--
2.12.2
-From 485171b1ee8c7cc74cff9881b92b178b1c709663 Mon Sep 17 00:00:00 2001
-From: "Steven Rostedt (VMware)" <rostedt@goodmis.org>
-Date: Tue, 7 Feb 2017 12:05:25 -0500
-Subject: [PATCH 018/251] ktest: Fix child exit code processing
-Status: RO
-Content-Length: 849
-Lines: 27
-
-commit 32677207dcc5e594254b7fb4fb2352b1755b1d5b upstream.
-
-The child_exit errno needs to be shifted by 8 bits to compare against the
-return values for the bisect variables.
-
-Fixes: c5dacb88f0a64 ("ktest: Allow overriding bisect test results")
-Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- tools/testing/ktest/ktest.pl | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/tools/testing/ktest/ktest.pl b/tools/testing/ktest/ktest.pl
-index d08e214ec6e7..223d88e25e05 100755
---- a/tools/testing/ktest/ktest.pl
-+++ b/tools/testing/ktest/ktest.pl
-@@ -2629,7 +2629,7 @@ sub do_run_test {
- }
-
- waitpid $child_pid, 0;
-- $child_exit = $?;
-+ $child_exit = $? >> 8;
-
- my $end_time = time;
- $test_time = $end_time - $start_time;
---
-2.12.2
-
-From 05a9143edb47e7799f191f1015f56eb2dacfee0d Mon Sep 17 00:00:00 2001
-From: Jeff Layton <jlayton@redhat.com>
-Date: Tue, 14 Feb 2017 10:09:40 -0500
-Subject: [PATCH 019/251] ceph: remove req from unsafe list when unregistering
- it
-Content-Length: 1752
-Lines: 46
-
-commit df963ea8a082d31521a120e8e31a29ad8a1dc215 upstream.
-
-There's no reason a request should ever be on a s_unsafe list but not
-in the request tree.
-
-Link: http://tracker.ceph.com/issues/18474
-Signed-off-by: Jeff Layton <jlayton@redhat.com>
-Reviewed-by: Yan, Zheng <zyan@redhat.com>
-Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- fs/ceph/mds_client.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c
-index 239bc9cba28c..f54f77037d22 100644
---- a/fs/ceph/mds_client.c
-+++ b/fs/ceph/mds_client.c
-@@ -644,6 +644,9 @@ static void __unregister_request(struct ceph_mds_client *mdsc,
- {
- dout("__unregister_request %p tid %lld\n", req, req->r_tid);
-
-+ /* Never leave an unregistered request on an unsafe list! */
-+ list_del_init(&req->r_unsafe_item);
-+
- if (req->r_tid == mdsc->oldest_tid) {
- struct rb_node *p = rb_next(&req->r_node);
- mdsc->oldest_tid = 0;
-@@ -1051,7 +1054,6 @@ static void cleanup_session_requests(struct ceph_mds_client *mdsc,
- while (!list_empty(&session->s_unsafe)) {
- req = list_first_entry(&session->s_unsafe,
- struct ceph_mds_request, r_unsafe_item);
-- list_del_init(&req->r_unsafe_item);
- pr_warn_ratelimited(" dropping unsafe request %llu\n",
- req->r_tid);
- __unregister_request(mdsc, req);
-@@ -2477,7 +2479,6 @@ static void handle_reply(struct ceph_mds_session *session, struct ceph_msg *msg)
- * useful we could do with a revised return value.
- */
- dout("got safe reply %llu, mds%d\n", tid, mds);
-- list_del_init(&req->r_unsafe_item);
-
- /* last unsafe request during umount? */
- if (mdsc->stopping && !__get_oldest_req(mdsc))
---
-2.12.2
-
From ca739e3fd7dc803d526ea5bb9b80c0d07fbca55f Mon Sep 17 00:00:00 2001
From: Nicholas Bellinger <nab@linux-iscsi.org>
Date: Wed, 22 Feb 2017 22:06:32 -0800
--
2.12.2
-From e1c924e85a937de5e1d0dd6c47f094b089952e0c Mon Sep 17 00:00:00 2001
-From: Trond Myklebust <trond.myklebust@primarydata.com>
-Date: Sat, 11 Feb 2017 10:37:38 -0500
-Subject: [PATCH 021/251] nlm: Ensure callback code also checks that the files
- match
-Content-Length: 1237
-Lines: 31
-
-commit 251af29c320d86071664f02c76f0d063a19fefdf upstream.
-
-It is not sufficient to just check that the lock pids match when
-granting a callback, we also need to ensure that we're granting
-the callback on the right file.
-
-Reported-by: Pankaj Singh <psingh.ait@gmail.com>
-Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
-Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
-Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- include/linux/lockd/lockd.h | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/include/linux/lockd/lockd.h b/include/linux/lockd/lockd.h
-index c15373894a42..b37dee3acaba 100644
---- a/include/linux/lockd/lockd.h
-+++ b/include/linux/lockd/lockd.h
-@@ -355,7 +355,8 @@ static inline int nlm_privileged_requester(const struct svc_rqst *rqstp)
- static inline int nlm_compare_locks(const struct file_lock *fl1,
- const struct file_lock *fl2)
- {
-- return fl1->fl_pid == fl2->fl_pid
-+ return file_inode(fl1->fl_file) == file_inode(fl2->fl_file)
-+ && fl1->fl_pid == fl2->fl_pid
- && fl1->fl_owner == fl2->fl_owner
- && fl1->fl_start == fl2->fl_start
- && fl1->fl_end == fl2->fl_end
---
-2.12.2
-
-From 6ef213d6219456ea5e4df7d201b4a3384e06783b Mon Sep 17 00:00:00 2001
-From: Clemens Gruber <clemens.gruber@pqgruber.com>
-Date: Tue, 13 Dec 2016 16:52:50 +0100
-Subject: [PATCH 022/251] pwm: pca9685: Fix period change with same duty cycle
-Content-Length: 1777
-Lines: 51
-
-commit 8d254a340efb12b40c4c1ff25a48a4f48f7bbd6b upstream.
-
-When first implementing support for changing the output frequency, an
-optimization was added to continue the PWM after changing the prescaler
-without having to reprogram the ON and OFF registers for the duty cycle,
-in case the duty cycle stayed the same. This was flawed, because we
-compared the absolute value of the duty cycle in nanoseconds instead of
-the ratio to the period.
-
-Fix the problem by removing the shortcut.
-
-Fixes: 01ec8472009c9 ("pwm-pca9685: Support changing the output frequency")
-Signed-off-by: Clemens Gruber <clemens.gruber@pqgruber.com>
-Reviewed-by: Mika Westerberg <mika.westerberg@linux.intel.com>
-Signed-off-by: Thierry Reding <thierry.reding@gmail.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/pwm/pwm-pca9685.c | 11 -----------
- 1 file changed, 11 deletions(-)
-
-diff --git a/drivers/pwm/pwm-pca9685.c b/drivers/pwm/pwm-pca9685.c
-index 117fccf7934a..01a6a83f625d 100644
---- a/drivers/pwm/pwm-pca9685.c
-+++ b/drivers/pwm/pwm-pca9685.c
-@@ -65,7 +65,6 @@
- #define PCA9685_MAXCHAN 0x10
-
- #define LED_FULL (1 << 4)
--#define MODE1_RESTART (1 << 7)
- #define MODE1_SLEEP (1 << 4)
- #define MODE2_INVRT (1 << 4)
- #define MODE2_OUTDRV (1 << 2)
-@@ -117,16 +116,6 @@ static int pca9685_pwm_config(struct pwm_chip *chip, struct pwm_device *pwm,
- udelay(500);
-
- pca->period_ns = period_ns;
--
-- /*
-- * If the duty cycle did not change, restart PWM with
-- * the same duty cycle to period ratio and return.
-- */
-- if (duty_ns == pca->duty_ns) {
-- regmap_update_bits(pca->regmap, PCA9685_MODE1,
-- MODE1_RESTART, 0x1);
-- return 0;
-- }
- } else {
- dev_err(chip->dev,
- "prescaler not set: period out of bounds!\n");
---
-2.12.2
-
-From 21096328c97e707f2190b26a06d8b805551a543d Mon Sep 17 00:00:00 2001
-From: Max Filippov <jcmvbkbc@gmail.com>
-Date: Tue, 3 Jan 2017 09:37:34 -0800
-Subject: [PATCH 023/251] xtensa: move parse_tag_fdt out of #ifdef
- CONFIG_BLK_DEV_INITRD
-Content-Length: 1156
-Lines: 37
-
-commit 4ab18701c66552944188dbcd0ce0012729baab84 upstream.
-
-FDT tag parsing is not related to whether BLK_DEV_INITRD is configured
-or not, move it out of the corresponding #ifdef/#endif block.
-This fixes passing external FDT to the kernel configured w/o
-BLK_DEV_INITRD support.
-
-Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- arch/xtensa/kernel/setup.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/arch/xtensa/kernel/setup.c b/arch/xtensa/kernel/setup.c
-index 9735691f37f1..49ccbd9022f6 100644
---- a/arch/xtensa/kernel/setup.c
-+++ b/arch/xtensa/kernel/setup.c
-@@ -133,6 +133,8 @@ static int __init parse_tag_initrd(const bp_tag_t* tag)
-
- __tagtable(BP_TAG_INITRD, parse_tag_initrd);
-
-+#endif /* CONFIG_BLK_DEV_INITRD */
-+
- #ifdef CONFIG_OF
-
- static int __init parse_tag_fdt(const bp_tag_t *tag)
-@@ -145,8 +147,6 @@ __tagtable(BP_TAG_FDT, parse_tag_fdt);
-
- #endif /* CONFIG_OF */
-
--#endif /* CONFIG_BLK_DEV_INITRD */
--
- static int __init parse_tag_cmdline(const bp_tag_t* tag)
- {
- strlcpy(command_line, (char *)(tag->data), COMMAND_LINE_SIZE);
---
-2.12.2
-
-From 8650af261d6c119062da542c70881653db0a0b20 Mon Sep 17 00:00:00 2001
-From: Matt Chen <matt.chen@intel.com>
-Date: Sun, 22 Jan 2017 02:16:58 +0800
-Subject: [PATCH 024/251] mac80211: flush delayed work when entering suspend
-Content-Length: 1043
-Lines: 34
-
-commit a9e9200d8661c1a0be8c39f93deb383dc940de35 upstream.
-
-The issue was found when entering suspend and resume.
-It triggers a warning in:
-mac80211/key.c: ieee80211_enable_keys()
-...
-WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
- sdata->crypto_tx_tailroom_pending_dec);
-...
-
-It points out sdata->crypto_tx_tailroom_pending_dec isn't cleaned up successfully
-in a delayed_work during suspend. Add a flush_delayed_work to fix it.
-
-Signed-off-by: Matt Chen <matt.chen@intel.com>
-Signed-off-by: Johannes Berg <johannes.berg@intel.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- net/mac80211/pm.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/net/mac80211/pm.c b/net/mac80211/pm.c
-index 00a43a70e1fc..0402fa45b343 100644
---- a/net/mac80211/pm.c
-+++ b/net/mac80211/pm.c
-@@ -168,6 +168,7 @@ int __ieee80211_suspend(struct ieee80211_hw *hw, struct cfg80211_wowlan *wowlan)
- break;
- }
-
-+ flush_delayed_work(&sdata->dec_tailroom_needed_wk);
- drv_remove_interface(local, sdata);
- }
-
---
-2.12.2
-
From 0d80ac62b609bce00b78a656b7cdde2d8f587345 Mon Sep 17 00:00:00 2001
From: Alex Deucher <alexander.deucher@amd.com>
Date: Fri, 10 Feb 2017 00:00:52 -0500
--
2.12.2
-From 77fec8bc7a0fbee3bf5893d8c1ce755c029f2b40 Mon Sep 17 00:00:00 2001
-From: Alexander Aring <aar@pengutronix.de>
-Date: Thu, 1 Sep 2016 11:24:57 +0200
-Subject: [PATCH 032/251] fakelb: fix schedule while atomic
-Content-Length: 2082
-Lines: 68
-
-commit bdca1fd9a6df745857e23c6056494b7fe062b4e6 upstream.
-
-This patch changes the spinlock to mutex for the available fakelb phy
-list. When holding the spinlock the ieee802154_unregister_hw is called
-which holding the rtnl_mutex, in that case we get a "BUG: sleeping function
-called from invalid context" error. We simple change the spinlock to
-mutex which allows to hold the rtnl lock there.
