--- /dev/null
+From 810c985c77f9048ac666d6befce0f926de7b490a Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Thu, 25 Mar 2021 16:26:35 +1000
+Subject: cifs: revalidate mapping when we open files for SMB1 POSIX
+
+From: Ronnie Sahlberg <lsahlber@redhat.com>
+
+[ Upstream commit cee8f4f6fcabfdf229542926128e9874d19016d5 ]
+
+RHBZ: 1933527
+
+Under SMB1 + POSIX, if an inode is reused on a server after we have read and
+cached a part of a file, when we then open the new file with the
+re-cycled inode there is a chance that we may serve the old data out of cache
+to the application.
+This only happens for SMB1 (deprecated) and when posix are used.
+The simplest solution to avoid this race is to force a revalidate
+on smb1-posix open.
+
+Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
+Reviewed-by: Paulo Alcantara (SUSE) <pc@cjr.nz>
+Signed-off-by: Steve French <stfrench@microsoft.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/cifs/file.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/fs/cifs/file.c b/fs/cifs/file.c
+index b5a05092f862..5bc617cb7721 100644
+--- a/fs/cifs/file.c
++++ b/fs/cifs/file.c
+@@ -163,6 +163,7 @@ int cifs_posix_open(char *full_path, struct inode **pinode,
+ goto posix_open_ret;
+ }
+ } else {
++ cifs_revalidate_mapping(*pinode);
+ cifs_fattr_to_inode(*pinode, &fattr);
+ }
+
+--
+2.30.2
+
--- /dev/null
+From 505da1b2d812ad9cc6606d219d9f9e7c796ad4c7 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 19 Mar 2021 14:57:11 +0100
+Subject: cifs: Silently ignore unknown oplock break handle
+
+From: Vincent Whitchurch <vincent.whitchurch@axis.com>
+
+[ Upstream commit 219481a8f90ec3a5eed9638fb35609e4b1aeece7 ]
+
+Make SMB2 not print out an error when an oplock break is received for an
+unknown handle, similar to SMB1. The debug message which is printed for
+these unknown handles may also be misleading, so fix that too.
+
+The SMB2 lease break path is not affected by this patch.
+
+Without this, a program which writes to a file from one thread, and
+opens, reads, and writes the same file from another thread triggers the
+below errors several times a minute when run against a Samba server
+configured with "smb2 leases = no".
+
+ CIFS: VFS: \\192.168.0.1 No task to wake, unknown frame received! NumMids 2
+ 00000000: 424d53fe 00000040 00000000 00000012 .SMB@...........
+ 00000010: 00000001 00000000 ffffffff ffffffff ................
+ 00000020: 00000000 00000000 00000000 00000000 ................
+ 00000030: 00000000 00000000 00000000 00000000 ................
+
+Signed-off-by: Vincent Whitchurch <vincent.whitchurch@axis.com>
+Reviewed-by: Tom Talpey <tom@talpey.com>
+Reviewed-by: Paulo Alcantara (SUSE) <pc@cjr.nz>
+Signed-off-by: Steve French <stfrench@microsoft.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/cifs/smb2misc.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/fs/cifs/smb2misc.c b/fs/cifs/smb2misc.c
+index 44198b9a5315..19baeb4ca511 100644
+--- a/fs/cifs/smb2misc.c
++++ b/fs/cifs/smb2misc.c
+@@ -633,8 +633,8 @@ smb2_is_valid_oplock_break(char *buffer, struct TCP_Server_Info *server)
+ }
+ }
+ spin_unlock(&cifs_tcp_ses_lock);
+- cifs_dbg(FYI, "Can not process oplock break for non-existent connection\n");
+- return false;
++ cifs_dbg(FYI, "No file id matched, oplock break ignored\n");
++ return true;
+ }
+
+ void
+--
+2.30.2
+
--- /dev/null
+From 80b9e13179a23b13e11e67676b028972bda7a38b Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Wed, 24 Mar 2021 21:37:38 -0700
+Subject: ia64: mca: allocate early mca with GFP_ATOMIC
+
+From: Sergei Trofimovich <slyfox@gentoo.org>
+
+[ Upstream commit f2a419cf495f95cac49ea289318b833477e1a0e2 ]
+
+The sleep warning happens at early boot right at secondary CPU
+activation bootup:
+
+ smp: Bringing up secondary CPUs ...
