--- /dev/null
+From f2cbd39dedb8777d565ea559367426d4844938ed Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 4 Dec 2020 14:35:06 +0100
+Subject: can: softing: softing_netdev_open(): fix error handling
+
+From: Zhang Qilong <zhangqilong3@huawei.com>
+
+[ Upstream commit 4d1be581ec6b92a338bb7ed23e1381f45ddf336f ]
+
+If softing_netdev_open() fails, we should call close_candev() to avoid
+reference leak.
+
+Fixes: 03fd3cf5a179d ("can: add driver for Softing card")
+Signed-off-by: Zhang Qilong <zhangqilong3@huawei.com>
+Acked-by: Kurt Van Dijck <dev.kurt@vandijck-laurijssen.be>
+Link: https://lore.kernel.org/r/20201202151632.1343786-1-zhangqilong3@huawei.com
+Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
+Link: https://lore.kernel.org/r/20201204133508.742120-2-mkl@pengutronix.de
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/net/can/softing/softing_main.c | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/drivers/net/can/softing/softing_main.c b/drivers/net/can/softing/softing_main.c
+index 7621f91a8a209..fd48770ba7920 100644
+--- a/drivers/net/can/softing/softing_main.c
++++ b/drivers/net/can/softing/softing_main.c
+@@ -393,8 +393,13 @@ static int softing_netdev_open(struct net_device *ndev)
+
+ /* check or determine and set bittime */
+ ret = open_candev(ndev);
+- if (!ret)
+- ret = softing_startstop(ndev, 1);
++ if (ret)
++ return ret;
++
++ ret = softing_startstop(ndev, 1);
++ if (ret < 0)
++ close_candev(ndev);
++
+ return ret;
+ }
+
+--
+2.27.0
+
--- /dev/null
+From b0fcc437299bc188fd71e7634dd1ab3f101fa2c3 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 13 Nov 2020 15:19:10 +0100
+Subject: dm table: Remove BUG_ON(in_interrupt())
+
+From: Thomas Gleixner <tglx@linutronix.de>
+
+[ Upstream commit e7b624183d921b49ef0a96329f21647d38865ee9 ]
+
+The BUG_ON(in_interrupt()) in dm_table_event() is a historic leftover from
+a rework of the dm table code which changed the calling context.
+
+Issuing a BUG for a wrong calling context is frowned upon and
+in_interrupt() is deprecated and only covering parts of the wrong
+contexts. The sanity check for the context is covered by
+CONFIG_DEBUG_ATOMIC_SLEEP and other debug facilities already.
+
+Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
+Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
+Signed-off-by: Mike Snitzer <snitzer@redhat.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/md/dm-table.c | 6 ------
+ 1 file changed, 6 deletions(-)
+
+diff --git a/drivers/md/dm-table.c b/drivers/md/dm-table.c
+index 466158d06ab1b..8eed39dc2036a 100644
+--- a/drivers/md/dm-table.c
++++ b/drivers/md/dm-table.c
+@@ -1154,12 +1154,6 @@ void dm_table_event_callback(struct dm_table *t,
+
+ void dm_table_event(struct dm_table *t)
+ {
+- /*
+- * You can no longer call dm_table_event() from interrupt
+- * context, use a bottom half instead.
+- */
+- BUG_ON(in_interrupt());
+-
+ mutex_lock(&_event_lock);
+ if (t->event_fn)
+ t->event_fn(t->event_context);
+--
+2.27.0
+
--- /dev/null
+From 3abebffeaa744d264796a847ccea4f7e91fedfcf Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 4 Dec 2020 08:42:05 +0200
+Subject: RDMA/cm: Fix an attempt to use non-valid pointer when cleaning
+ timewait
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Leon Romanovsky <leonro@nvidia.com>
+
+[ Upstream commit 340b940ea0ed12d9adbb8f72dea17d516b2019e8 ]
+
+If cm_create_timewait_info() fails, the timewait_info pointer will contain
+an error value and will be used in cm_remove_remote() later.