-
-Signed-off-by: Alexander Aring <aar@pengutronix.de>
-Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/net/ieee802154/fakelb.c | 14 +++++++-------
- 1 file changed, 7 insertions(+), 7 deletions(-)
-
-diff --git a/drivers/net/ieee802154/fakelb.c b/drivers/net/ieee802154/fakelb.c
-index 860d4aed8274..43617ded3773 100644
---- a/drivers/net/ieee802154/fakelb.c
-+++ b/drivers/net/ieee802154/fakelb.c
-@@ -30,7 +30,7 @@
- static int numlbs = 2;
-
- static LIST_HEAD(fakelb_phys);
--static DEFINE_SPINLOCK(fakelb_phys_lock);
-+static DEFINE_MUTEX(fakelb_phys_lock);
-
- static LIST_HEAD(fakelb_ifup_phys);
- static DEFINE_RWLOCK(fakelb_ifup_phys_lock);
-@@ -180,9 +180,9 @@ static int fakelb_add_one(struct device *dev)
- if (err)
- goto err_reg;
-
-- spin_lock(&fakelb_phys_lock);
-+ mutex_lock(&fakelb_phys_lock);
- list_add_tail(&phy->list, &fakelb_phys);
-- spin_unlock(&fakelb_phys_lock);
-+ mutex_unlock(&fakelb_phys_lock);
-
- return 0;
-
-@@ -214,10 +214,10 @@ static int fakelb_probe(struct platform_device *pdev)
- return 0;
-
- err_slave:
-- spin_lock(&fakelb_phys_lock);
-+ mutex_lock(&fakelb_phys_lock);
- list_for_each_entry_safe(phy, tmp, &fakelb_phys, list)
- fakelb_del(phy);
-- spin_unlock(&fakelb_phys_lock);
-+ mutex_unlock(&fakelb_phys_lock);
- return err;
- }
-
-@@ -225,10 +225,10 @@ static int fakelb_remove(struct platform_device *pdev)
- {
- struct fakelb_phy *phy, *tmp;
-
-- spin_lock(&fakelb_phys_lock);
-+ mutex_lock(&fakelb_phys_lock);
- list_for_each_entry_safe(phy, tmp, &fakelb_phys, list)
- fakelb_del(phy);
-- spin_unlock(&fakelb_phys_lock);
-+ mutex_unlock(&fakelb_phys_lock);
- return 0;
- }
-
---
-2.12.2
-
From 7952b6490bbce45e078c8c0e669df7a0a8f8948a Mon Sep 17 00:00:00 2001
From: Hans de Goede <hdegoede@redhat.com>
Date: Fri, 2 Dec 2016 15:29:04 +0100
--
2.12.2
-From 13ef90e1bb7963ec2fb9d3680fe418a4b7dedfa3 Mon Sep 17 00:00:00 2001
-From: Arnd Bergmann <arnd@arndb.de>
-Date: Mon, 16 Jan 2017 12:06:09 +0100
-Subject: [PATCH 034/251] libceph: use BUG() instead of BUG_ON(1)
-Content-Length: 1071
-Lines: 34
-
-commit d24cdcd3e40a6825135498e11c20c7976b9bf545 upstream.
-
-I ran into this compile warning, which is the result of BUG_ON(1)
-not always leading to the compiler treating the code path as
-unreachable:
-
- include/linux/ceph/osdmap.h: In function 'ceph_can_shift_osds':
- include/linux/ceph/osdmap.h:62:1: error: control reaches end of non-void function [-Werror=return-type]
-
-Using BUG() here avoids the warning.
-
-Signed-off-by: Arnd Bergmann <arnd@arndb.de>
-Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
-Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- include/linux/ceph/osdmap.h | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/include/linux/ceph/osdmap.h b/include/linux/ceph/osdmap.h
-index e55c08bc3a96..0abc56140c83 100644
---- a/include/linux/ceph/osdmap.h
-+++ b/include/linux/ceph/osdmap.h
-@@ -49,7 +49,7 @@ static inline bool ceph_can_shift_osds(struct ceph_pg_pool_info *pool)
- case CEPH_POOL_TYPE_EC:
- return false;
- default:
-- BUG_ON(1);
-+ BUG();
- }
- }
-
---
-2.12.2
-
-From 8353f338def1df3b58150cf1d6f42d1a51902b55 Mon Sep 17 00:00:00 2001
-From: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
-Date: Thu, 9 Mar 2017 16:17:37 -0800
-Subject: [PATCH 035/251] fat: fix using uninitialized fields of
- fat_inode/fsinfo_inode
-Content-Length: 1922
-Lines: 59
-
-commit c0d0e351285161a515396b7b1ee53ec9ffd97e3c upstream.
-
-Recently fallocate patch was merged and it uses
-MSDOS_I(inode)->mmu_private at fat_evict_inode(). However,
-fat_inode/fsinfo_inode that was introduced in past didn't initialize
-MSDOS_I(inode) properly.
-
-With those combinations, it became the cause of accessing random entry
-in FAT area.
-
-Link: http://lkml.kernel.org/r/87pohrj4i8.fsf@mail.parknet.co.jp
-Signed-off-by: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
-Reported-by: Moreno Bartalucci <moreno.bartalucci@tecnorama.it>
-Tested-by: Moreno Bartalucci <moreno.bartalucci@tecnorama.it>
-Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
-Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- fs/fat/inode.c | 13 ++++++++++++-
- 1 file changed, 12 insertions(+), 1 deletion(-)
-
-diff --git a/fs/fat/inode.c b/fs/fat/inode.c
-index 509411dd3698..cf644d52c0cf 100644
---- a/fs/fat/inode.c
-+++ b/fs/fat/inode.c
-@@ -1269,6 +1269,16 @@ out:
- return 0;
- }
-
-+static void fat_dummy_inode_init(struct inode *inode)
-+{
-+ /* Initialize this dummy inode to work as no-op. */
-+ MSDOS_I(inode)->mmu_private = 0;
-+ MSDOS_I(inode)->i_start = 0;
-+ MSDOS_I(inode)->i_logstart = 0;
-+ MSDOS_I(inode)->i_attrs = 0;
-+ MSDOS_I(inode)->i_pos = 0;
-+}
-+
- static int fat_read_root(struct inode *inode)
- {
- struct msdos_sb_info *sbi = MSDOS_SB(inode->i_sb);
-@@ -1713,12 +1723,13 @@ int fat_fill_super(struct super_block *sb, void *data, int silent, int isvfat,
- fat_inode = new_inode(sb);
- if (!fat_inode)
- goto out_fail;
-- MSDOS_I(fat_inode)->i_pos = 0;
-+ fat_dummy_inode_init(fat_inode);
- sbi->fat_inode = fat_inode;
-
- fsinfo_inode = new_inode(sb);
- if (!fsinfo_inode)
- goto out_fail;
-+ fat_dummy_inode_init(fsinfo_inode);
- fsinfo_inode->i_ino = MSDOS_FSINFO_INO;
- sbi->fsinfo_inode = fsinfo_inode;
- insert_inode_hash(fsinfo_inode);
---
-2.12.2
-
-From 4cdfa660c82b57828ffcca94950eccc9458e18e4 Mon Sep 17 00:00:00 2001
-From: "K. Y. Srinivasan" <kys@microsoft.com>
-Date: Wed, 8 Feb 2017 18:30:56 -0700
-Subject: [PATCH 036/251] drivers: hv: Turn off write permission on the
- hypercall page
-Content-Length: 977
-Lines: 29
-
-commit 372b1e91343e657a7cc5e2e2bcecd5140ac28119 upstream.
-
-The hypercall page only needs to be executable but currently it is setup to
-be writable as well. Fix the issue.
-
-Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
-Acked-by: Kees Cook <keescook@chromium.org>
-Reported-by: Stephen Hemminger <stephen@networkplumber.org>
-Tested-by: Stephen Hemminger <stephen@networkplumber.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/hv/hv.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/drivers/hv/hv.c b/drivers/hv/hv.c
-index 89fd0113aa5c..57c191798699 100644
---- a/drivers/hv/hv.c
-+++ b/drivers/hv/hv.c
-@@ -219,7 +219,7 @@ int hv_init(void)
- /* See if the hypercall page is already set */
- rdmsrl(HV_X64_MSR_HYPERCALL, hypercall_msr.as_uint64);
-
-- virtaddr = __vmalloc(PAGE_SIZE, GFP_KERNEL, PAGE_KERNEL_EXEC);
-+ virtaddr = __vmalloc(PAGE_SIZE, GFP_KERNEL, PAGE_KERNEL_RX);
-
- if (!virtaddr)
- goto cleanup;
---
-2.12.2
-
From 804a935963a91acd1764ba914f825dd2a29c5871 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Wed, 15 Mar 2017 09:57:56 +0800
--
2.12.2
-From e041ad0664407c60a9d29217819f991933e10edd Mon Sep 17 00:00:00 2001
-From: Arnd Bergmann <arnd@arndb.de>
-Date: Fri, 3 Feb 2017 23:33:23 +0100
-Subject: [PATCH 040/251] crypto: improve gcc optimization flags for serpent
- and wp512
-Content-Length: 6651
-Lines: 154
-
-commit 7d6e9105026788c497f0ab32fa16c82f4ab5ff61 upstream.
-
-An ancient gcc bug (first reported in 2003) has apparently resurfaced
-on MIPS, where kernelci.org reports an overly large stack frame in the
-whirlpool hash algorithm:
-
-crypto/wp512.c:987:1: warning: the frame size of 1112 bytes is larger than 1024 bytes [-Wframe-larger-than=]
-
-With some testing in different configurations, I'm seeing large
-variations in stack frames size up to 1500 bytes for what should have
-around 300 bytes at most. I also checked the reference implementation,
-which is essentially the same code but also comes with some test and
-benchmarking infrastructure.
-
-It seems that recent compiler versions on at least arm, arm64 and powerpc
-have a partial fix for this problem, but enabling "-fsched-pressure", but
-even with that fix they suffer from the issue to a certain degree. Some
-testing on arm64 shows that the time needed to hash a given amount of
-data is roughly proportional to the stack frame size here, which makes
-sense given that the wp512 implementation is doing lots of loads for
-table lookups, and the problem with the overly large stack is a result
-of doing a lot more loads and stores for spilled registers (as seen from
-inspecting the object code).
-
-Disabling -fschedule-insns consistently fixes the problem for wp512,
-in my collection of cross-compilers, the results are consistently better
-or identical when comparing the stack sizes in this function, though
-some architectures (notable x86) have schedule-insns disabled by
-default.
-
-The four columns are:
-default: -O2
-press: -O2 -fsched-pressure
-nopress: -O2 -fschedule-insns -fno-sched-pressure
-nosched: -O2 -no-schedule-insns (disables sched-pressure)
-
- default press nopress nosched
-alpha-linux-gcc-4.9.3 1136 848 1136 176
-am33_2.0-linux-gcc-4.9.3 2100 2076 2100 2104
-arm-linux-gnueabi-gcc-4.9.3 848 848 1048 352
-cris-linux-gcc-4.9.3 272 272 272 272
-frv-linux-gcc-4.9.3 1128 1000 1128 280
-hppa64-linux-gcc-4.9.3 1128 336 1128 184
-hppa-linux-gcc-4.9.3 644 308 644 276
-i386-linux-gcc-4.9.3 352 352 352 352
-m32r-linux-gcc-4.9.3 720 656 720 268
-microblaze-linux-gcc-4.9.3 1108 604 1108 256
-mips64-linux-gcc-4.9.3 1328 592 1328 208
-mips-linux-gcc-4.9.3 1096 624 1096 240
-powerpc64-linux-gcc-4.9.3 1088 432 1088 160
-powerpc-linux-gcc-4.9.3 1080 584 1080 224
-s390-linux-gcc-4.9.3 456 456 624 360
-sh3-linux-gcc-4.9.3 292 292 292 292
-sparc64-linux-gcc-4.9.3 992 240 992 208
-sparc-linux-gcc-4.9.3 680 592 680 312
-x86_64-linux-gcc-4.9.3 224 240 272 224
-xtensa-linux-gcc-4.9.3 1152 704 1152 304
-
-aarch64-linux-gcc-7.0.0 224 224 1104 208
-arm-linux-gnueabi-gcc-7.0.1 824 824 1048 352
-mips-linux-gcc-7.0.0 1120 648 1120 272
-x86_64-linux-gcc-7.0.1 240 240 304 240
-
-arm-linux-gnueabi-gcc-4.4.7 840 392
-arm-linux-gnueabi-gcc-4.5.4 784 728 784 320
-arm-linux-gnueabi-gcc-4.6.4 736 728 736 304
-arm-linux-gnueabi-gcc-4.7.4 944 784 944 352
-arm-linux-gnueabi-gcc-4.8.5 464 464 760 352
-arm-linux-gnueabi-gcc-4.9.3 848 848 1048 352
-arm-linux-gnueabi-gcc-5.3.1 824 824 1064 336
-arm-linux-gnueabi-gcc-6.1.1 808 808 1056 344
-arm-linux-gnueabi-gcc-7.0.1 824 824 1048 352
-
-Trying the same test for serpent-generic, the picture is a bit different,
-and while -fno-schedule-insns is generally better here than the default,
--fsched-pressure wins overall, so I picked that instead.
