lineage-22.2
31031 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Adrian Hunter
|
542abbf58e |
perf: Fix perf_aux_size() for greater-than 32-bit size
[ Upstream commit 3df94a5b1078dfe2b0c03f027d018800faf44c82 ]
perf_buffer->aux_nr_pages uses a 32-bit type, so a cast is needed to
calculate a 64-bit size.
Fixes:
|
||
|
Michael Bestas
|
5b696ce758 |
Merge branch 'android-4.19-stable' of https://android.googlesource.com/kernel/common into android13-4.19-kona
* 'android-4.19-stable' of https://android.googlesource.com/kernel/common: (415 commits) Linux 4.19.318 i2c: rcar: bring hardware to known state when probing nilfs2: fix kernel bug on rename operation of broken directory SUNRPC: Fix RPC client cleaned up the freed pipefs dentries tcp: avoid too many retransmit packets tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() net: tcp: fix unexcepted socket die when snd_wnd is 0 tcp: refactor tcp_retransmit_timer() libceph: fix race between delayed_work() and ceph_monc_stop() hpet: Support 32-bit userspace USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k USB: serial: option: add Rolling RW350-GL variants USB: serial: option: add Netprisma LCUK54 series modules USB: serial: option: add support for Foxconn T99W651 USB: serial: option: add Fibocom FM350-GL USB: serial: option: add Telit FN912 rmnet compositions USB: serial: option: add Telit generic core-dump composition ARM: davinci: Convert comma to semicolon ... Conflicts: drivers/net/usb/ax88179_178a.c drivers/scsi/ufs/ufshcd.c Change-Id: I63f3c3862218db4d5d13828c76e11f21da54ca42 |
||
|
Greg Kroah-Hartman
|
82f9317bbb |
Merge 4.19.318 into android-4.19-stable
Changes in 4.19.318 asm-generic: Move common compat types to asm-generic/compat.h media: dvb: as102-fe: Fix as10x_register_addr packing media: dvb-usb: dib0700_devices: Add missing release_firmware() IB/core: Implement a limit on UMAD receive List drm/amd/display: Skip finding free audio for unknown engine_id media: dw2102: Don't translate i2c read into write sctp: prefer struct_size over open coded arithmetic firmware: dmi: Stop decoding on broken entry Input: ff-core - prefer struct_size over open coded arithmetic net: dsa: mv88e6xxx: Correct check for empty list media: dvb-frontends: tda18271c2dd: Remove casting during div media: s2255: Use refcount_t instead of atomic_t for num_channels media: dvb-frontends: tda10048: Fix integer overflow i2c: i801: Annotate apanel_addr as __ro_after_init powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n orangefs: fix out-of-bounds fsid access powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#" jffs2: Fix potential illegal address access in jffs2_free_inode s390/pkey: Wipe sensitive data on failure tcp: take care of compressed acks in tcp_add_reno_sack() tcp: tcp_mark_head_lost is only valid for sack-tcp tcp: add ece_ack flag to reno sack functions net: tcp better handling of reordering then loss cases UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() tcp_metrics: validate source addr length bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() selftests: fix OOM in msg_zerocopy selftest selftests: make order checking verbose in msg_zerocopy selftest inet_diag: Initialize pad field in struct inet_diag_req_v2 nilfs2: fix inode number range checks nilfs2: add missing check for inode numbers on directory entries mm: optimize the redundant loop of mm_update_owner_next() Bluetooth: Fix incorrect pointer arithmatic in ext_adv_report_evt can: kvaser_usb: Explicitly initialize family in leafimx driver_info struct fsnotify: Do not generate events for O_PATH file descriptors Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes drm/amdgpu/atomfirmware: silence UBSAN warning bnx2x: Fix multiple UBSAN array-index-out-of-bounds media: dw2102: fix a potential buffer overflow i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr nilfs2: fix incorrect inode allocation from reserved inodes drm/i915: make find_fw_domain work on intel_uncore tcp: fix incorrect undo caused by DSACK of TLP retransmit net: lantiq_etop: add blank line after declaration net: ethernet: lantiq_etop: fix double free in detach ppp: reject claimed-as-LCP but actually malformed packets ARM: davinci: Convert comma to semicolon USB: serial: option: add Telit generic core-dump composition USB: serial: option: add Telit FN912 rmnet compositions USB: serial: option: add Fibocom FM350-GL USB: serial: option: add support for Foxconn T99W651 USB: serial: option: add Netprisma LCUK54 series modules USB: serial: option: add Rolling RW350-GL variants USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor hpet: Support 32-bit userspace libceph: fix race between delayed_work() and ceph_monc_stop() tcp: refactor tcp_retransmit_timer() net: tcp: fix unexcepted socket die when snd_wnd is 0 tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() tcp: avoid too many retransmit packets SUNRPC: Fix RPC client cleaned up the freed pipefs dentries nilfs2: fix kernel bug on rename operation of broken directory i2c: rcar: bring hardware to known state when probing Linux 4.19.318 Change-Id: I6d2646a308c3f44976d00ee372e87568c3e40c23 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Jinliang Zheng
|
2890a7faf5 |
mm: optimize the redundant loop of mm_update_owner_next()
commit cf3f9a593dab87a032d2b6a6fb205e7f3de4f0a1 upstream. When mm_update_owner_next() is racing with swapoff (try_to_unuse()) or /proc or ptrace or page migration (get_task_mm()), it is impossible to find an appropriate task_struct in the loop whose mm_struct is the same as the target mm_struct. If the above race condition is combined with the stress-ng-zombie and stress-ng-dup tests, such a long loop can easily cause a Hard Lockup in write_lock_irq() for tasklist_lock. Recognize this situation in advance and exit early. Link: https://lkml.kernel.org/r/20240620122123.3877432-1-alexjlzheng@tencent.com Signed-off-by: Jinliang Zheng <alexjlzheng@tencent.com> Acked-by: Michal Hocko <mhocko@suse.com> Cc: Christian Brauner <brauner@kernel.org> Cc: Jens Axboe <axboe@kernel.dk> Cc: Mateusz Guzik <mjguzik@gmail.com> Cc: Matthew Wilcox (Oracle) <willy@infradead.org> Cc: Oleg Nesterov <oleg@redhat.com> Cc: Tycho Andersen <tandersen@netflix.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
46d5c15467 |
Merge 4.19.317 into android-4.19-stable
Changes in 4.19.317
wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects
wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup()
wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64
wifi: iwlwifi: mvm: don't read past the mfuart notifcation
ipv6: sr: block BH in seg6_output_core() and seg6_input_core()
vxlan: Fix regression when dropping packets due to invalid src addresses
tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB
ptp: Fix error message on failed pin verification
af_unix: Annotate data-race of sk->sk_state in unix_inq_len().
af_unix: Annotate data-races around sk->sk_state in unix_write_space() and poll().
af_unix: Annotate data-races around sk->sk_state in sendmsg() and recvmsg().
af_unix: Annotate data-races around sk->sk_state in UNIX_DIAG.
af_unix: Annotate data-race of net->unx.sysctl_max_dgram_qlen.
af_unix: Use unix_recvq_full_lockless() in unix_stream_connect().
af_unix: Use skb_queue_len_lockless() in sk_diag_show_rqlen().
af_unix: Annotate data-race of sk->sk_shutdown in sk_diag_fill().
usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete
drm/amd/display: Handle Y carry-over in VCP X.Y calculation
serial: sc16is7xx: replace hardcoded divisor value with BIT() macro
serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler
media: mc: mark the media devnode as registered from the, start
selftests/mm: compaction_test: fix incorrect write of zero to nr_hugepages
selftests/mm: conform test to TAP format output
selftests/mm: compaction_test: fix bogus test success on Aarch64
nilfs2: Remove check for PageError
nilfs2: return the mapped address from nilfs_get_page()
nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors
USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages
mei: me: release irq in mei_me_pci_resume error path
jfs: xattr: fix buffer overflow for invalid xattr
xhci: Apply reset resume quirk to Etron EJ188 xHCI host
xhci: Apply broken streams quirk to Etron EJ188 xHCI host
Input: try trimming too long modalias strings
xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING
HID: core: remove unnecessary WARN_ON() in implement()
iommu/amd: Fix sysfs leak in iommu init
liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet
drm/bridge/panel: Fix runtime warning on panel bridge release
tcp: fix race in tcp_v6_syn_recv_sock()
Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ
ipv6/route: Add a missing check on proc_dointvec
net/ipv6: Fix the RT cache flush via sysctl using a previous delay
drivers: core: synchronize really_probe() and dev_uevent()
drm/exynos/vidi: fix memory leak in .get_modes()
vmci: prevent speculation leaks by sanitizing event in event_deliver()
fs/proc: fix softlockup in __read_vmcore
ocfs2: use coarse time for new created files
ocfs2: fix races between hole punching and AIO+DIO
PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id
dmaengine: axi-dmac: fix possible race in remove()
intel_th: pci: Add Granite Rapids support
intel_th: pci: Add Granite Rapids SOC support
intel_th: pci: Add Sapphire Rapids SOC support
intel_th: pci: Add Meteor Lake-S support
intel_th: pci: Add Lunar Lake support
nilfs2: fix potential kernel bug due to lack of writeback flag waiting
hv_utils: drain the timesync packets on onchannelcallback
hugetlb_encode.h: fix undefined behaviour (34 << 26)
usb-storage: alauda: Check whether the media is initialized
rcutorture: Fix rcu_torture_one_read() pipe_count overflow comment
batman-adv: bypass empty buckets in batadv_purge_orig_ref()
scsi: qedi: Fix crash while reading debugfs attribute
powerpc/pseries: Enforce hcall result buffer validity and size
powerpc/io: Avoid clang null pointer arithmetic warnings
usb: misc: uss720: check for incompatible versions of the Belkin F5U002
udf: udftime: prevent overflow in udf_disk_stamp_to_time()
PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports
MIPS: Octeon: Add PCIe link status check
MIPS: Routerboard 532: Fix vendor retry check code
cipso: fix total option length computation
netrom: Fix a memory leak in nr_heartbeat_expiry()
ipv6: prevent possible NULL dereference in rt6_probe()
xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()
virtio_net: checksum offloading handling fix
net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings
regulator: core: Fix modpost error "regulator_get_regmap" undefined
dmaengine: ioatdma: Fix missing kmem_cache_destroy()
ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine."
drm/radeon: fix UBSAN warning in kv_dpm.c
gcov: add support for GCC 14
ARM: dts: samsung: smdkv310: fix keypad no-autorepeat
ARM: dts: samsung: exynos4412-origen: fix keypad no-autorepeat
ARM: dts: samsung: smdk4412: fix keypad no-autorepeat
selftests/ftrace: Fix checkbashisms errors
tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test
perf/core: Fix missing wakeup when waiting for context reference
PCI: Add PCI_ERROR_RESPONSE and related definitions
x86/amd_nb: Check for invalid SMN reads
iio: dac: ad5592r-base: Replace indio_dev->mlock with own device lock
iio: dac: ad5592r: un-indent code-block for scale read
iio: dac: ad5592r: fix temperature channel scaling value
scsi: mpt3sas: Add ioc_<level> logging macros
scsi: mpt3sas: Gracefully handle online firmware update
scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory
xhci: Use soft retry to recover faster from transaction errors
xhci: Set correct transferred length for cancelled bulk transfers
usb: xhci: do not perform Soft Retry for some xHCI hosts
pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER
pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins
pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins
pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set
drm/amdgpu: fix UBSAN warning in kv_dpm.c
netfilter: nf_tables: validate family when identifying table via handle
ASoC: fsl-asoc-card: set priv->pdev before using it
netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers
drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep
net/iucv: Avoid explicit cpumask var allocation on stack
ALSA: emux: improve patch ioctl data validation
media: dvbdev: Initialize sbuf
soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message
nvme: fixup comment for nvme RDMA Provider Type
gpio: davinci: Validate the obtained number of IRQs
i2c: ocores: stop transfer on timeout
i2c: ocores: set IACK bit after core is enabled
x86: stop playing stack games in profile_pc()
mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos
iio: adc: ad7266: Fix variable checking bug
iio: chemical: bme680: Fix pressure value output
iio: chemical: bme680: Fix calibration data variable
iio: chemical: bme680: Fix overflows in compensate() functions
iio: chemical: bme680: Fix sensor data read operation
net: usb: ax88179_178a: improve link status logs
usb: gadget: printer: SS+ support
usb: musb: da8xx: fix a resource leak in probe()
usb: atm: cxacru: fix endpoint checking in cxacru_bind()
tty: mcf: MCF54418 has 10 UARTS
hexagon: fix fadvise64_64 calling conventions
drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes
drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes
batman-adv: Don't accept TT entries for out-of-spec VIDs
ata: libata-core: Fix double free on error
ftruncate: pass a signed offset
pwm: stm32: Refuse too small period requests
ipv6: annotate some data-races around sk->sk_prot
ipv6: Fix data races around sk->sk_prot.