+
+ general protection fault, probably for non-canonical address 0xdffffc0000000024: 0000 [#1] SMP KASAN PTI
+ KASAN: null-ptr-deref in range [0×0000000000000120-0×0000000000000127]
+ CPU: 2 PID: 12446 Comm: syz-executor.3 Not tainted 5.10.0-rc5-5d4c0742a60e #27
+ Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014
+ RIP: 0010:cm_remove_remote.isra.0+0x24/0×170 drivers/infiniband/core/cm.c:978
+ Code: 84 00 00 00 00 00 41 54 55 53 48 89 fb 48 8d ab 2d 01 00 00 e8 7d bf 4b fe 48 89 ea 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <0f> b6 04 02 48 89 ea 83 e2 07 38 d0 7f 08 84 c0 0f 85 fc 00 00 00
+ RSP: 0018:ffff888013127918 EFLAGS: 00010006
+ RAX: dffffc0000000000 RBX: fffffffffffffff4 RCX: ffffc9000a18b000
+ RDX: 0000000000000024 RSI: ffffffff82edc573 RDI: fffffffffffffff4
+ RBP: 0000000000000121 R08: 0000000000000001 R09: ffffed1002624f1d
+ R10: 0000000000000003 R11: ffffed1002624f1c R12: ffff888107760c70
+ R13: ffff888107760c40 R14: fffffffffffffff4 R15: ffff888107760c9c
+ FS: 00007fe1ffcc1700(0000) GS:ffff88811a600000(0000) knlGS:0000000000000000
+ CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+ CR2: 0000001b2ff21000 CR3: 000000010f504001 CR4: 0000000000370ee0
+ DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
+ DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
+ Call Trace:
+ cm_destroy_id+0x189/0×15b0 drivers/infiniband/core/cm.c:1155
+ cma_connect_ib drivers/infiniband/core/cma.c:4029 [inline]
+ rdma_connect_locked+0x1100/0×17c0 drivers/infiniband/core/cma.c:4107
+ rdma_connect+0x2a/0×40 drivers/infiniband/core/cma.c:4140
+ ucma_connect+0x277/0×340 drivers/infiniband/core/ucma.c:1069
+ ucma_write+0x236/0×2f0 drivers/infiniband/core/ucma.c:1724
+ vfs_write+0x220/0×830 fs/read_write.c:603
+ ksys_write+0x1df/0×240 fs/read_write.c:658
+ do_syscall_64+0x33/0×40 arch/x86/entry/common.c:46
+ entry_SYSCALL_64_after_hwframe+0x44/0xa9
+
+Fixes: a977049dacde ("[PATCH] IB: Add the kernel CM implementation")
+Link: https://lore.kernel.org/r/20201204064205.145795-1-leon@kernel.org
+Reviewed-by: Maor Gottlieb <maorg@nvidia.com>
+Reported-by: Amit Matityahu <mitm@nvidia.com>
+Signed-off-by: Leon Romanovsky <leonro@nvidia.com>
+Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/infiniband/core/cm.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/drivers/infiniband/core/cm.c b/drivers/infiniband/core/cm.c
+index 53c622c99ee40..ba713bc27c5f9 100644
+--- a/drivers/infiniband/core/cm.c
++++ b/drivers/infiniband/core/cm.c
+@@ -1252,6 +1252,7 @@ int ib_send_cm_req(struct ib_cm_id *cm_id,
+ id.local_id);
+ if (IS_ERR(cm_id_priv->timewait_info)) {
+ ret = PTR_ERR(cm_id_priv->timewait_info);
++ cm_id_priv->timewait_info = NULL;
+ goto out;
+ }
+
+@@ -1681,6 +1682,7 @@ static int cm_req_handler(struct cm_work *work)
+ id.local_id);
+ if (IS_ERR(cm_id_priv->timewait_info)) {
+ ret = PTR_ERR(cm_id_priv->timewait_info);
++ cm_id_priv->timewait_info = NULL;
+ goto destroy;
+ }
+ cm_id_priv->timewait_info->work.remote_id = req_msg->local_comm_id;
+--
+2.27.0
+
--- /dev/null
+From 279546f0bd1da24b5452fceabed182cf97f417ae Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Sat, 28 Nov 2020 23:09:16 -0800
+Subject: scsi: bnx2i: Requires MMU
+
+From: Randy Dunlap <rdunlap@infradead.org>
+
+[ Upstream commit 2d586494c4a001312650f0b919d534e429dd1e09 ]
+
+The SCSI_BNX2_ISCSI kconfig symbol selects CNIC and CNIC selects UIO, which
+depends on MMU.
+
+Since 'select' does not follow dependency chains, add the same MMU
+dependency to SCSI_BNX2_ISCSI.
+
+Quietens this kconfig warning:
+
+WARNING: unmet direct dependencies detected for CNIC
+ Depends on [n]: NETDEVICES [=y] && ETHERNET [=y] && NET_VENDOR_BROADCOM [=y] && PCI [=y] && (IPV6 [=m] || IPV6 [=m]=n) && MMU [=n]
+ Selected by [m]:
+ - SCSI_BNX2_ISCSI [=m] && SCSI_LOWLEVEL [=y] && SCSI [=y] && NET [=y] && PCI [=y] && (IPV6 [=m] || IPV6 [=m]=n)
+
+Link: https://lore.kernel.org/r/20201129070916.3919-1-rdunlap@infradead.org
+Fixes: cf4e6363859d ("[SCSI] bnx2i: Add bnx2i iSCSI driver.")
+Cc: linux-scsi@vger.kernel.org
+Cc: Nilesh Javali <njavali@marvell.com>
+Cc: Manish Rangankar <mrangankar@marvell.com>
+Cc: GR-QLogic-Storage-Upstream@marvell.com
+Cc: "James E.J. Bottomley" <jejb@linux.ibm.com>
+Cc: "Martin K. Petersen" <martin.petersen@oracle.com>
+Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
+Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/scsi/bnx2i/Kconfig | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/drivers/scsi/bnx2i/Kconfig b/drivers/scsi/bnx2i/Kconfig
+index ba30ff86d5818..b27a3738d940c 100644
+--- a/drivers/scsi/bnx2i/Kconfig
++++ b/drivers/scsi/bnx2i/Kconfig
+@@ -3,6 +3,7 @@ config SCSI_BNX2_ISCSI
+ depends on NET
+ depends on PCI
+ depends on (IPV6 || IPV6=n)
++ depends on MMU
+ select SCSI_ISCSI_ATTRS
+ select NETDEVICES
+ select ETHERNET
+--
+2.27.0
+
alsa-pcm-oss-fix-potential-out-of-bounds-shift.patch
serial-8250_omap-avoid-fifo-corruption-caused-by-mdr1-access.patch
usb-serial-cp210x-enable-usb-generic-throttle-unthrottle.patch
+scsi-bnx2i-requires-mmu.patch
+can-softing-softing_netdev_open-fix-error-handling.patch
+rdma-cm-fix-an-attempt-to-use-non-valid-pointer-when.patch
+dm-table-remove-bug_on-in_interrupt.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