-
- default press nopress nosched
-alpha-linux-gcc-4.9.3 1392 864 1392 960
-am33_2.0-linux-gcc-4.9.3 536 524 536 528
-arm-linux-gnueabi-gcc-4.9.3 552 552 776 536
-cris-linux-gcc-4.9.3 528 528 528 528
-frv-linux-gcc-4.9.3 536 400 536 504
-hppa64-linux-gcc-4.9.3 524 208 524 480
-hppa-linux-gcc-4.9.3 768 472 768 508
-i386-linux-gcc-4.9.3 564 564 564 564
-m32r-linux-gcc-4.9.3 712 576 712 532
-microblaze-linux-gcc-4.9.3 724 392 724 512
-mips64-linux-gcc-4.9.3 720 384 720 496
-mips-linux-gcc-4.9.3 728 384 728 496
-powerpc64-linux-gcc-4.9.3 704 304 704 480
-powerpc-linux-gcc-4.9.3 704 296 704 480
-s390-linux-gcc-4.9.3 560 560 592 536
-sh3-linux-gcc-4.9.3 540 540 540 540
-sparc64-linux-gcc-4.9.3 544 352 544 496
-sparc-linux-gcc-4.9.3 544 344 544 496
-x86_64-linux-gcc-4.9.3 528 536 576 528
-xtensa-linux-gcc-4.9.3 752 544 752 544
-
-aarch64-linux-gcc-7.0.0 432 432 656 480
-arm-linux-gnueabi-gcc-7.0.1 616 616 808 536
-mips-linux-gcc-7.0.0 720 464 720 488
-x86_64-linux-gcc-7.0.1 536 528 600 536
-
-arm-linux-gnueabi-gcc-4.4.7 592 440
-arm-linux-gnueabi-gcc-4.5.4 776 448 776 544
-arm-linux-gnueabi-gcc-4.6.4 776 448 776 544
-arm-linux-gnueabi-gcc-4.7.4 768 448 768 544
-arm-linux-gnueabi-gcc-4.8.5 488 488 776 544
-arm-linux-gnueabi-gcc-4.9.3 552 552 776 536
-arm-linux-gnueabi-gcc-5.3.1 552 552 776 536
-arm-linux-gnueabi-gcc-6.1.1 560 560 776 536
-arm-linux-gnueabi-gcc-7.0.1 616 616 808 536
-
-I did not do any runtime tests with serpent, so it is possible that stack
-frame size does not directly correlate with runtime performance here and
-it actually makes things worse, but it's more likely to help here, and
-the reduced stack frame size is probably enough reason to apply the patch,
-especially given that the crypto code is often used in deep call chains.
-
-Link: https://kernelci.org/build/id/58797d7559b5149efdf6c3a9/logs/
-Link: http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html
-Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=11488
-Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79149
-Cc: Ralf Baechle <ralf@linux-mips.org>
-Signed-off-by: Arnd Bergmann <arnd@arndb.de>
-Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- crypto/Makefile | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/crypto/Makefile b/crypto/Makefile
-index 82fbff180ad3..03e66097eb0c 100644
---- a/crypto/Makefile
-+++ b/crypto/Makefile
-@@ -62,6 +62,7 @@ obj-$(CONFIG_CRYPTO_SHA1) += sha1_generic.o
- obj-$(CONFIG_CRYPTO_SHA256) += sha256_generic.o
- obj-$(CONFIG_CRYPTO_SHA512) += sha512_generic.o
- obj-$(CONFIG_CRYPTO_WP512) += wp512.o
-+CFLAGS_wp512.o := $(call cc-option,-fno-schedule-insns) # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79149
- obj-$(CONFIG_CRYPTO_TGR192) += tgr192.o
- obj-$(CONFIG_CRYPTO_GF128MUL) += gf128mul.o
- obj-$(CONFIG_CRYPTO_ECB) += ecb.o
-@@ -85,6 +86,7 @@ obj-$(CONFIG_CRYPTO_BLOWFISH_COMMON) += blowfish_common.o
- obj-$(CONFIG_CRYPTO_TWOFISH) += twofish_generic.o
- obj-$(CONFIG_CRYPTO_TWOFISH_COMMON) += twofish_common.o
- obj-$(CONFIG_CRYPTO_SERPENT) += serpent_generic.o
-+CFLAGS_serpent_generic.o := $(call cc-option,-fsched-pressure) # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79149
- obj-$(CONFIG_CRYPTO_AES) += aes_generic.o
- obj-$(CONFIG_CRYPTO_CAMELLIA) += camellia_generic.o
- obj-$(CONFIG_CRYPTO_CAST_COMMON) += cast_common.o
---
-2.12.2
-
From adc48c710b7e3d0d169e013ca089f46347aaf064 Mon Sep 17 00:00:00 2001
From: Arnd Bergmann <arnd@arndb.de>
Date: Wed, 11 Jan 2017 15:29:48 +0100
--
2.12.2
-From 3dc8f1e3a8f2cd8481578689f49c586184f25eed Mon Sep 17 00:00:00 2001
-From: Arnd Bergmann <arnd@arndb.de>
-Date: Fri, 3 Feb 2017 10:49:17 +0100
-Subject: [PATCH 046/251] mtd: pmcmsp: use kstrndup instead of kmalloc+strncpy
-Content-Length: 1377
-Lines: 40
-
-commit 906b268477bc03daaa04f739844c120fe4dbc991 upstream.
-
-kernelci.org reports a warning for this driver, as it copies a local
-variable into a 'const char *' string:
-
- drivers/mtd/maps/pmcmsp-flash.c:149:30: warning: passing argument 1 of 'strncpy' discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers]
-
-Using kstrndup() simplifies the code and avoids the warning.
-
-Signed-off-by: Arnd Bergmann <arnd@arndb.de>
-Acked-by: Marek Vasut <marek.vasut@gmail.com>
-Signed-off-by: Brian Norris <computersforpeace@gmail.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/mtd/maps/pmcmsp-flash.c | 4 +---
- 1 file changed, 1 insertion(+), 3 deletions(-)
-
-diff --git a/drivers/mtd/maps/pmcmsp-flash.c b/drivers/mtd/maps/pmcmsp-flash.c
-index f9fa3fad728e..2051f28ddac6 100644
---- a/drivers/mtd/maps/pmcmsp-flash.c
-+++ b/drivers/mtd/maps/pmcmsp-flash.c
-@@ -139,15 +139,13 @@ static int __init init_msp_flash(void)
- }
-
- msp_maps[i].bankwidth = 1;
-- msp_maps[i].name = kmalloc(7, GFP_KERNEL);
-+ msp_maps[i].name = kstrndup(flash_name, 7, GFP_KERNEL);
- if (!msp_maps[i].name) {
- iounmap(msp_maps[i].virt);
- kfree(msp_parts[i]);
- goto cleanup_loop;
- }
-
-- msp_maps[i].name = strncpy(msp_maps[i].name, flash_name, 7);
--
- for (j = 0; j < pcnt; j++) {
- part_name[5] = '0' + i;
- part_name[7] = '0' + j;
---
-2.12.2
-
From 4b91e7a2a9a78b161caebfa5fcf6372a40161699 Mon Sep 17 00:00:00 2001
From: John Crispin <john@phrozen.org>
Date: Tue, 20 Dec 2016 19:12:46 +0100
commit bf7165cfa23695c51998231c4efa080fe1d3548d upstream.
-There are several trace include files that define TRACE_INCLUDE_FILE.
-
-Include several of them in the same .c file (as I currently have in
-some code I am working on), and the compile will blow up with a
-"warning: "TRACE_INCLUDE_FILE" redefined #define TRACE_INCLUDE_FILE syscalls"
-
-Every other include file in include/trace/events/ avoids that issue
-by having a #undef TRACE_INCLUDE_FILE before the #define; syscalls.h
-should have one, too.
-
-Link: http://lkml.kernel.org/r/20160928225554.13bd7ac6@annuminas.surriel.com
-
-Fixes: b8007ef74222 ("tracing: Separate raw syscall from syscall tracer")
-Signed-off-by: Rik van Riel <riel@redhat.com>
-Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- include/trace/events/syscalls.h | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/include/trace/events/syscalls.h b/include/trace/events/syscalls.h
-index 14e49c798135..b35533b94277 100644
---- a/include/trace/events/syscalls.h
-+++ b/include/trace/events/syscalls.h
-@@ -1,5 +1,6 @@
- #undef TRACE_SYSTEM
- #define TRACE_SYSTEM raw_syscalls
-+#undef TRACE_INCLUDE_FILE
- #define TRACE_INCLUDE_FILE syscalls
-
- #if !defined(_TRACE_EVENTS_SYSCALLS_H) || defined(TRACE_HEADER_MULTI_READ)
---
-2.12.2
-
-From 2ca39d1300152e70977797c3e39c105adfcc0e0b Mon Sep 17 00:00:00 2001
-From: Ravi Bangoria <ravi.bangoria@linux.vnet.ibm.com>
-Date: Tue, 14 Feb 2017 14:46:42 +0530
-Subject: [PATCH 054/251] powerpc: Emulation support for load/store
- instructions on LE
-Content-Length: 3197
-Lines: 106
-
-commit e148bd17f48bd17fca2f4f089ec879fa6e47e34c upstream.
-
-emulate_step() uses a number of underlying kernel functions that were
-initially not enabled for LE. This has been rectified since. So, fix
-emulate_step() for LE for the corresponding instructions.
-
-Reported-by: Anton Blanchard <anton@samba.org>
-Signed-off-by: Ravi Bangoria <ravi.bangoria@linux.vnet.ibm.com>
-Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- arch/powerpc/lib/sstep.c | 20 --------------------
- 1 file changed, 20 deletions(-)
-
-diff --git a/arch/powerpc/lib/sstep.c b/arch/powerpc/lib/sstep.c
-index dc885b30f7a6..4014881e9843 100644
---- a/arch/powerpc/lib/sstep.c
-+++ b/arch/powerpc/lib/sstep.c
-@@ -1806,8 +1806,6 @@ int __kprobes emulate_step(struct pt_regs *regs, unsigned int instr)
- goto instr_done;
-
- case LARX:
-- if (regs->msr & MSR_LE)
-- return 0;
- if (op.ea & (size - 1))
- break; /* can't handle misaligned */
- err = -EFAULT;
-@@ -1829,8 +1827,6 @@ int __kprobes emulate_step(struct pt_regs *regs, unsigned int instr)
- goto ldst_done;
-
- case STCX:
-- if (regs->msr & MSR_LE)
-- return 0;
- if (op.ea & (size - 1))
- break; /* can't handle misaligned */
- err = -EFAULT;
-@@ -1854,8 +1850,6 @@ int __kprobes emulate_step(struct pt_regs *regs, unsigned int instr)
- goto ldst_done;
-
- case LOAD:
-- if (regs->msr & MSR_LE)
-- return 0;
- err = read_mem(®s->gpr[op.reg], op.ea, size, regs);
- if (!err) {
- if (op.type & SIGNEXT)
-@@ -1867,8 +1861,6 @@ int __kprobes emulate_step(struct pt_regs *regs, unsigned int instr)
-
- #ifdef CONFIG_PPC_FPU
- case LOAD_FP:
-- if (regs->msr & MSR_LE)
-- return 0;
- if (size == 4)
- err = do_fp_load(op.reg, do_lfs, op.ea, size, regs);
- else
-@@ -1877,15 +1869,11 @@ int __kprobes emulate_step(struct pt_regs *regs, unsigned int instr)
- #endif
- #ifdef CONFIG_ALTIVEC
- case LOAD_VMX:
-- if (regs->msr & MSR_LE)
-- return 0;
- err = do_vec_load(op.reg, do_lvx, op.ea & ~0xfUL, regs);
- goto ldst_done;
- #endif
- #ifdef CONFIG_VSX
- case LOAD_VSX:
-- if (regs->msr & MSR_LE)
-- return 0;
- err = do_vsx_load(op.reg, do_lxvd2x, op.ea, regs);
- goto ldst_done;
- #endif
-@@ -1908,8 +1896,6 @@ int __kprobes emulate_step(struct pt_regs *regs, unsigned int instr)
- goto instr_done;
-
- case STORE:
-- if (regs->msr & MSR_LE)
-- return 0;
- if ((op.type & UPDATE) && size == sizeof(long) &&
- op.reg == 1 && op.update_reg == 1 &&
- !(regs->msr & MSR_PR) &&
-@@ -1922,8 +1908,6 @@ int __kprobes emulate_step(struct pt_regs *regs, unsigned int instr)
-
- #ifdef CONFIG_PPC_FPU
- case STORE_FP:
-- if (regs->msr & MSR_LE)
-- return 0;
- if (size == 4)
- err = do_fp_store(op.reg, do_stfs, op.ea, size, regs);
- else
-@@ -1932,15 +1916,11 @@ int __kprobes emulate_step(struct pt_regs *regs, unsigned int instr)
- #endif
- #ifdef CONFIG_ALTIVEC
- case STORE_VMX:
-- if (regs->msr & MSR_LE)
-- return 0;
- err = do_vec_store(op.reg, do_stvx, op.ea & ~0xfUL, regs);
- goto ldst_done;
- #endif
- #ifdef CONFIG_VSX
- case STORE_VSX:
-- if (regs->msr & MSR_LE)
-- return 0;
- err = do_vsx_store(op.reg, do_stxvd2x, op.ea, regs);
- goto ldst_done;
- #endif
---
-2.12.2
-
-From f47b97f2cdaa42b211299bac93d0a2ba0f617b9e Mon Sep 17 00:00:00 2001
-From: Peter Chen <peter.chen@nxp.com>
-Date: Tue, 28 Feb 2017 14:25:45 +0800
-Subject: [PATCH 055/251] usb: gadget: dummy_hcd: clear usb_gadget region
- before registration
-Content-Length: 4651
-Lines: 77
-
-commit 5bbc852676ae08e818241cf66a3ffe4be44225c4 upstream.