+ BUG: sleeping function called from invalid context at mm/page_alloc.c:4942
+ in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 0, name: swapper/1
+ CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.12.0-rc2-00007-g79e228d0b611-dirty #99
+ ..
+ Call Trace:
+ show_stack+0x90/0xc0
+ dump_stack+0x150/0x1c0
+ ___might_sleep+0x1c0/0x2a0
+ __might_sleep+0xa0/0x160
+ __alloc_pages_nodemask+0x1a0/0x600
+ alloc_page_interleave+0x30/0x1c0
+ alloc_pages_current+0x2c0/0x340
+ __get_free_pages+0x30/0xa0
+ ia64_mca_cpu_init+0x2d0/0x3a0
+ cpu_init+0x8b0/0x1440
+ start_secondary+0x60/0x700
+ start_ap+0x750/0x780
+ Fixed BSP b0 value from CPU 1
+
+As I understand interrupts are not enabled yet and system has a lot of
+memory. There is little chance to sleep and switch to GFP_ATOMIC should
+be a no-op.
+
+Link: https://lkml.kernel.org/r/20210315085045.204414-1-slyfox@gentoo.org
+Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/ia64/kernel/mca.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/arch/ia64/kernel/mca.c b/arch/ia64/kernel/mca.c
+index 2889412e03eb..0d5b64ddcdd1 100644
+--- a/arch/ia64/kernel/mca.c
++++ b/arch/ia64/kernel/mca.c
+@@ -1858,7 +1858,7 @@ ia64_mca_cpu_init(void *cpu_data)
+ data = mca_bootmem();
+ first_time = 0;
+ } else
+- data = (void *)__get_free_pages(GFP_KERNEL,
++ data = (void *)__get_free_pages(GFP_ATOMIC,
+ get_order(sz));
+ if (!data)
+ panic("Could not allocate MCA memory for cpu %d\n",
+--
+2.30.2
+
--- /dev/null
+From 7c067ce43783e2a17a709daa9d0c87f1652ccf63 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Thu, 11 Mar 2021 10:59:07 +0530
+Subject: mac80211: choose first enabled channel for monitor
+
+From: Karthikeyan Kathirvel <kathirve@codeaurora.org>
+
+[ Upstream commit 041c881a0ba8a75f71118bd9766b78f04beed469 ]
+
+Even if the first channel from sband channel list is invalid
+or disabled mac80211 ends up choosing it as the default channel
+for monitor interfaces, making them not usable.
+
+Fix this by assigning the first available valid or enabled
+channel instead.
+
+Signed-off-by: Karthikeyan Kathirvel <kathirve@codeaurora.org>
+Link: https://lore.kernel.org/r/1615440547-7661-1-git-send-email-kathirve@codeaurora.org
+[reword commit message, comment, code cleanups]
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ net/mac80211/main.c | 13 ++++++++++++-
+ 1 file changed, 12 insertions(+), 1 deletion(-)
+
+diff --git a/net/mac80211/main.c b/net/mac80211/main.c
+index 15d23aeea634..2357b17254e7 100644
+--- a/net/mac80211/main.c
++++ b/net/mac80211/main.c
+@@ -889,8 +889,19 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
+ continue;
+
+ if (!dflt_chandef.chan) {
++ /*
++ * Assign the first enabled channel to dflt_chandef
++ * from the list of channels
++ */
++ for (i = 0; i < sband->n_channels; i++)
++ if (!(sband->channels[i].flags &
++ IEEE80211_CHAN_DISABLED))
++ break;
++ /* if none found then use the first anyway */
++ if (i == sband->n_channels)
++ i = 0;
+ cfg80211_chandef_create(&dflt_chandef,
+- &sband->channels[0],
++ &sband->channels[i],
+ NL80211_CHAN_NO_HT);
+ /* init channel we're on */
+ if (!local->use_chanctx && !local->_oper_chandef.chan) {
+--
+2.30.2
+
--- /dev/null
+From b4df7a1bfc9f86c16d5516a190024a2c5310b9fe Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Wed, 10 Mar 2021 23:27:35 -0500
+Subject: mISDN: fix crash in fritzpci
+
+From: Tong Zhang <ztong0001@gmail.com>
+
+[ Upstream commit a9f81244d2e33e6dfcef120fefd30c96b3f7cdb0 ]
+
+setup_fritz() in avmfritz.c might fail with -EIO and in this case the
+isac.type and isac.write_reg is not initialized and remains 0(NULL).