tcp: Fix data races around icsk->icsk_af_ops.
arm64: dts: rockchip: Add sound-dai-cells for RK3368
Linux 4.19.317
Change-Id: Ic469df3aff3d8233947e4f13951e091deca41c65
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Haifeng Xu
|
c23ead9986 |
perf/core: Fix missing wakeup when waiting for context reference
[ Upstream commit 74751ef5c1912ebd3e65c3b65f45587e05ce5d36 ]
In our production environment, we found many hung tasks which are
blocked for more than 18 hours. Their call traces are like this:
[346278.191038] __schedule+0x2d8/0x890
[346278.191046] schedule+0x4e/0xb0
[346278.191049] perf_event_free_task+0x220/0x270
[346278.191056] ? init_wait_var_entry+0x50/0x50
[346278.191060] copy_process+0x663/0x18d0
[346278.191068] kernel_clone+0x9d/0x3d0
[346278.191072] __do_sys_clone+0x5d/0x80
[346278.191076] __x64_sys_clone+0x25/0x30
[346278.191079] do_syscall_64+0x5c/0xc0
[346278.191083] ? syscall_exit_to_user_mode+0x27/0x50
[346278.191086] ? do_syscall_64+0x69/0xc0
[346278.191088] ? irqentry_exit_to_user_mode+0x9/0x20
[346278.191092] ? irqentry_exit+0x19/0x30
[346278.191095] ? exc_page_fault+0x89/0x160
[346278.191097] ? asm_exc_page_fault+0x8/0x30
[346278.191102] entry_SYSCALL_64_after_hwframe+0x44/0xae
The task was waiting for the refcount become to 1, but from the vmcore,
we found the refcount has already been 1. It seems that the task didn't
get woken up by perf_event_release_kernel() and got stuck forever. The
below scenario may cause the problem.
Thread A Thread B
... ...
perf_event_free_task perf_event_release_kernel
...
acquire event->child_mutex
...
get_ctx
... release event->child_mutex
acquire ctx->mutex
...
perf_free_event (acquire/release event->child_mutex)
...
release ctx->mutex
wait_var_event
acquire ctx->mutex
acquire event->child_mutex
# move existing events to free_list
release event->child_mutex
release ctx->mutex
put_ctx
... ...
In this case, all events of the ctx have been freed, so we couldn't
find the ctx in free_list and Thread A will miss the wakeup. It's thus
necessary to add a wakeup after dropping the reference.