-
-When the user does device unbind and rebind test, the kernel will
-show below dump due to usb_gadget memory region is dirty after unbind.
-Clear usb_gadget region for every new probe.
-
-root@imx6qdlsolo:/sys/bus/platform/drivers/dummy_udc# echo dummy_udc.0 > bind
-[ 102.523312] kobject (eddd78b0): tried to init an initialized object, something is seriously wrong.
-[ 102.532447] CPU: 0 PID: 734 Comm: sh Not tainted 4.10.0-rc7-00872-g1b2b8e9 #1298
-[ 102.539866] Hardware name: Freescale i.MX6 SoloX (Device Tree)
-[ 102.545717] Backtrace:
-[ 102.548225] [<c010d090>] (dump_backtrace) from [<c010d338>] (show_stack+0x18/0x1c)
-[ 102.555822] r7:ede34000 r6:60010013 r5:00000000 r4:c0f29418
-[ 102.561512] [<c010d320>] (show_stack) from [<c040c2a4>] (dump_stack+0xb4/0xe8)
-[ 102.568764] [<c040c1f0>] (dump_stack) from [<c040e6d4>] (kobject_init+0x80/0x9c)
-[ 102.576187] r10:0000001f r9:eddd7000 r8:eeaf8c10 r7:eddd78a8 r6:c177891c r5:c0f3b060
-[ 102.584036] r4:eddd78b0 r3:00000000
-[ 102.587641] [<c040e654>] (kobject_init) from [<c05359a4>] (device_initialize+0x28/0xf8)
-[ 102.595665] r5:eebc4800 r4:eddd78a8
-[ 102.599268] [<c053597c>] (device_initialize) from [<c05382ac>] (device_register+0x14/0x20)
-[ 102.607556] r7:eddd78a8 r6:00000000 r5:eebc4800 r4:eddd78a8
-[ 102.613256] [<c0538298>] (device_register) from [<c0668ef4>] (usb_add_gadget_udc_release+0x8c/0x1ec)
-[ 102.622410] r5:eebc4800 r4:eddd7860
-[ 102.626015] [<c0668e68>] (usb_add_gadget_udc_release) from [<c0669068>] (usb_add_gadget_udc+0x14/0x18)
-[ 102.635351] r10:0000001f r9:eddd7000 r8:eddd788c r7:bf003770 r6:eddd77f8 r5:eddd7818
-[ 102.643198] r4:eddd785c r3:eddd7b24
-[ 102.646834] [<c0669054>] (usb_add_gadget_udc) from [<bf003428>] (dummy_udc_probe+0x170/0x1c4 [dummy_hcd])
-[ 102.656458] [<bf0032b8>] (dummy_udc_probe [dummy_hcd]) from [<c053d114>] (platform_drv_probe+0x54/0xb8)
-[ 102.665881] r10:00000008 r9:c1778960 r8:bf004128 r7:fffffdfb r6:bf004128 r5:eeaf8c10
-[ 102.673727] r4:eeaf8c10
-[ 102.676293] [<c053d0c0>] (platform_drv_probe) from [<c053b160>] (driver_probe_device+0x264/0x474)
-[ 102.685186] r7:00000000 r6:00000000 r5:c1778960 r4:eeaf8c10
-[ 102.690876] [<c053aefc>] (driver_probe_device) from [<c05397c4>] (bind_store+0xb8/0x14c)
-[ 102.698994] r10:eeb3bb4c r9:ede34000 r8:0000000c r7:eeaf8c44 r6:bf004128 r5:c0f3b668
-[ 102.706840] r4:eeaf8c10
-[ 102.709402] [<c053970c>] (bind_store) from [<c0538ca8>] (drv_attr_store+0x28/0x34)
-[ 102.716998] r9:ede34000 r8:00000000 r7:ee3863c0 r6:ee3863c0 r5:c0538c80 r4:c053970c
-[ 102.724776] [<c0538c80>] (drv_attr_store) from [<c029c930>] (sysfs_kf_write+0x50/0x54)
-[ 102.732711] r5:c0538c80 r4:0000000c
-[ 102.736313] [<c029c8e0>] (sysfs_kf_write) from [<c029be84>] (kernfs_fop_write+0x100/0x214)
-[ 102.744599] r7:ee3863c0 r6:eeb3bb40 r5:00000000 r4:00000000
-[ 102.750287] [<c029bd84>] (kernfs_fop_write) from [<c0222dd8>] (__vfs_write+0x34/0x120)
-[ 102.758231] r10:00000000 r9:ede34000 r8:c0108bc4 r7:0000000c r6:ede35f80 r5:c029bd84
-[ 102.766077] r4:ee223780
-[ 102.768638] [<c0222da4>] (__vfs_write) from [<c0224678>] (vfs_write+0xa8/0x170)
-[ 102.775974] r9:ede34000 r8:c0108bc4 r7:ede35f80 r6:01861cb0 r5:ee223780 r4:0000000c
-[ 102.783743] [<c02245d0>] (vfs_write) from [<c0225498>] (SyS_write+0x4c/0xa8)
-[ 102.790818] r9:ede34000 r8:c0108bc4 r7:0000000c r6:01861cb0 r5:ee223780 r4:ee223780
-[ 102.798595] [<c022544c>] (SyS_write) from [<c0108a20>] (ret_fast_syscall+0x0/0x1c)
-[ 102.806188] r7:00000004 r6:b6e83d58 r5:01861cb0 r4:0000000c
-
-Fixes: 90fccb529d24 ("usb: gadget: Gadget directory cleanup - group UDC drivers")
-Acked-by: Alan Stern <stern@rowland.harvard.edu>
-Signed-off-by: Peter Chen <peter.chen@nxp.com>
-Tested-by: Xiaolong Ye <xiaolong.ye@intel.com>
-Reported-by: Fengguang Wu <fengguang.wu@intel.com>
-Signed-off-by: Felipe Balbi <felipe.balbi@linux.intel.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/usb/gadget/udc/dummy_hcd.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/drivers/usb/gadget/udc/dummy_hcd.c b/drivers/usb/gadget/udc/dummy_hcd.c
-index 22d067cd5aa3..6610f7a023d3 100644
---- a/drivers/usb/gadget/udc/dummy_hcd.c
-+++ b/drivers/usb/gadget/udc/dummy_hcd.c
-@@ -1033,6 +1033,8 @@ static int dummy_udc_probe(struct platform_device *pdev)
- int rc;
-
- dum = *((void **)dev_get_platdata(&pdev->dev));
-+ /* Clear usb_gadget region for new registration to udc-core */
-+ memzero_explicit(&dum->gadget, sizeof(struct usb_gadget));
- dum->gadget.name = gadget_name;
- dum->gadget.ops = &dummy_ops;
- dum->gadget.max_speed = USB_SPEED_SUPER;
---
-2.12.2
-
-From 10af2485650387d928ad00ec7843d66b5b2a705f Mon Sep 17 00:00:00 2001
-From: Felipe Balbi <felipe.balbi@linux.intel.com>
-Date: Tue, 31 Jan 2017 13:24:54 +0200
-Subject: [PATCH 056/251] usb: dwc3: gadget: make Set Endpoint Configuration
- macros safe
-Content-Length: 2326
-Lines: 57
-
-commit 7369090a9fb57c3fc705ce355d2e4523a5a24716 upstream.
-
-Some gadget drivers are bad, bad boys. We notice
-that ADB was passing bad Burst Size which caused top
-bits of param0 to be overwritten which confused DWC3
-when running this command.
-
-In order to avoid future issues, we're going to make
-sure values passed by macros are always safe for the
-controller. Note that ADB still needs a fix to *not*
-pass bad values.
-
-Reported-by: Mohamed Abbas <mohamed.abbas@intel.com>
-Sugested-by: Adam Andruszak <adam.andruszak@intel.com>
-Signed-off-by: Felipe Balbi <felipe.balbi@linux.intel.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/usb/dwc3/gadget.h | 14 +++++++-------
- 1 file changed, 7 insertions(+), 7 deletions(-)
-
-diff --git a/drivers/usb/dwc3/gadget.h b/drivers/usb/dwc3/gadget.h
-index 18ae3eaa8b6f..ccd9694f8e36 100644
---- a/drivers/usb/dwc3/gadget.h
-+++ b/drivers/usb/dwc3/gadget.h
-@@ -28,23 +28,23 @@ struct dwc3;
- #define gadget_to_dwc(g) (container_of(g, struct dwc3, gadget))
-
- /* DEPCFG parameter 1 */
--#define DWC3_DEPCFG_INT_NUM(n) ((n) << 0)
-+#define DWC3_DEPCFG_INT_NUM(n) (((n) & 0x1f) << 0)
- #define DWC3_DEPCFG_XFER_COMPLETE_EN (1 << 8)
- #define DWC3_DEPCFG_XFER_IN_PROGRESS_EN (1 << 9)
- #define DWC3_DEPCFG_XFER_NOT_READY_EN (1 << 10)
- #define DWC3_DEPCFG_FIFO_ERROR_EN (1 << 11)
- #define DWC3_DEPCFG_STREAM_EVENT_EN (1 << 13)
--#define DWC3_DEPCFG_BINTERVAL_M1(n) ((n) << 16)
-+#define DWC3_DEPCFG_BINTERVAL_M1(n) (((n) & 0xff) << 16)
- #define DWC3_DEPCFG_STREAM_CAPABLE (1 << 24)
--#define DWC3_DEPCFG_EP_NUMBER(n) ((n) << 25)
-+#define DWC3_DEPCFG_EP_NUMBER(n) (((n) & 0x1f) << 25)
- #define DWC3_DEPCFG_BULK_BASED (1 << 30)
- #define DWC3_DEPCFG_FIFO_BASED (1 << 31)
-
- /* DEPCFG parameter 0 */
--#define DWC3_DEPCFG_EP_TYPE(n) ((n) << 1)
--#define DWC3_DEPCFG_MAX_PACKET_SIZE(n) ((n) << 3)
--#define DWC3_DEPCFG_FIFO_NUMBER(n) ((n) << 17)
--#define DWC3_DEPCFG_BURST_SIZE(n) ((n) << 22)
-+#define DWC3_DEPCFG_EP_TYPE(n) (((n) & 0x3) << 1)
-+#define DWC3_DEPCFG_MAX_PACKET_SIZE(n) (((n) & 0x7ff) << 3)
-+#define DWC3_DEPCFG_FIFO_NUMBER(n) (((n) & 0x1f) << 17)
-+#define DWC3_DEPCFG_BURST_SIZE(n) (((n) & 0xf) << 22)
- #define DWC3_DEPCFG_DATA_SEQ_NUM(n) ((n) << 26)
- /* This applies for core versions earlier than 1.94a */
- #define DWC3_DEPCFG_IGN_SEQ_NUM (1 << 31)
---
-2.12.2
-
-From 4a1a3bb70fb4255a9f6052eb86db1ff2140255a6 Mon Sep 17 00:00:00 2001
-From: Felipe Balbi <felipe.balbi@linux.intel.com>
-Date: Tue, 31 Jan 2017 14:54:45 +0200
-Subject: [PATCH 057/251] usb: gadget: function: f_fs: pass companion
- descriptor along
-Content-Length: 1743
-Lines: 53
-
-commit 2bfa0719ac2a9b2f3c91345873d3cdebd0296ba9 upstream.