+A subsequent call to isac_release() will dereference isac->write_reg and
+crash.
+
+[ 1.737444] BUG: kernel NULL pointer dereference, address: 0000000000000000
+[ 1.737809] #PF: supervisor instruction fetch in kernel mode
+[ 1.738106] #PF: error_code(0x0010) - not-present page
+[ 1.738378] PGD 0 P4D 0
+[ 1.738515] Oops: 0010 [#1] SMP NOPTI
+[ 1.738711] CPU: 0 PID: 180 Comm: systemd-udevd Not tainted 5.12.0-rc2+ #78
+[ 1.739077] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-48-gd9c812dda519-p
+rebuilt.qemu.org 04/01/2014
+[ 1.739664] RIP: 0010:0x0
+[ 1.739807] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.
+[ 1.740200] RSP: 0018:ffffc9000027ba10 EFLAGS: 00010202
+[ 1.740478] RAX: 0000000000000000 RBX: ffff888102f41840 RCX: 0000000000000027
+[ 1.740853] RDX: 00000000000000ff RSI: 0000000000000020 RDI: ffff888102f41800
+[ 1.741226] RBP: ffffc9000027ba20 R08: ffff88817bc18440 R09: ffffc9000027b808
+[ 1.741600] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888102f41840
+[ 1.741976] R13: 00000000fffffffb R14: ffff888102f41800 R15: ffff8881008b0000
+[ 1.742351] FS: 00007fda3a38a8c0(0000) GS:ffff88817bc00000(0000) knlGS:0000000000000000
+[ 1.742774] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+[ 1.743076] CR2: ffffffffffffffd6 CR3: 00000001021ec000 CR4: 00000000000006f0
+[ 1.743452] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
+[ 1.743828] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
+[ 1.744206] Call Trace:
+[ 1.744339] isac_release+0xcc/0xe0 [mISDNipac]
+[ 1.744582] fritzpci_probe.cold+0x282/0x739 [avmfritz]
+[ 1.744861] local_pci_probe+0x48/0x80
+[ 1.745063] pci_device_probe+0x10f/0x1c0
+[ 1.745278] really_probe+0xfb/0x420
+[ 1.745471] driver_probe_device+0xe9/0x160
+[ 1.745693] device_driver_attach+0x5d/0x70
+[ 1.745917] __driver_attach+0x8f/0x150
+[ 1.746123] ? device_driver_attach+0x70/0x70
+[ 1.746354] bus_for_each_dev+0x7e/0xc0
+[ 1.746560] driver_attach+0x1e/0x20
+[ 1.746751] bus_add_driver+0x152/0x1f0
+[ 1.746957] driver_register+0x74/0xd0
+[ 1.747157] ? 0xffffffffc00d8000
+[ 1.747334] __pci_register_driver+0x54/0x60
+[ 1.747562] AVM_init+0x36/0x1000 [avmfritz]
+[ 1.747791] do_one_initcall+0x48/0x1d0
+[ 1.747997] ? __cond_resched+0x19/0x30
+[ 1.748206] ? kmem_cache_alloc_trace+0x390/0x440
+[ 1.748458] ? do_init_module+0x28/0x250
+[ 1.748669] do_init_module+0x62/0x250
+[ 1.748870] load_module+0x23ee/0x26a0
+[ 1.749073] __do_sys_finit_module+0xc2/0x120
+[ 1.749307] ? __do_sys_finit_module+0xc2/0x120
+[ 1.749549] __x64_sys_finit_module+0x1a/0x20
+[ 1.749782] do_syscall_64+0x38/0x90
+
+Signed-off-by: Tong Zhang <ztong0001@gmail.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/isdn/hardware/mISDN/mISDNipac.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/drivers/isdn/hardware/mISDN/mISDNipac.c b/drivers/isdn/hardware/mISDN/mISDNipac.c
+index cb428b9ee441..b4639b0aab3c 100644
+--- a/drivers/isdn/hardware/mISDN/mISDNipac.c
++++ b/drivers/isdn/hardware/mISDN/mISDNipac.c
+@@ -709,7 +709,7 @@ isac_release(struct isac_hw *isac)
+ {
+ if (isac->type & IPAC_TYPE_ISACX)
+ WriteISAC(isac, ISACX_MASK, 0xff);
+- else
++ else if (isac->type != 0)
+ WriteISAC(isac, ISAC_MASK, 0xff);
+ if (isac->dch.timer.function != NULL) {
+ del_timer(&isac->dch.timer);
+--
+2.30.2
+
--- /dev/null
+From a7172ba5a18f4e69fbdcd48663565dafa61706c1 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Wed, 10 Mar 2021 11:10:46 +0300
+Subject: net: pxa168_eth: Fix a potential data race in pxa168_eth_remove
+
+From: Pavel Andrianov <andrianov@ispras.ru>
+
+[ Upstream commit 0571a753cb07982cc82f4a5115e0b321da89e1f3 ]
+
+pxa168_eth_remove() firstly calls unregister_netdev(),
+then cancels a timeout work. unregister_netdev() shuts down a device
+interface and removes it from the kernel tables. If the timeout occurs
+in parallel, the timeout work (pxa168_eth_tx_timeout_task) performs stop
+and open of the device. It may lead to an inconsistent state and memory
+leaks.