Fixes: 1cf8dfe8a661 ("perf/core: Fix race between close() and fork()")
Signed-off-by: Haifeng Xu <haifeng.xu@shopee.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Reviewed-by: Frederic Weisbecker <frederic@kernel.org>
Acked-by: Mark Rutland <mark.rutland@arm.com>
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/20240513103948.33570-1-haifeng.xu@shopee.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Jeff Johnson
|
876d7d009c |
tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test
[ Upstream commit 23748e3e0fbfe471eff5ce439921629f6a427828 ]
Fix the 'make W=1' warning:
WARNING: modpost: missing MODULE_DESCRIPTION() in kernel/trace/preemptirq_delay_test.o
Link: https://lore.kernel.org/linux-trace-kernel/20240518-md-preemptirq_delay_test-v1-1-387d11b30d85@quicinc.com
Cc: stable@vger.kernel.org
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Fixes:
|
||
|
Peter Oberparleiter
|
48d5f4d669 |
gcov: add support for GCC 14
commit c1558bc57b8e5b4da5d821537cd30e2e660861d8 upstream. Using gcov on kernels compiled with GCC 14 results in truncated 16-byte long .gcda files with no usable data. To fix this, update GCOV_COUNTERS to match the value defined by GCC 14. Tested with GCC versions 14.1.0 and 13.2.0. Link: https://lkml.kernel.org/r/20240610092743.1609845-1-oberpar@linux.ibm.com Signed-off-by: Peter Oberparleiter <oberpar@linux.ibm.com> Reported-by: Allison Henderson <allison.henderson@oracle.com> Reported-by: Chuck Lever III <chuck.lever@oracle.com> Tested-by: Chuck Lever <chuck.lever@oracle.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Paul E. McKenney
|
6652029853 |
rcutorture: Fix rcu_torture_one_read() pipe_count overflow comment
[ Upstream commit 8b9b443fa860276822b25057cb3ff3b28734dec0 ] The "pipe_count > RCU_TORTURE_PIPE_LEN" check has a comment saying "Should not happen, but...". This is only true when testing an RCU whose grace periods are always long enough. This commit therefore fixes this comment. Reported-by: Linus Torvalds <torvalds@linux-foundation.org> Closes: https://lore.kernel.org/lkml/CAHk-=wi7rJ-eGq+xaxVfzFEgbL9tdf6Kc8Z89rCpfcQOKm74Tw@mail.gmail.com/ Signed-off-by: Paul E. McKenney <paulmck@kernel.org> Signed-off-by: Uladzislau Rezki (Sony) <urezki@gmail.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Michael Bestas
|
18144fafc4 |
Merge tag 'ASB-2024-06-05_4.19-stable' of https://android.googlesource.com/kernel/common into android13-4.19-kona
https://source.android.com/docs/security/bulletin/2024-06-01 CVE-2024-26926 * tag 'ASB-2024-06-05_4.19-stable' of https://android.googlesource.com/kernel/common: BACKPORT: net: fix __dst_negative_advice() race Linux 4.19.315 docs: kernel_include.py: Cope with docutils 0.21 serial: kgdboc: Fix NMI-safety problems from keyboard reset code tracing: Remove unnecessary var_ref destroy in track_data_destroy() tracing: Generalize hist trigger onmax and save action tracing: Split up onmatch action data tracing: Refactor hist trigger action code tracing: Have the historgram use the result of str_has_prefix() for len of prefix tracing: Use str_has_prefix() instead of using fixed sizes tracing: Use str_has_prefix() helper for histogram code string.h: Add str_has_prefix() helper function tracing: Consolidate trace_add/remove_event_call back to the nolock functions tracing: Remove unneeded synth_event_mutex tracing: Use dyn_event framework for synthetic events tracing: Add unified dynamic event framework tracing: Simplify creation and deletion of synthetic events btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() dm: limit the number of targets and parameter size area Revert "selftests: mm: fix map_hugetlb failure on 64K page size systems" Linux 4.19.314 af_unix: Suppress false-positive lockdep splat for spin_lock() in __unix_gc(). net: fix out-of-bounds access in ops_init drm/vmwgfx: Fix invalid reads in fence signaled events dyndbg: fix old BUG_ON in >control parser tipc: fix UAF in error path usb: gadget: f_fs: Fix a race condition when processing setup packets. usb: gadget: composite: fix OS descriptors w_value logic firewire: nosy: ensure user_length is taken into account when fetching packet contents af_unix: Fix garbage collector racing against connect() af_unix: Do not use atomic ops for unix_sk(sk)->inflight. ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() net: bridge: fix corrupted ethernet header on multicast-to-unicast phonet: fix rtm_phonet_notify() skb allocation rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets tcp: remove redundant check on tskb net:usb:qmi_wwan: support Rolling modules fs/9p: drop inodes immediately on non-.L too gpio: crystalcove: Use -ENOTSUPP consistently gpio: wcove: Use -ENOTSUPP consistently 9p: explicitly deny setlease attempts fs/9p: translate O_TRUNC into OTRUNC fs/9p: only translate RWX permissions for plain 9P2000 selftests: timers: Fix valid-adjtimex signed left-shift undefined behavior scsi: target: Fix SELinux error when systemd-modules loads the target module btrfs: always clear PERTRANS metadata during commit btrfs: make btrfs_clear_delalloc_extent() free delalloc reserve tools/power turbostat: Fix Bzy_MHz documentation typo tools/power turbostat: Fix added raw MSR output firewire: ohci: mask bus reset interrupts between ISR and bottom half ata: sata_gemini: Check clk_enable() result net: bcmgenet: Reset RBUF on first open ALSA: line6: Zero-initialize message buffers scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload net: mark racy access on sk->sk_rcvbuf wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc gfs2: Fix invalid metadata access in punch_hole scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic tipc: fix a possible memleak in tipc_buf_append net: bridge: fix multicast-to-unicast with fraglist GSO net: dsa: mv88e6xxx: Fix number of databases for 88E6141 / 88E6341 net: dsa: mv88e6xxx: Add number of MACs in the ATU net l2tp: drop flow hash on forward nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). bna: ensure the copied buf is NUL terminated s390/mm: Fix clearing storage keys for huge pages s390/mm: Fix storage key clearing for guest huge pages pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() power: rt9455: hide unused rt9455_boost_voltage_values pinctrl: core: delete incorrect free in pinctrl_enable() ethernet: Add helper for assigning packet type when dest address does not match device address ethernet: add a helper for assigning port addresses net: slightly optimize eth_type_trans drm/amdgpu: Fix leak when GPU memory allocation fails drm/amdkfd: change system memory overcommit limit wifi: nl80211: don't free NULL coalescing rule dmaengine: Revert "dmaengine: pl330: issue_pending waits until WFP state" dmaengine: pl330: issue_pending waits until WFP state Linux 4.19.313 serial: core: fix kernel-doc for uart_port_unlock_irqrestore() udp: preserve the connected status if only UDP cmsg Revert "y2038: rusage: use __kernel_old_timeval" Revert "loop: Remove sector_t truncation checks" HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up i2c: smbus: fix NULL function pointer dereference idma64: Don't try to serve interrupts when device is powered off dmaengine: owl: fix register access functions tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() tcp: Clean up kernel listener's reqsk in inet_twsk_purge() mtd: diskonchip: work around ubsan link failure stackdepot: respect __GFP_NOLOCKDEP allocation flag net: b44: set pause params only when interface is up irqchip/gic-v3-its: Prevent double free on error arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 Puma btrfs: fix information leak in btrfs_ioctl_logical_to_ino() Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker together tracing: Show size of requested perf buffer Revert "crypto: api - Disallow identical driver names" drm/amdgpu: validate the parameters of bo mapping operations more clearly amdgpu: validate offset_in_bo of drm_amdgpu_gem_va drm/amdgpu: restrict bo mapping within gpu address limits serial: mxs-auart: add spinlock around changing cts state serial: core: Provide port lock wrappers i40e: Do not use WQ_MEM_RECLAIM flag for workqueue net: openvswitch: Fix