-
-If we're dealing with SuperSpeed endpoints, we need
-to make sure to pass along the companion descriptor
-and initialize fields needed by the Gadget
-API. Eventually, f_fs.c should be converted to use
-config_ep_by_speed() like all other functions,
-though.
-
-Signed-off-by: Felipe Balbi <felipe.balbi@linux.intel.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/usb/gadget/function/f_fs.c | 15 +++++++++++++--
- 1 file changed, 13 insertions(+), 2 deletions(-)
-
-diff --git a/drivers/usb/gadget/function/f_fs.c b/drivers/usb/gadget/function/f_fs.c
-index cfda1a1c0ab6..9ad5145d3103 100644
---- a/drivers/usb/gadget/function/f_fs.c
-+++ b/drivers/usb/gadget/function/f_fs.c
-@@ -1643,11 +1643,14 @@ static int ffs_func_eps_enable(struct ffs_function *func)
- spin_lock_irqsave(&func->ffs->eps_lock, flags);
- do {
- struct usb_endpoint_descriptor *ds;
-+ struct usb_ss_ep_comp_descriptor *comp_desc = NULL;
-+ int needs_comp_desc = false;
- int desc_idx;
-
-- if (ffs->gadget->speed == USB_SPEED_SUPER)
-+ if (ffs->gadget->speed == USB_SPEED_SUPER) {
- desc_idx = 2;
-- else if (ffs->gadget->speed == USB_SPEED_HIGH)
-+ needs_comp_desc = true;
-+ } else if (ffs->gadget->speed == USB_SPEED_HIGH)
- desc_idx = 1;
- else
- desc_idx = 0;
-@@ -1664,6 +1667,14 @@ static int ffs_func_eps_enable(struct ffs_function *func)
-
- ep->ep->driver_data = ep;
- ep->ep->desc = ds;
-+
-+ comp_desc = (struct usb_ss_ep_comp_descriptor *)(ds +
-+ USB_DT_ENDPOINT_SIZE);
-+ ep->ep->maxburst = comp_desc->bMaxBurst + 1;
-+
-+ if (needs_comp_desc)
-+ ep->ep->comp_desc = comp_desc;
-+
- ret = usb_ep_enable(ep->ep);
- if (likely(!ret)) {
- epfile->ep = ep;
---
-2.12.2
-
-From 40c5634ffe3dd484d633dafc1d32e0c87d67d23a Mon Sep 17 00:00:00 2001
-From: Peter Chen <peter.chen@nxp.com>
-Date: Thu, 9 Mar 2017 15:39:36 +0200
-Subject: [PATCH 058/251] usb: host: xhci-dbg: HCIVERSION should be a binary
- number
-Content-Length: 1211
-Lines: 30
-
-commit f95e60a7dbecd2de816bb3ad517b3d4fbc20b507 upstream.
-
-According to xHCI spec, HCIVERSION containing a BCD encoding
-of the xHCI specification revision number, 0100h corresponds
-to xHCI version 1.0. Change "100" as "0x100".
-
-Cc: Lu Baolu <baolu.lu@linux.intel.com>
-Fixes: 04abb6de2825 ("xhci: Read and parse new xhci 1.1 capability register")
-Signed-off-by: Peter Chen <peter.chen@nxp.com>
-Signed-off-by: Mathias Nyman <mathias.nyman@linux.intel.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/usb/host/xhci-dbg.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/drivers/usb/host/xhci-dbg.c b/drivers/usb/host/xhci-dbg.c
-index 74c42f722678..3425154baf8b 100644
---- a/drivers/usb/host/xhci-dbg.c
-+++ b/drivers/usb/host/xhci-dbg.c
-@@ -111,7 +111,7 @@ static void xhci_print_cap_regs(struct xhci_hcd *xhci)
- xhci_dbg(xhci, "RTSOFF 0x%x:\n", temp & RTSOFF_MASK);
-
- /* xhci 1.1 controllers have the HCCPARAMS2 register */
-- if (hci_version > 100) {
-+ if (hci_version > 0x100) {
- temp = readl(&xhci->cap_regs->hcc_params2);
- xhci_dbg(xhci, "HCC PARAMS2 0x%x:\n", (unsigned int) temp);
- xhci_dbg(xhci, " HC %s Force save context capability",
---
-2.12.2
-
-From cf09c7d60ccc8189cd8e313ae83b8d377fa67359 Mon Sep 17 00:00:00 2001
-From: Guenter Roeck <linux@roeck-us.net>
-Date: Thu, 9 Mar 2017 15:39:37 +0200
-Subject: [PATCH 059/251] usb: host: xhci-plat: Fix timeout on removal of hot
- pluggable xhci controllers
-Content-Length: 1413
-Lines: 38
-
-commit dcc7620cad5ad1326a78f4031a7bf4f0e5b42984 upstream.
-
-Upstream commit 98d74f9ceaef ("xhci: fix 10 second timeout on removal of
-PCI hotpluggable xhci controllers") fixes a problem with hot pluggable PCI
-xhci controllers which can result in excessive timeouts, to the point where
-the system reports a deadlock.
-
-The same problem is seen with hot pluggable xhci controllers using the
-xhci-plat driver, such as the driver used for Type-C ports on rk3399.
-Similar to hot-pluggable PCI controllers, the driver for this chip
-removes the xhci controller from the system when the Type-C cable is
-disconnected.
-
-The solution for PCI devices works just as well for non-PCI devices
-and avoids the problem.
-
-Signed-off-by: Guenter Roeck <linux@roeck-us.net>
-Signed-off-by: Mathias Nyman <mathias.nyman@linux.intel.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/usb/host/xhci-plat.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/drivers/usb/host/xhci-plat.c b/drivers/usb/host/xhci-plat.c
-index 19cb32a65161..268829db9e88 100644
---- a/drivers/usb/host/xhci-plat.c
-+++ b/drivers/usb/host/xhci-plat.c
-@@ -213,6 +213,8 @@ static int xhci_plat_remove(struct platform_device *dev)
- struct xhci_hcd *xhci = hcd_to_xhci(hcd);
- struct clk *clk = xhci->clk;
-
-+ xhci->xhc_state |= XHCI_STATE_REMOVING;
-+
- usb_remove_hcd(xhci->shared_hcd);
- usb_phy_shutdown(hcd->usb_phy);
-
---
-2.12.2
-
-From 3cdc94638746eab168accf0f808a83e59fe1ca67 Mon Sep 17 00:00:00 2001
-From: Johan Hovold <johan@kernel.org>
-Date: Mon, 6 Mar 2017 17:36:41 +0100
-Subject: [PATCH 060/251] USB: serial: safe_serial: fix information leak in
- completion handler
-Content-Length: 1033
-Lines: 33
-
-commit 8c76d7cd520ebffc1ea9ea0850d87a224a50c7f2 upstream.
-
-Add missing sanity check to the bulk-in completion handler to avoid an
-integer underflow that could be triggered by a malicious device.
-
-This avoids leaking up to 56 bytes from after the URB transfer buffer to
-user space.
-
-Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
-Signed-off-by: Johan Hovold <johan@kernel.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/usb/serial/safe_serial.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/drivers/usb/serial/safe_serial.c b/drivers/usb/serial/safe_serial.c
-index b2dff0f14743..236ea43f7815 100644
---- a/drivers/usb/serial/safe_serial.c
-+++ b/drivers/usb/serial/safe_serial.c
-@@ -205,6 +205,11 @@ static void safe_process_read_urb(struct urb *urb)
- if (!safe)
- goto out;
-
-+ if (length < 2) {
-+ dev_err(&port->dev, "malformed packet\n");
-+ return;
-+ }
-+
- fcs = fcs_compute10(data, length, CRC10_INITFCS);
- if (fcs) {
- dev_err(&port->dev, "%s - bad CRC %x\n", __func__, fcs);
---
-2.12.2
-
-From 54f11a9662b632defe4d75c7574fddbc5c503c9c Mon Sep 17 00:00:00 2001
-From: Johan Hovold <johan@kernel.org>
-Date: Mon, 6 Mar 2017 17:36:38 +0100
-Subject: [PATCH 061/251] USB: serial: omninet: fix reference leaks at open
-Content-Length: 1124
-Lines: 33
-
-commit 30572418b445d85fcfe6c8fe84c947d2606767d8 upstream.
-
-This driver needlessly took another reference to the tty on open, a
-reference which was then never released on close. This lead to not just
-a leak of the tty, but also a driver reference leak that prevented the
-driver from being unloaded after a port had once been opened.
-
-Fixes: 4a90f09b20f4 ("tty: usb-serial krefs")
-Signed-off-by: Johan Hovold <johan@kernel.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/usb/serial/omninet.c | 6 ------
- 1 file changed, 6 deletions(-)
-
-diff --git a/drivers/usb/serial/omninet.c b/drivers/usb/serial/omninet.c
-index a180b17d2432..76564b3bebb9 100644
---- a/drivers/usb/serial/omninet.c
-+++ b/drivers/usb/serial/omninet.c
-@@ -142,12 +142,6 @@ static int omninet_port_remove(struct usb_serial_port *port)
-
- static int omninet_open(struct tty_struct *tty, struct usb_serial_port *port)
- {
-- struct usb_serial *serial = port->serial;
-- struct usb_serial_port *wport;
--
-- wport = serial->port[1];
-- tty_port_tty_set(&wport->port, tty);
--
- return usb_serial_generic_open(tty, port);
- }
-
---
-2.12.2
-
-From 179295c38d23874357ca75af104fd6f1fe769cfd Mon Sep 17 00:00:00 2001
-From: Johan Hovold <johan@kernel.org>
-Date: Tue, 7 Mar 2017 16:11:03 +0100
-Subject: [PATCH 062/251] USB: iowarrior: fix NULL-deref at probe
-Content-Length: 1947
-Lines: 51
-
-commit b7321e81fc369abe353cf094d4f0dc2fe11ab95f upstream.
-
-Make sure to check for the required interrupt-in endpoint to avoid
-dereferencing a NULL-pointer should a malicious device lack such an
-endpoint.
-
-Note that a fairly recent change purported to fix this issue, but added
-an insufficient test on the number of endpoints only, a test which can
-now be removed.
-
-Fixes: 4ec0ef3a8212 ("USB: iowarrior: fix oops with malicious USB descriptors")
-Fixes: 946b960d13c1 ("USB: add driver for iowarrior devices.")
-Signed-off-by: Johan Hovold <johan@kernel.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/usb/misc/iowarrior.c | 13 +++++++------
- 1 file changed, 7 insertions(+), 6 deletions(-)
-
-diff --git a/drivers/usb/misc/iowarrior.c b/drivers/usb/misc/iowarrior.c
-index 1950e87b4219..e4d17878743e 100644
---- a/drivers/usb/misc/iowarrior.c
-+++ b/drivers/usb/misc/iowarrior.c
-@@ -787,12 +787,6 @@ static int iowarrior_probe(struct usb_interface *interface,
- iface_desc = interface->cur_altsetting;
- dev->product_id = le16_to_cpu(udev->descriptor.idProduct);
-
-- if (iface_desc->desc.bNumEndpoints < 1) {
-- dev_err(&interface->dev, "Invalid number of endpoints\n");
-- retval = -EINVAL;
-- goto error;
-- }
--
- /* set up the endpoint information */
- for (i = 0; i < iface_desc->desc.bNumEndpoints; ++i) {
- endpoint = &iface_desc->endpoint[i].desc;
-@@ -803,6 +797,13 @@ static int iowarrior_probe(struct usb_interface *interface,
- /* this one will match for the IOWarrior56 only */
- dev->int_out_endpoint = endpoint;
- }
-+
-+ if (!dev->int_in_endpoint) {
-+ dev_err(&interface->dev, "no interrupt-in endpoint found\n");
-+ retval = -ENODEV;
-+ goto error;
-+ }
-+
- /* we have to check the report_size often, so remember it in the endianness suitable for our machine */
- dev->report_size = usb_endpoint_maxp(dev->int_in_endpoint);
- if ((dev->interface->cur_altsetting->desc.bInterfaceNumber == 0) &&
---
-2.12.2
-
-From 6498086195b9d6939293d35e93b804228158eb7f Mon Sep 17 00:00:00 2001
-From: Johan Hovold <johan@kernel.org>
-Date: Tue, 7 Mar 2017 16:11:04 +0100
-Subject: [PATCH 063/251] USB: iowarrior: fix NULL-deref in write
-Content-Length: 1244
-Lines: 34
-
-commit de46e56653de7b3b54baa625bd582635008b8d05 upstream.
-
-Make sure to verify that we have the required interrupt-out endpoint for
-IOWarrior56 devices to avoid dereferencing a NULL-pointer in write
-should a malicious device lack such an endpoint.
