mod, paddr, &sym, NULL);
++ eaddr = sym.st_value;
++ }
+ if (!symbol) {
+ pr_warning("Failed to find symbol at 0x%lx\n",
+ (unsigned long)paddr);
+ return -ENOENT;
+ }
+- eaddr = sym.st_value;
+
+ tp->offset = (unsigned long)(paddr - eaddr);
+ tp->address = (unsigned long)paddr;
--- /dev/null
+From e33a814e772cdc36436c8c188d8c42d019fda639 Mon Sep 17 00:00:00 2001
+From: Dirk Mueller <dmueller@suse.com>
+Date: Tue, 14 Jan 2020 18:53:41 +0100
+Subject: scripts/dtc: Remove redundant YYLOC global declaration
+
+From: Dirk Mueller <dmueller@suse.com>
+
+commit e33a814e772cdc36436c8c188d8c42d019fda639 upstream.
+
+gcc 10 will default to -fno-common, which causes this error at link
+time:
+
+ (.text+0x0): multiple definition of `yylloc'; dtc-lexer.lex.o (symbol from plugin):(.text+0x0): first defined here
+
+This is because both dtc-lexer as well as dtc-parser define the same
+global symbol yyloc. Before with -fcommon those were merged into one
+defintion. The proper solution would be to to mark this as "extern",
+however that leads to:
+
+ dtc-lexer.l:26:16: error: redundant redeclaration of 'yylloc' [-Werror=redundant-decls]
+ 26 | extern YYLTYPE yylloc;
+ | ^~~~~~
+In file included from dtc-lexer.l:24:
+dtc-parser.tab.h:127:16: note: previous declaration of 'yylloc' was here
+ 127 | extern YYLTYPE yylloc;
+ | ^~~~~~
+cc1: all warnings being treated as errors
+
+which means the declaration is completely redundant and can just be
+dropped.
+
+Signed-off-by: Dirk Mueller <dmueller@suse.com>
+Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
+[robh: cherry-pick from upstream]
+Cc: stable@vger.kernel.org
+Signed-off-by: Rob Herring <robh@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ scripts/dtc/dtc-lexer.l | 1 -
+ 1 file changed, 1 deletion(-)
+
+--- a/scripts/dtc/dtc-lexer.l
++++ b/scripts/dtc/dtc-lexer.l
+@@ -38,7 +38,6 @@ LINECOMMENT "//".*\n
+ #include "srcpos.h"
+ #include "dtc-parser.tab.h"
+
+-YYLTYPE yylloc;
+ extern bool treesource_error;
+
+ /* CAUTION: this will stop working if we ever use yyless() or yyunput() */
--- /dev/null
+From ea697a8bf5a4161e59806fab14f6e4a46dc7dcb0 Mon Sep 17 00:00:00 2001
+From: "Martin K. Petersen" <martin.petersen@oracle.com>
+Date: Tue, 24 Mar 2020 11:16:15 -0400
+Subject: scsi: sd: Fix optimal I/O size for devices that change reported values
+
+From: Martin K. Petersen <martin.petersen@oracle.com>
+
+commit ea697a8bf5a4161e59806fab14f6e4a46dc7dcb0 upstream.
+
+Some USB bridge devices will return a default set of characteristics during
+initialization. And then, once an attached drive has spun up, substitute
+the actual parameters reported by the drive. According to the SCSI spec,
+the device should return a UNIT ATTENTION in case any reported parameters
+change. But in this case the change is made silently after a small window
+where default values are reported.
+
+Commit a83da8a4509d ("scsi: sd: Optimal I/O size should be a multiple of
+physical block size") validated the reported optimal I/O size against the
+physical block size to overcome problems with devices reporting nonsensical
+transfer sizes. However, this validation did not account for the fact that
+aforementioned devices will return default values during a brief window
+during spin-up. The subsequent change in reported characteristics would
+invalidate the checking that had previously been performed.
+
+Unset a previously configured optimal I/O size should the sanity checking
+fail on subsequent revalidate attempts.