Use-After-Free in ovs_ct_exit net: openvswitch: ovs_ct_exit to be done under ovs_lock ipvs: Fix checksumming on GSO of SCTP packets net: gtp: Fix Use-After-Free in gtp_dellink net: usb: ax88179_178a: stop lying about skb->truesize NFC: trf7970a: disable all regulators on removal mlxsw: core: Unregister EMAD trap using FORWARD action vxlan: drop packets from invalid src-address ARC: [plat-hsdk]: Remove misplaced interrupt-cells property arm64: dts: mediatek: mt7622: drop "reset-names" from thermal block arm64: dts: mediatek: mt7622: fix ethernet controller "compatible" arm64: dts: mediatek: mt7622: fix IR nodename arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for RK3399 Puma arm64: dts: rockchip: fix alphabetical ordering RK3399 puma tracing: Use var_refs[] for hist trigger reference checking tracing: Remove hist trigger synth_var_refs nilfs2: fix OOB in nilfs_set_de_type nouveau: fix instmem race condition around ptr stores fs: sysfs: Fix reference leak in sysfs_break_active_protection() speakup: Avoid crash on very long word usb: dwc2: host: Fix dereference issue in DDMA completion flow. Revert "usb: cdc-wdm: close race between read and workqueue" USB: serial: option: add Telit FN920C04 rmnet compositions USB: serial: option: add Rolling RW101-GL and RW135-GL support USB: serial: option: support Quectel EM060K sub-models USB: serial: option: add Lonsung U8300/U9300 product USB: serial: option: add support for Fibocom FM650/FG650 USB: serial: option: add Fibocom FM135-GL variants serial/pmac_zilog: Remove flawed mitigation for rx irq flood comedi: vmk80xx: fix incomplete endpoint checking drm: nv04: Fix out of bounds access RDMA/mlx5: Fix port number for counter query in multi-port configuration tun: limit printing rate when illegal packet received by tun dev netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() netfilter: nf_tables: __nft_expr_type_get() selects specific family type Revert "tracing/trigger: Fix to return error if failed to alloc snapshot" kprobes: Fix possible use-after-free issue on kprobe registration selftests/ftrace: Limit length in subsystem-enable tests btrfs: record delayed inode root in transaction x86/apic: Force native_apic_mem_read() to use the MOV instruction selftests: timers: Fix abs() warning in posix_timers test vhost: Add smp_rmb() in vhost_vq_avail_empty() tracing: hide unused ftrace_event_id_fops net/mlx5: Properly link new fs rules into the tree ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr ipv4/route: avoid unused-but-set-variable warning ipv6: fib: hide unused 'pn' variable geneve: fix header validation in geneve[6]_xmit_skb nouveau: fix function cast warning Bluetooth: Fix memory leak in hci_req_sync_complete() batman-adv: Avoid infinite loop trying to resize local TT Conflicts: drivers/net/usb/ax88179_178a.c Change-Id: I73f07cafe3403d98dad2e4a8b34f89cfbd49818c |
||
|
Greg Kroah-Hartman
|
302e1d9773 |
Merge 4.19.316 into android-4.19-stable
Changes in 4.19.316
x86/tsc: Trust initial offset in architectural TSC-adjust MSRs
speakup: Fix sizeof() vs ARRAY_SIZE() bug
ring-buffer: Fix a race between readers and resize checks
net: smc91x: Fix m68k kernel compilation for ColdFire CPU
nilfs2: fix unexpected freezing of nilfs_segctor_sync()
nilfs2: fix potential hang in nilfs_detach_log_writer()
tty: n_gsm: fix possible out-of-bounds in gsm0_receive()
wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class
net: usb: qmi_wwan: add Telit FN920C04 compositions
drm/amd/display: Set color_mgmt_changed to true on unsuspend
ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating
ASoC: dt-bindings: rt5645: add cbj sleeve gpio property
ASoC: da7219-aad: fix usage of device_get_named_child_node()
crypto: bcm - Fix pointer arithmetic
firmware: raspberrypi: Use correct device for DMA mappings
ecryptfs: Fix buffer size for tag 66 packet
nilfs2: fix out-of-range warning
parisc: add missing export of __cmpxchg_u8()
crypto: ccp - Remove forward declaration
crypto: ccp - drop platform ifdef checks
s390/cio: fix tracepoint subchannel type field