-
-Fixes: 946b960d13c1 ("USB: add driver for iowarrior devices.")
-Signed-off-by: Johan Hovold <johan@kernel.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/usb/misc/iowarrior.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/drivers/usb/misc/iowarrior.c b/drivers/usb/misc/iowarrior.c
-index e4d17878743e..775690bed4c0 100644
---- a/drivers/usb/misc/iowarrior.c
-+++ b/drivers/usb/misc/iowarrior.c
-@@ -804,6 +804,14 @@ static int iowarrior_probe(struct usb_interface *interface,
- goto error;
- }
-
-+ if (dev->product_id == USB_DEVICE_ID_CODEMERCS_IOW56) {
-+ if (!dev->int_out_endpoint) {
-+ dev_err(&interface->dev, "no interrupt-out endpoint found\n");
-+ retval = -ENODEV;
-+ goto error;
-+ }
-+ }
-+
- /* we have to check the report_size often, so remember it in the endianness suitable for our machine */
- dev->report_size = usb_endpoint_maxp(dev->int_in_endpoint);
- if ((dev->interface->cur_altsetting->desc.bInterfaceNumber == 0) &&
---
-2.12.2
-
-From e71c7bad68449a59e4e411257420916397cdff85 Mon Sep 17 00:00:00 2001
-From: Johan Hovold <johan@kernel.org>
-Date: Mon, 6 Mar 2017 17:36:37 +0100
-Subject: [PATCH 064/251] USB: serial: io_ti: fix NULL-deref in interrupt
- callback
-Content-Length: 1115
-Lines: 32
-
-commit 0b1d250afb8eb9d65afb568bac9b9f9253a82b49 upstream.
-
-Fix a NULL-pointer dereference in the interrupt callback should a
-malicious device send data containing a bad port number by adding the
-missing sanity check.
-
-Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
-Signed-off-by: Johan Hovold <johan@kernel.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/usb/serial/io_ti.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/drivers/usb/serial/io_ti.c b/drivers/usb/serial/io_ti.c
-index c02808a30436..67d68b502a51 100644
---- a/drivers/usb/serial/io_ti.c
-+++ b/drivers/usb/serial/io_ti.c
-@@ -1674,6 +1674,12 @@ static void edge_interrupt_callback(struct urb *urb)
- function = TIUMP_GET_FUNC_FROM_CODE(data[0]);
- dev_dbg(dev, "%s - port_number %d, function %d, info 0x%x\n", __func__,
- port_number, function, data[1]);
-+
-+ if (port_number >= edge_serial->serial->num_ports) {
-+ dev_err(dev, "bad port number %d\n", port_number);
-+ goto exit;
-+ }
-+
- port = edge_serial->serial->port[port_number];
- edge_port = usb_get_serial_port_data(port);
- if (!edge_port) {
---
-2.12.2
-
-From 72bb2b96b8568a74f28e2a2c39e005583595b2c2 Mon Sep 17 00:00:00 2001
-From: Johan Hovold <johan@kernel.org>
-Date: Mon, 6 Mar 2017 17:36:40 +0100
-Subject: [PATCH 065/251] USB: serial: io_ti: fix information leak in
- completion handler
-Content-Length: 1156
-Lines: 31
-
-commit 654b404f2a222f918af9b0cd18ad469d0c941a8e upstream.
-
-Add missing sanity check to the bulk-in completion handler to avoid an
-integer underflow that can be triggered by a malicious device.
-
-This avoids leaking 128 kB of memory content from after the URB transfer
-buffer to user space.
-
-Fixes: 8c209e6782ca ("USB: make actual_length in struct urb field u32")
-Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
-Signed-off-by: Johan Hovold <johan@kernel.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/usb/serial/io_ti.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/drivers/usb/serial/io_ti.c b/drivers/usb/serial/io_ti.c
-index 67d68b502a51..f1a8fdcd8674 100644
---- a/drivers/usb/serial/io_ti.c
-+++ b/drivers/usb/serial/io_ti.c
-@@ -1761,7 +1761,7 @@ static void edge_bulk_in_callback(struct urb *urb)
-
- port_number = edge_port->port->port_number;
-
-- if (edge_port->lsr_event) {
-+ if (urb->actual_length > 0 && edge_port->lsr_event) {
- edge_port->lsr_event = 0;
- dev_dbg(dev, "%s ===== Port %u LSR Status = %02x, Data = %02x ======\n",
- __func__, port_number, edge_port->lsr_mask, *data);
---
-2.12.2
-
-From 72ca0ab30680571295c97b6a0d87b56d1212c417 Mon Sep 17 00:00:00 2001
-From: Krzysztof Kozlowski <krzk@kernel.org>
-Date: Sat, 25 Feb 2017 18:36:44 +0200
-Subject: [PATCH 066/251] serial: samsung: Continue to work if DMA request
- fails
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-Content-Length: 1564
-Lines: 42
-
-commit f98c7bce570bdbe344b74ff5daa7dfeef3f22929 upstream.
+There are several trace include files that define TRACE_INCLUDE_FILE.
-If DMA is not available (even when configured in DeviceTree), the driver
-will fail the startup procedure thus making serial console not
-available.
+Include several of them in the same .c file (as I currently have in
+some code I am working on), and the compile will blow up with a
+"warning: "TRACE_INCLUDE_FILE" redefined #define TRACE_INCLUDE_FILE syscalls"
-For example this causes boot failure on QEMU ARMv7 (Exynos4210, SMDKC210):
- [ Â Â 1.302575] OF: amba_device_add() failed (-19) for /amba/pdma@12680000
- ...
- [ Â 11.435732] samsung-uart 13800000.serial: DMA request failed
- [ Â 72.963893] samsung-uart 13800000.serial: DMA request failed
- [ Â 73.143361] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000000
+Every other include file in include/trace/events/ avoids that issue
+by having a #undef TRACE_INCLUDE_FILE before the #define; syscalls.h
+should have one, too.
-DMA is not necessary for serial to work, so continue with UART startup
-after emitting a warning.
+Link: http://lkml.kernel.org/r/20160928225554.13bd7ac6@annuminas.surriel.com
-Fixes: 62c37eedb74c ("serial: samsung: add dma reqest/release functions")
-Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
+Fixes: b8007ef74222 ("tracing: Separate raw syscall from syscall tracer")
+Signed-off-by: Rik van Riel <riel@redhat.com>
+Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
- drivers/tty/serial/samsung.c | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
+ include/trace/events/syscalls.h | 1 +
+ 1 file changed, 1 insertion(+)
-diff --git a/drivers/tty/serial/samsung.c b/drivers/tty/serial/samsung.c
-index 237ef5573c18..6deb06147202 100644
---- a/drivers/tty/serial/samsung.c
-+++ b/drivers/tty/serial/samsung.c
-@@ -1030,8 +1030,10 @@ static int s3c64xx_serial_startup(struct uart_port *port)
- if (ourport->dma) {
- ret = s3c24xx_serial_request_dma(ourport);
- if (ret < 0) {
-- dev_warn(port->dev, "DMA request failed\n");
-- return ret;
-+ dev_warn(port->dev,
-+ "DMA request failed, DMA will not be used\n");
-+ devm_kfree(port->dev, ourport->dma);
-+ ourport->dma = NULL;
- }
- }
+diff --git a/include/trace/events/syscalls.h b/include/trace/events/syscalls.h
+index 14e49c798135..b35533b94277 100644
+--- a/include/trace/events/syscalls.h
++++ b/include/trace/events/syscalls.h
+@@ -1,5 +1,6 @@
+ #undef TRACE_SYSTEM
+ #define TRACE_SYSTEM raw_syscalls
++#undef TRACE_INCLUDE_FILE
+ #define TRACE_INCLUDE_FILE syscalls
+ #if !defined(_TRACE_EVENTS_SYSCALLS_H) || defined(TRACE_HEADER_MULTI_READ)
--
2.12.2
-From 61fbad6a28fd3c80567cc615e2de6bd6476ab60c Mon Sep 17 00:00:00 2001
-From: Luis de Bethencourt <luisbg@osg.samsung.com>
-Date: Mon, 30 Nov 2015 14:32:17 +0000
-Subject: [PATCH 067/251] mvsas: fix misleading indentation
-Content-Length: 1232
-Lines: 34
-
-commit 7789cd39274c51bf475411fe22a8ee7255082809 upstream.
+From 2ca39d1300152e70977797c3e39c105adfcc0e0b Mon Sep 17 00:00:00 2001
+From: Ravi Bangoria <ravi.bangoria@linux.vnet.ibm.com>
+Date: Tue, 14 Feb 2017 14:46:42 +0530
+Subject: [PATCH 054/251] powerpc: Emulation support for load/store
+ instructions on LE
+Content-Length: 3197
+Lines: 106
-Fix a smatch warning:
-drivers/scsi/mvsas/mv_sas.c:740 mvs_task_prep() warn: curly braces intended?
+commit e148bd17f48bd17fca2f4f089ec879fa6e47e34c upstream.
-The code is correct, the indention is misleading. When the device is not
-ready we want to return SAS_PHY_DOWN. But current indentation makes it
-look like we only do so in the else branch of if (mvi_dev).
+emulate_step() uses a number of underlying kernel functions that were
+initially not enabled for LE. This has been rectified since. So, fix
+emulate_step() for LE for the corresponding instructions.
-Signed-off-by: Luis de Bethencourt <luisbg@osg.samsung.com>
-Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
-Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
+Reported-by: Anton Blanchard <anton@samba.org>
+Signed-off-by: Ravi Bangoria <ravi.bangoria@linux.vnet.ibm.com>
+Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
- drivers/scsi/mvsas/mv_sas.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
+ arch/powerpc/lib/sstep.c | 20 --------------------
+ 1 file changed, 20 deletions(-)
-diff --git a/drivers/scsi/mvsas/mv_sas.c b/drivers/scsi/mvsas/mv_sas.c
-index 9c780740fb82..e712fe745955 100644
---- a/drivers/scsi/mvsas/mv_sas.c
-+++ b/drivers/scsi/mvsas/mv_sas.c
-@@ -737,8 +737,8 @@ static int mvs_task_prep(struct sas_task *task, struct mvs_info *mvi, int is_tmf
- mv_dprintk("device %016llx not ready.\n",
- SAS_ADDR(dev->sas_addr));
-
-- rc = SAS_PHY_DOWN;
-- return rc;
-+ rc = SAS_PHY_DOWN;
-+ return rc;
- }
- tei.port = dev->port->lldd_port;
- if (tei.port && !tei.port->port_attached && !tmf) {
+diff --git a/arch/powerpc/lib/sstep.c b/arch/powerpc/lib/sstep.c
+index dc885b30f7a6..4014881e9843 100644
+--- a/arch/powerpc/lib/sstep.c
++++ b/arch/powerpc/lib/sstep.c
+@@ -1806,8 +1806,6 @@ int __kprobes emulate_step(struct pt_regs *regs, unsigned int instr)
+ goto instr_done;
+
+ case LARX:
+- if (regs->msr & MSR_LE)
+- return 0;
+ if (op.ea & (size - 1))
+ break; /* can't handle misaligned */
+ err = -EFAULT;
+@@ -1829,8 +1827,6 @@ int __kprobes emulate_step(struct pt_regs *regs, unsigned int instr)
+ goto ldst_done;
+
+ case STCX:
+- if (regs->msr & MSR_LE)
+- return 0;
+ if (op.ea & (size - 1))
+ break; /* can't handle misaligned */
+ err = -EFAULT;
+@@ -1854,8 +1850,6 @@ int __kprobes emulate_step(struct pt_regs *regs, unsigned int instr)
+ goto ldst_done;
+
+ case LOAD:
+- if (regs->msr & MSR_LE)
+- return 0;
+ err = read_mem(®s->gpr[op.reg], op.ea, size, regs);
+ if (!err) {
+ if (op.type & SIGNEXT)
+@@ -1867,8 +1861,6 @@ int __kprobes emulate_step(struct pt_regs *regs, unsigned int instr)
+
+ #ifdef CONFIG_PPC_FPU
+ case LOAD_FP:
+- if (regs->msr & MSR_LE)
+- return 0;
+ if (size == 4)
+ err = do_fp_load(op.reg, do_lfs, op.ea, size, regs);
+ else
+@@ -1877,15 +1869,11 @@ int __kprobes emulate_step(struct pt_regs *regs, unsigned int instr)
+ #endif
+ #ifdef CONFIG_ALTIVEC
+ case LOAD_VMX:
+- if (regs->msr & MSR_LE)
+- return 0;
+ err = do_vec_load(op.reg, do_lvx, op.ea & ~0xfUL, regs);
+ goto ldst_done;
+ #endif
+ #ifdef CONFIG_VSX
+ case LOAD_VSX:
+- if (regs->msr & MSR_LE)
+- return 0;
+ err = do_vsx_load(op.reg, do_lxvd2x, op.ea, regs);
+ goto ldst_done;
+ #endif
+@@ -1908,8 +1896,6 @@ int __kprobes emulate_step(struct pt_regs *regs, unsigned int instr)
+ goto instr_done;
+
+ case STORE:
+- if (regs->msr & MSR_LE)
+- return 0;
+ if ((op.type & UPDATE) && size == sizeof(long) &&
+ op.reg == 1 && op.update_reg == 1 &&
+ !(regs->msr & MSR_PR) &&
+@@ -1922,8 +1908,6 @@ int __kprobes emulate_step(struct pt_regs *regs, unsigned int instr)
+
+ #ifdef CONFIG_PPC_FPU
+ case STORE_FP:
+- if (regs->msr & MSR_LE)
+- return 0;
+ if (size == 4)
+ err = do_fp_store(op.reg, do_stfs, op.ea, size, regs);
+ else
+@@ -1932,15 +1916,11 @@ int __kprobes emulate_step(struct pt_regs *regs, unsigned int instr)
+ #endif
+ #ifdef CONFIG_ALTIVEC
+ case STORE_VMX:
+- if (regs->msr & MSR_LE)
+- return 0;
+ err = do_vec_store(op.reg, do_stvx, op.ea & ~0xfUL, regs);
+ goto ldst_done;
+ #endif
+ #ifdef CONFIG_VSX
+ case STORE_VSX:
+- if (regs->msr & MSR_LE)
+- return 0;
+ err = do_vsx_store(op.reg, do_stxvd2x, op.ea, regs);
+ goto ldst_done;
+ #endif
--
2.12.2
--
2.12.2
-From 66dd58f56eabe2795ed8f83a8480f0e8aace908f Mon Sep 17 00:00:00 2001
-From: Dan Williams <dan.j.williams@intel.com>
-Date: Tue, 28 Feb 2017 18:32:48 -0800
-Subject: [PATCH 070/251] nfit, libnvdimm: fix interleave set cookie
- calculation
-Content-Length: 6812
-Lines: 182
-
-commit 86ef58a4e35e8fa66afb5898cf6dec6a3bb29f67 upstream.