+
+Link: https://lore.kernel.org/r/33fb522e-4f61-1b76-914f-c9e6a3553c9b@gmail.com
+Cc: Bryan Gurney <bgurney@redhat.com>
+Cc: <stable@vger.kernel.org>
+Reported-by: Bernhard Sulzer <micraft.b@gmail.com>
+Tested-by: Bernhard Sulzer <micraft.b@gmail.com>
+Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/scsi/sd.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/drivers/scsi/sd.c
++++ b/drivers/scsi/sd.c
+@@ -3212,9 +3212,11 @@ static int sd_revalidate_disk(struct gen
+ if (sd_validate_opt_xfer_size(sdkp, dev_max)) {
+ q->limits.io_opt = logical_to_bytes(sdp, sdkp->opt_xfer_blocks);
+ rw_max = logical_to_sectors(sdp, sdkp->opt_xfer_blocks);
+- } else
++ } else {
++ q->limits.io_opt = 0;
+ rw_max = min_not_zero(logical_to_sectors(sdp, dev_max),
+ (sector_t)BLK_DEF_MAX_SECTORS);
++ }
+
+ /* Do not exceed controller limit */
+ rw_max = min(rw_max, queue_max_hw_sectors(q));
i2c-hix5hd2-add-missed-clk_disable_unprepare-in-remove.patch
input-synaptics-enable-rmi-on-hp-envy-13-ad105ng.patch
input-avoid-bit-macro-usage-in-the-serio.h-uapi-header.patch
+arm-dts-dra7-add-bus_dma_limit-for-l3-bus.patch
+arm-dts-omap5-add-bus_dma_limit-for-l3-bus.patch
+perf-probe-do-not-depend-on-dwfl_module_addrsym.patch
+tools-let-o-makes-handle-a-relative-path-with-c-option.patch
+scripts-dtc-remove-redundant-yyloc-global-declaration.patch
+scsi-sd-fix-optimal-i-o-size-for-devices-that-change-reported-values.patch
+mac80211-check-port-authorization-in-the-ieee80211_tx_dequeue-case.patch
+mac80211-mark-station-unauthorized-before-key-removal.patch
--- /dev/null
+From be40920fbf1003c38ccdc02b571e01a75d890c82 Mon Sep 17 00:00:00 2001
+From: Masami Hiramatsu <mhiramat@kernel.org>
+Date: Sat, 7 Mar 2020 03:32:58 +0900
+Subject: tools: Let O= makes handle a relative path with -C option
+
+From: Masami Hiramatsu <mhiramat@kernel.org>
+
+commit be40920fbf1003c38ccdc02b571e01a75d890c82 upstream.
+
+When I tried to compile tools/perf from the top directory with the -C
+option, the O= option didn't work correctly if I passed a relative path:
+
+ $ make O=BUILD -C tools/perf/
+ make: Entering directory '/home/mhiramat/ksrc/linux/tools/perf'
+ BUILD: Doing 'make -j8' parallel build
+ ../scripts/Makefile.include:4: *** O=/home/mhiramat/ksrc/linux/tools/perf/BUILD does not exist. Stop.
+ make: *** [Makefile:70: all] Error 2
+ make: Leaving directory '/home/mhiramat/ksrc/linux/tools/perf'
+
+The O= directory existence check failed because the check script ran in
+the build target directory instead of the directory where I ran the make
+command.
+
+To fix that, once change directory to $(PWD) and check O= directory,
+since the PWD is set to where the make command runs.
+
+Fixes: c883122acc0d ("perf tools: Let O= makes handle relative paths")
+Reported-by: Randy Dunlap <rdunlap@infradead.org>
+Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
+Cc: Andrew Morton <akpm@linux-foundation.org>
+Cc: Borislav Petkov <bp@alien8.de>
+Cc: Geert Uytterhoeven <geert@linux-m68k.org>
+Cc: Jiri Olsa <jolsa@redhat.com>
+Cc: Masahiro Yamada <masahiroy@kernel.org>
+Cc: Michal Marek <michal.lkml@markovi.net>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Cc: Sasha Levin <sashal@kernel.org>
+Cc: Steven Rostedt (VMware) <rostedt@goodmis.org>
+Cc: stable@vger.kernel.org
+Link: http://lore.kernel.org/lkml/158351957799.3363.15269768530697526765.stgit@devnote2
+Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ tools/perf/Makefile | 2 +-
+ tools/scripts/Makefile.include | 4 ++--
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+--- a/tools/perf/Makefile
++++ b/tools/perf/Makefile
+@@ -35,7 +35,7 @@ endif
+ # Only pass canonical directory names as the output directory:
+ #
+ ifneq ($(O),)
+- FULL_O := $(shell readlink -f $(O) || echo $(O))
++ FULL_O := $(shell cd $(PWD); readlink -f $(O) || echo $(O))
+ endif
+
+ #
+--- a/tools/scripts/Makefile.include
++++ b/tools/scripts/Makefile.include
+@@ -1,8 +1,8 @@
+ # SPDX-License-Identifier: GPL-2.0
+ ifneq ($(O),)
+ ifeq ($(origin O), command line)
+- dummy := $(if $(shell test -d $(O) || echo $(O)),$(error O=$(O) does not exist),)
+- ABSOLUTE_O := $(shell cd $(O) ; pwd)
++ dummy := $(if $(shell cd $(PWD); test -d $(O) || echo $(O)),$(error O=$(O) does not exist),)
++ ABSOLUTE_O := $(shell cd $(PWD); cd $(O) ; pwd)
+ OUTPUT := $(ABSOLUTE_O)/$(if $(subdir),$(subdir)/)
+ COMMAND_O := O=$(ABSOLUTE_O)
+ ifeq ($(objtree),)
projects / thirdparty / kernel / stable-queue.git / commitdiff