+
+Found by Linux Driver Verification project (linuxtesting.org).
+
+Signed-off-by: Pavel Andrianov <andrianov@ispras.ru>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/net/ethernet/marvell/pxa168_eth.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/drivers/net/ethernet/marvell/pxa168_eth.c b/drivers/net/ethernet/marvell/pxa168_eth.c
+index 7ace07dad6a3..9986f88618bd 100644
+--- a/drivers/net/ethernet/marvell/pxa168_eth.c
++++ b/drivers/net/ethernet/marvell/pxa168_eth.c
+@@ -1577,8 +1577,8 @@ static int pxa168_eth_remove(struct platform_device *pdev)
+
+ mdiobus_unregister(pep->smi_bus);
+ mdiobus_free(pep->smi_bus);
+- unregister_netdev(dev);
+ cancel_work_sync(&pep->tx_timeout_task);
++ unregister_netdev(dev);
+ free_netdev(dev);
+ return 0;
+ }
+--
+2.30.2
+
--- /dev/null
+net-pxa168_eth-fix-a-potential-data-race-in-pxa168_e.patch
+misdn-fix-crash-in-fritzpci.patch
+mac80211-choose-first-enabled-channel-for-monitor.patch
+x86-build-turn-off-fcf-protection-for-realmode-targe.patch
+ia64-mca-allocate-early-mca-with-gfp_atomic.patch
+cifs-revalidate-mapping-when-we-open-files-for-smb1-.patch
+cifs-silently-ignore-unknown-oplock-break-handle.patch
--- /dev/null
+From 85fb45312e104116bbdf6c98a40bf6477ca0c818 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 23 Mar 2021 13:48:36 +0100
+Subject: x86/build: Turn off -fcf-protection for realmode targets
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Arnd Bergmann <arnd@arndb.de>
+
+[ Upstream commit 9fcb51c14da2953de585c5c6e50697b8a6e91a7b ]
+
+The new Ubuntu GCC packages turn on -fcf-protection globally,
+which causes a build failure in the x86 realmode code:
+
+ cc1: error: ‘-fcf-protection’ is not compatible with this target
+
+Turn it off explicitly on compilers that understand this option.
+
+Signed-off-by: Arnd Bergmann <arnd@arndb.de>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Link: https://lore.kernel.org/r/20210323124846.1584944-1-arnd@kernel.org
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/x86/Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/arch/x86/Makefile b/arch/x86/Makefile
+index 5fece9334f12..2b3adb3008c3 100644
+--- a/arch/x86/Makefile
++++ b/arch/x86/Makefile
+@@ -34,7 +34,7 @@ REALMODE_CFLAGS := $(M16_CFLAGS) -g -Os -D__KERNEL__ \
+ -DDISABLE_BRANCH_PROFILING \
+ -Wall -Wstrict-prototypes -march=i386 -mregparm=3 \
+ -fno-strict-aliasing -fomit-frame-pointer -fno-pic \
+- -mno-mmx -mno-sse
++ -mno-mmx -mno-sse $(call cc-option,-fcf-protection=none)
+
+ REALMODE_CFLAGS += $(call __cc-option, $(CC), $(REALMODE_CFLAGS), -ffreestanding)
+ REALMODE_CFLAGS += $(call __cc-option, $(CC), $(REALMODE_CFLAGS), -fno-stack-protector)
+--
+2.30.2
+
projects / thirdparty / kernel / stable-queue.git / commitdiff