-
-The interleave-set cookie is a sum that sanity checks the composition of
-an interleave set has not changed from when the namespace was initially
-created. The checksum is calculated by sorting the DIMMs by their
-location in the interleave-set. The comparison for the sort must be
-64-bit wide, not byte-by-byte as performed by memcmp() in the broken
-case.
-
-Fix the implementation to accept correct cookie values in addition to
-the Linux "memcmp" order cookies, but only allow correct cookies to be
-generated going forward. It does mean that namespaces created by
-third-party-tooling, or created by newer kernels with this fix, will not
-validate on older kernels. However, there are a couple mitigating
-conditions:
-
- 1/ platforms with namespace-label capable NVDIMMs are not widely
- available.
-
- 2/ interleave-sets with a single-dimm are by definition not affected
- (nothing to sort). This covers the QEMU-KVM NVDIMM emulation case.
-
-The cookie stored in the namespace label will be fixed by any write the
-namespace label, the most straightforward way to achieve this is to
-write to the "alt_name" attribute of a namespace in sysfs.
-
-Fixes: eaf961536e16 ("libnvdimm, nfit: add interleave-set state-tracking infrastructure")
-Reported-by: Nicholas Moulin <nicholas.w.moulin@linux.intel.com>
-Tested-by: Nicholas Moulin <nicholas.w.moulin@linux.intel.com>
-Signed-off-by: Dan Williams <dan.j.williams@intel.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/acpi/nfit.c | 16 +++++++++++++++-
- drivers/nvdimm/namespace_devs.c | 28 +++++++++++++++++++++-------
- drivers/nvdimm/nd.h | 1 +
- drivers/nvdimm/region_devs.c | 9 +++++++++
- include/linux/libnvdimm.h | 2 ++
- 5 files changed, 48 insertions(+), 8 deletions(-)
-
-diff --git a/drivers/acpi/nfit.c b/drivers/acpi/nfit.c
-index c097f477c74c..14c2a07c9f3f 100644
---- a/drivers/acpi/nfit.c
-+++ b/drivers/acpi/nfit.c
-@@ -965,7 +965,7 @@ static size_t sizeof_nfit_set_info(int num_mappings)
- + num_mappings * sizeof(struct nfit_set_info_map);
- }
-
--static int cmp_map(const void *m0, const void *m1)
-+static int cmp_map_compat(const void *m0, const void *m1)
- {
- const struct nfit_set_info_map *map0 = m0;
- const struct nfit_set_info_map *map1 = m1;
-@@ -974,6 +974,14 @@ static int cmp_map(const void *m0, const void *m1)
- sizeof(u64));
- }
-
-+static int cmp_map(const void *m0, const void *m1)
-+{
-+ const struct nfit_set_info_map *map0 = m0;
-+ const struct nfit_set_info_map *map1 = m1;
-+
-+ return map0->region_offset - map1->region_offset;
-+}
-+
- /* Retrieve the nth entry referencing this spa */
- static struct acpi_nfit_memory_map *memdev_from_spa(
- struct acpi_nfit_desc *acpi_desc, u16 range_index, int n)
-@@ -1029,6 +1037,12 @@ static int acpi_nfit_init_interleave_set(struct acpi_nfit_desc *acpi_desc,
- sort(&info->mapping[0], nr, sizeof(struct nfit_set_info_map),
- cmp_map, NULL);
- nd_set->cookie = nd_fletcher64(info, sizeof_nfit_set_info(nr), 0);
-+
-+ /* support namespaces created with the wrong sort order */
-+ sort(&info->mapping[0], nr, sizeof(struct nfit_set_info_map),
-+ cmp_map_compat, NULL);
-+ nd_set->altcookie = nd_fletcher64(info, sizeof_nfit_set_info(nr), 0);
-+
- ndr_desc->nd_set = nd_set;
- devm_kfree(dev, info);
-
-diff --git a/drivers/nvdimm/namespace_devs.c b/drivers/nvdimm/namespace_devs.c
-index 62120c38d56b..aae7379af4e4 100644
---- a/drivers/nvdimm/namespace_devs.c
-+++ b/drivers/nvdimm/namespace_devs.c
-@@ -1534,6 +1534,7 @@ static int select_pmem_id(struct nd_region *nd_region, u8 *pmem_id)
- static int find_pmem_label_set(struct nd_region *nd_region,
- struct nd_namespace_pmem *nspm)
- {
-+ u64 altcookie = nd_region_interleave_set_altcookie(nd_region);
- u64 cookie = nd_region_interleave_set_cookie(nd_region);
- struct nd_namespace_label *nd_label;
- u8 select_id[NSLABEL_UUID_LEN];
-@@ -1542,8 +1543,10 @@ static int find_pmem_label_set(struct nd_region *nd_region,
- int rc = -ENODEV, l;
- u16 i;
-
-- if (cookie == 0)
-+ if (cookie == 0) {
-+ dev_dbg(&nd_region->dev, "invalid interleave-set-cookie\n");
- return -ENXIO;
-+ }
-
- /*
- * Find a complete set of labels by uuid. By definition we can start
-@@ -1552,13 +1555,24 @@ static int find_pmem_label_set(struct nd_region *nd_region,
- for_each_label(l, nd_label, nd_region->mapping[0].labels) {
- u64 isetcookie = __le64_to_cpu(nd_label->isetcookie);
-
-- if (isetcookie != cookie)
-- continue;
-+ if (isetcookie != cookie) {
-+ dev_dbg(&nd_region->dev, "invalid cookie in label: %pUb\n",
-+ nd_label->uuid);
-+ if (isetcookie != altcookie)
-+ continue;
-+
-+ dev_dbg(&nd_region->dev, "valid altcookie in label: %pUb\n",
-+ nd_label->uuid);
-+ }
-+
-+ for (i = 0; nd_region->ndr_mappings; i++) {
-+ if (has_uuid_at_pos(nd_region, nd_label->uuid, cookie, i))
-+ continue;
-+ if (has_uuid_at_pos(nd_region, nd_label->uuid, altcookie, i))
-+ continue;
-+ break;
-+ }
-
-- for (i = 0; nd_region->ndr_mappings; i++)
-- if (!has_uuid_at_pos(nd_region, nd_label->uuid,
-- cookie, i))
-- break;
- if (i < nd_region->ndr_mappings) {
- /*
- * Give up if we don't find an instance of a
-diff --git a/drivers/nvdimm/nd.h b/drivers/nvdimm/nd.h
-index 417e521d299c..fc870e55bb66 100644
---- a/drivers/nvdimm/nd.h
-+++ b/drivers/nvdimm/nd.h
-@@ -245,6 +245,7 @@ struct nd_region *to_nd_region(struct device *dev);
- int nd_region_to_nstype(struct nd_region *nd_region);
- int nd_region_register_namespaces(struct nd_region *nd_region, int *err);
- u64 nd_region_interleave_set_cookie(struct nd_region *nd_region);
-+u64 nd_region_interleave_set_altcookie(struct nd_region *nd_region);
- void nvdimm_bus_lock(struct device *dev);
- void nvdimm_bus_unlock(struct device *dev);
- bool is_nvdimm_bus_locked(struct device *dev);
-diff --git a/drivers/nvdimm/region_devs.c b/drivers/nvdimm/region_devs.c
-index 9521696c9385..dc2e919daa39 100644
---- a/drivers/nvdimm/region_devs.c
-+++ b/drivers/nvdimm/region_devs.c
-@@ -379,6 +379,15 @@ u64 nd_region_interleave_set_cookie(struct nd_region *nd_region)
- return 0;
- }
-
-+u64 nd_region_interleave_set_altcookie(struct nd_region *nd_region)
-+{
-+ struct nd_interleave_set *nd_set = nd_region->nd_set;
-+
-+ if (nd_set)
-+ return nd_set->altcookie;
-+ return 0;
-+}
-+
- /*
- * Upon successful probe/remove, take/release a reference on the
- * associated interleave set (if present), and plant new btt + namespace
-diff --git a/include/linux/libnvdimm.h b/include/linux/libnvdimm.h
-index 3f021dc5da8c..30201b9be7bc 100644
---- a/include/linux/libnvdimm.h
-+++ b/include/linux/libnvdimm.h
-@@ -83,6 +83,8 @@ struct nd_cmd_desc {
-
- struct nd_interleave_set {
- u64 cookie;
-+ /* compatibility with initial buggy Linux implementation */
-+ u64 altcookie;
- };
-
- struct nd_region_desc {
---
-2.12.2
-
-From cd8ad4d9eb6d9ee04e77b42c6a7a15eabada85ac Mon Sep 17 00:00:00 2001
-From: Mikulas Patocka <mpatocka@redhat.com>
-Date: Wed, 15 Feb 2017 11:26:10 -0500
-Subject: [PATCH 071/251] dm: flush queued bios when process blocks to avoid
- deadlock
-Content-Length: 3875
-Lines: 118
-
-commit d67a5f4b5947aba4bfe9a80a2b86079c215ca755 upstream.
-
-Commit df2cb6daa4 ("block: Avoid deadlocks with bio allocation by
-stacking drivers") created a workqueue for every bio set and code
-in bio_alloc_bioset() that tries to resolve some low-memory deadlocks
-by redirecting bios queued on current->bio_list to the workqueue if the
-system is low on memory. However other deadlocks (see below **) may
-happen, without any low memory condition, because generic_make_request
-is queuing bios to current->bio_list (rather than submitting them).
-
-** the related dm-snapshot deadlock is detailed here:
-https://www.redhat.com/archives/dm-devel/2016-July/msg00065.html
-
-Fix this deadlock by redirecting any bios on current->bio_list to the
-bio_set's rescue workqueue on every schedule() call. Consequently,
-when the process blocks on a mutex, the bios queued on
-current->bio_list are dispatched to independent workqueus and they can
-complete without waiting for the mutex to be available.
-
-The structure blk_plug contains an entry cb_list and this list can contain
-arbitrary callback functions that are called when the process blocks.
-To implement this fix DM (ab)uses the onstack plug's cb_list interface
-to get its flush_current_bio_list() called at schedule() time.
-
-This fixes the snapshot deadlock - if the map method blocks,
-flush_current_bio_list() will be called and it redirects bios waiting
-on current->bio_list to appropriate workqueues.
-
-Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1267650
-Depends-on: df2cb6daa4 ("block: Avoid deadlocks with bio allocation by stacking drivers")
-Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
-Signed-off-by: Mike Snitzer <snitzer@redhat.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/md/dm.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
- 1 file changed, 55 insertions(+)
-
-diff --git a/drivers/md/dm.c b/drivers/md/dm.c
-index 3384a3eef917..397f0454100b 100644
---- a/drivers/md/dm.c
-+++ b/drivers/md/dm.c
-@@ -1467,11 +1467,62 @@ void dm_accept_partial_bio(struct bio *bio, unsigned n_sectors)
- }
- EXPORT_SYMBOL_GPL(dm_accept_partial_bio);
-
-+/*
-+ * Flush current->bio_list when the target map method blocks.
-+ * This fixes deadlocks in snapshot and possibly in other targets.
-+ */
-+struct dm_offload {
-+ struct blk_plug plug;
-+ struct blk_plug_cb cb;
-+};
-+
-+static void flush_current_bio_list(struct blk_plug_cb *cb, bool from_schedule)
-+{
-+ struct dm_offload *o = container_of(cb, struct dm_offload, cb);
-+ struct bio_list list;
-+ struct bio *bio;
-+
-+ INIT_LIST_HEAD(&o->cb.list);
-+
-+ if (unlikely(!current->bio_list))
-+ return;
-+
-+ list = *current->bio_list;
-+ bio_list_init(current->bio_list);
-+
-+ while ((bio = bio_list_pop(&list))) {
-+ struct bio_set *bs = bio->bi_pool;
-+ if (unlikely(!bs) || bs == fs_bio_set) {
-+ bio_list_add(current->bio_list, bio);
-+ continue;
-+ }
-+
-+ spin_lock(&bs->rescue_lock);
-+ bio_list_add(&bs->rescue_list, bio);
-+ queue_work(bs->rescue_workqueue, &bs->rescue_work);
-+ spin_unlock(&bs->rescue_lock);
-+ }
-+}
-+
-+static void dm_offload_start(struct dm_offload *o)
-+{
-+ blk_start_plug(&o->plug);
-+ o->cb.callback = flush_current_bio_list;
-+ list_add(&o->cb.list, ¤t->plug->cb_list);
-+}
-+
-+static void dm_offload_end(struct dm_offload *o)
-+{
-+ list_del(&o->cb.list);
-+ blk_finish_plug(&o->plug);
-+}
-+
- static void __map_bio(struct dm_target_io *tio)
- {
- int r;
- sector_t sector;
- struct mapped_device *md;
-+ struct dm_offload o;
- struct bio *clone = &tio->clone;
- struct dm_target *ti = tio->ti;
-
-@@ -1484,7 +1535,11 @@ static void __map_bio(struct dm_target_io *tio)
- */
- atomic_inc(&tio->io->io_count);
- sector = clone->bi_iter.bi_sector;
-+
-+ dm_offload_start(&o);
- r = ti->type->map(ti, clone);
-+ dm_offload_end(&o);
-+
- if (r == DM_MAPIO_REMAPPED) {
- /* the bio has been remapped so dispatch it */
-
---
-2.12.2
-
-From 1c5265be54d32ee21128137ccdb6ecbab0458f07 Mon Sep 17 00:00:00 2001
-From: Theodore Ts'o <tytso@mit.edu>
-Date: Tue, 14 Feb 2017 11:31:15 -0500
-Subject: [PATCH 072/251] ext4: don't BUG when truncating encrypted inodes on
- the orphan list
-Content-Length: 4100
-Lines: 96
-
-commit 0d06863f903ac5f4f6efb0273079d27de3e53a28 upstream.
-
-Fix a BUG when the kernel tries to mount a file system constructed as
-follows:
-
-echo foo > foo.txt
-mke2fs -Fq -t ext4 -O encrypt foo.img 100
-debugfs -w foo.img << EOF
-write foo.txt a
-set_inode_field a i_flags 0x80800
-set_super_value s_last_orphan 12
-quit
-EOF
-
-root@kvm-xfstests:~# mount -o loop foo.img /mnt
-[ 160.238770] ------------[ cut here ]------------
-[ 160.240106] kernel BUG at /usr/projects/linux/ext4/fs/ext4/inode.c:3874!
-[ 160.240106] invalid opcode: 0000 [#1] SMP
-[ 160.240106] Modules linked in:
-[ 160.240106] CPU: 0 PID: 2547 Comm: mount Tainted: G W 4.10.0-rc3-00034-gcdd33b941b67 #227
-[ 160.240106] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.1-1 04/01/2014
-[ 160.240106] task: f4518000 task.stack: f47b6000
-[ 160.240106] EIP: ext4_block_zero_page_range+0x1a7/0x2b4
-[ 160.240106] EFLAGS: 00010246 CPU: 0
-[ 160.240106] EAX: 00000001 EBX: f7be4b50 ECX: f47b7dc0 EDX: 00000007
-[ 160.240106] ESI: f43b05a8 EDI: f43babec EBP: f47b7dd0 ESP: f47b7dac
-[ 160.240106] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
-[ 160.240106] CR0: 80050033 CR2: bfd85b08 CR3: 34a00680 CR4: 000006f0
-[ 160.240106] Call Trace:
-[ 160.240106] ext4_truncate+0x1e9/0x3e5
-[ 160.240106] ext4_fill_super+0x286f/0x2b1e
-[ 160.240106] ? set_blocksize+0x2e/0x7e
-[ 160.240106] mount_bdev+0x114/0x15f
-[ 160.240106] ext4_mount+0x15/0x17
-[ 160.240106] ? ext4_calculate_overhead+0x39d/0x39d
-[ 160.240106] mount_fs+0x58/0x115
-[ 160.240106] vfs_kern_mount+0x4b/0xae
-[ 160.240106] do_mount+0x671/0x8c3
-[ 160.240106] ? _copy_from_user+0x70/0x83
-[ 160.240106] ? strndup_user+0x31/0x46
-[ 160.240106] SyS_mount+0x57/0x7b
-[ 160.240106] do_int80_syscall_32+0x4f/0x61
-[ 160.240106] entry_INT80_32+0x2f/0x2f
-[ 160.240106] EIP: 0xb76b919e
-[ 160.240106] EFLAGS: 00000246 CPU: 0
-[ 160.240106] EAX: ffffffda EBX: 08053838 ECX: 08052188 EDX: 080537e8
-[ 160.240106] ESI: c0ed0000 EDI: 00000000 EBP: 080537e8 ESP: bfa13660
-[ 160.240106] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b
-[ 160.240106] Code: 59 8b 00 a8 01 0f 84 09 01 00 00 8b 07 66 25 00 f0 66 3d 00 80 75 61 89 f8 e8 3e e2 ff ff 84 c0 74 56 83 bf 48 02 00 00 00 75 02 <0f> 0b 81 7d e8 00 10 00 00 74 02 0f 0b 8b 43 04 8b 53 08 31 c9
-[ 160.240106] EIP: ext4_block_zero_page_range+0x1a7/0x2b4 SS:ESP: 0068:f47b7dac
-[ 160.317241] ---[ end trace d6a773a375c810a5 ]---
-
-The problem is that when the kernel tries to truncate an inode in
-ext4_truncate(), it tries to clear any on-disk data beyond i_size.
-Without the encryption key, it can't do that, and so it triggers a
-BUG.
-
-E2fsck does *not* provide this service, and in practice most file
-systems have their orphan list processed by e2fsck, so to avoid
-crashing, this patch skips this step if we don't have access to the
-encryption key (which is the case when processing the orphan list; in
-all other cases, we will have the encryption key, or the kernel
-wouldn't have allowed the file to be opened).
-
-An open question is whether the fact that e2fsck isn't clearing the
-bytes beyond i_size causing problems --- and if we've lived with it
-not doing it for so long, can we drop this from the kernel replay of
-the orphan list in all cases (not just when we don't have the key for
-encrypted inodes).
-
-Addresses-Google-Bug: #35209576
-
-Signed-off-by: Theodore Ts'o <tytso@mit.edu>
-Signed-off-by: Eric Biggers <ebiggers@google.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- fs/ext4/inode.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
-index e0f862146793..7dcc97eadb12 100644
---- a/fs/ext4/inode.c
-+++ b/fs/ext4/inode.c
-@@ -3573,6 +3573,10 @@ static int ext4_block_truncate_page(handle_t *handle,
- unsigned blocksize;
- struct inode *inode = mapping->host;
-
-+ /* If we are processing an encrypted inode during orphan list handling */
-+ if (ext4_encrypted_inode(inode) && !ext4_has_encryption_key(inode))
-+ return 0;
-+
- blocksize = inode->i_sb->s_blocksize;
- length = blocksize - (offset & (blocksize - 1));
-
---
-2.12.2
-
From 28ec98bc2e4a175b60f45d505e715a33b93dd077 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Sat, 18 Mar 2017 19:10:23 +0800
--
2.12.2
-From 84bd21a708b83a24d26cd0010ea94106c96557de Mon Sep 17 00:00:00 2001
-From: "Jason A. Donenfeld" <Jason@zx2c4.com>
-Date: Thu, 23 Mar 2017 12:24:43 +0100
-Subject: [PATCH 250/251] padata: avoid race in reordering
-Content-Length: 3216
-Lines: 92
-
-commit de5540d088fe97ad583cc7d396586437b32149a5 upstream.
-
-Under extremely heavy uses of padata, crashes occur, and with list
-debugging turned on, this happens instead:
-
-[87487.298728] WARNING: CPU: 1 PID: 882 at lib/list_debug.c:33
-__list_add+0xae/0x130
-[87487.301868] list_add corruption. prev->next should be next
-(ffffb17abfc043d0), but was ffff8dba70872c80. (prev=ffff8dba70872b00).
-[87487.339011] [<ffffffff9a53d075>] dump_stack+0x68/0xa3
-[87487.342198] [<ffffffff99e119a1>] ? console_unlock+0x281/0x6d0
-[87487.345364] [<ffffffff99d6b91f>] __warn+0xff/0x140
-[87487.348513] [<ffffffff99d6b9aa>] warn_slowpath_fmt+0x4a/0x50
-[87487.351659] [<ffffffff9a58b5de>] __list_add+0xae/0x130
-[87487.354772] [<ffffffff9add5094>] ? _raw_spin_lock+0x64/0x70
-[87487.357915] [<ffffffff99eefd66>] padata_reorder+0x1e6/0x420
-[87487.361084] [<ffffffff99ef0055>] padata_do_serial+0xa5/0x120
-
-padata_reorder calls list_add_tail with the list to which its adding
-locked, which seems correct:
-
-spin_lock(&squeue->serial.lock);
-list_add_tail(&padata->list, &squeue->serial.list);
-spin_unlock(&squeue->serial.lock);
-
-This therefore leaves only place where such inconsistency could occur:
-if padata->list is added at the same time on two different threads.
-This pdata pointer comes from the function call to
-padata_get_next(pd), which has in it the following block:
-
-next_queue = per_cpu_ptr(pd->pqueue, cpu);
-padata = NULL;
-reorder = &next_queue->reorder;
-if (!list_empty(&reorder->list)) {
- padata = list_entry(reorder->list.next,
- struct padata_priv, list);
- spin_lock(&reorder->lock);
- list_del_init(&padata->list);
- atomic_dec(&pd->reorder_objects);
- spin_unlock(&reorder->lock);
-
- pd->processed++;
-
- goto out;
-}
-out:
-return padata;
-
-I strongly suspect that the problem here is that two threads can race
-on reorder list. Even though the deletion is locked, call to
-list_entry is not locked, which means it's feasible that two threads
-pick up the same padata object and subsequently call list_add_tail on
-them at the same time. The fix is thus be hoist that lock outside of
-that block.
-
-Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
-Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
-Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- kernel/padata.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/kernel/padata.c b/kernel/padata.c
-index b38bea9c466a..401227e3967c 100644
---- a/kernel/padata.c
-+++ b/kernel/padata.c
-@@ -189,19 +189,20 @@ static struct padata_priv *padata_get_next(struct parallel_data *pd)
-
- reorder = &next_queue->reorder;
-
-+ spin_lock(&reorder->lock);
- if (!list_empty(&reorder->list)) {
- padata = list_entry(reorder->list.next,
- struct padata_priv, list);
-
-- spin_lock(&reorder->lock);
- list_del_init(&padata->list);
- atomic_dec(&pd->reorder_objects);
-- spin_unlock(&reorder->lock);
-
- pd->processed++;
-
-+ spin_unlock(&reorder->lock);
- goto out;
- }
-+ spin_unlock(&reorder->lock);
-
- if (__this_cpu_read(pd->pqueue->cpu_index) == next_queue->cpu_index) {
- padata = ERR_PTR(-ENODATA);
---
-2.12.2
-
From 8f8ee9706b0a64a3506b9d9789ace7c44f3d817d Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Sat, 8 Apr 2017 09:53:53 +0200
projects / thirdparty / kernel / stable-queue.git / commitdiff