jffs2: prevent xattr node from overflowing the eraseblock
null_blk: Fix missing mutex_destroy() at module removal
md: fix resync softlockup when bitmap size is less than array size
power: supply: cros_usbpd: provide ID table for avoiding fallback match
nfsd: drop st_mutex before calling move_to_close_lru()
wifi: ath10k: poll service ready message before failing
x86/boot: Ignore relocations in .notes sections in walk_relocs() too
qed: avoid truncating work queue length
scsi: ufs: qcom: Perform read back after writing reset bit
scsi: ufs: cleanup struct utp_task_req_desc
scsi: ufs: add a low-level __ufshcd_issue_tm_cmd helper
scsi: ufs: core: Perform read back after disabling interrupts
scsi: ufs: core: Perform read back after disabling UIC_COMMAND_COMPL
irqchip/alpine-msi: Fix off-by-one in allocation error path
ACPI: disable -Wstringop-truncation
scsi: libsas: Fix the failure of adding phy with zero-address to port
scsi: hpsa: Fix allocation size for Scsi_Host private data
x86/purgatory: Switch to the position-independent small code model
wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger()
wifi: ath10k: populate board data for WCN3990
macintosh/via-macii: Remove BUG_ON assertions
macintosh/via-macii, macintosh/adb-iop: Clean up whitespace
macintosh/via-macii: Fix "BUG: sleeping function called from invalid context"
wifi: carl9170: add a proper sanity check for endpoints
wifi: ar5523: enable proper endpoint verification
sh: kprobes: Merge arch_copy_kprobe() into arch_prepare_kprobe()
Revert "sh: Handle calling csum_partial with misaligned data"
scsi: bfa: Ensure the copied buf is NUL terminated
scsi: qedf: Ensure the copied buf is NUL terminated
wifi: mwl8k: initialize cmd->addr[] properly
net: usb: sr9700: stop lying about skb->truesize
m68k: Fix spinlock race in kernel thread creation
m68k/mac: Use '030 reset method on SE/30
m68k: mac: Fix reboot hang on Mac IIci
net: ethernet: cortina: Locking fixes
af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg
net: usb: smsc95xx: stop lying about skb->truesize
net: openvswitch: fix overwriting ct original tuple for ICMPv6
ipv6: sr: add missing seg6_local_exit
ipv6: sr: fix incorrect unregister order
ipv6: sr: fix invalid unregister error path
drm/amd/display: Fix potential index out of bounds in color transformation function
mtd: rawnand: hynix: fixed typo
fbdev: shmobile: fix snprintf truncation
drm/mediatek: Add 0 size check to mtk_drm_gem_obj
powerpc/fsl-soc: hide unused const variable
fbdev: sisfb: hide unused variables
media: ngene: Add dvb_ca_en50221_init return value check
media: radio-shark2: Avoid led_names truncations
fbdev: sh7760fb: allow modular build
drm/arm/malidp: fix a possible null pointer dereference
ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value
RDMA/hns: Use complete parentheses in macros
x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map
ext4: avoid excessive credit estimate in ext4_tmpfile()
SUNRPC: Fix gss_free_in_token_pages()
selftests/kcmp: Make the test output consistent and clear
selftests/kcmp: remove unused open mode
RDMA/IPoIB: Fix format truncation compilation errors
netrom: fix possible dead-lock in nr_rt_ioctl()
af_packet: do not call packet_read_pending() from tpacket_destruct_skb()
sched/topology: Don't set SD_BALANCE_WAKE on cpuset domain relax
sched/fair: Allow disabling sched_balance_newidle with sched_relax_domain_level
greybus: lights: check return of get_channel_from_mode
dmaengine: idma64: Add check for dma_set_max_seg_size
firmware: dmi-id: add a release callback function
serial: max3100: Lock port->lock when calling uart_handle_cts_change()
serial: max3100: Update uart_driver_registered on driver removal
serial: max3100: Fix bitwise types
greybus: arche-ctrl: move device table to its right location
microblaze: Remove gcc flag for non existing early_printk.c file
microblaze: Remove early printk call from cpuinfo-static.c
usb: gadget: u_audio: Clear uac pointer when freed.
stm class: Fix a double free in stm_register_device()
ppdev: Remove usage of the deprecated ida_simple_xx() API
ppdev: Add an error check in register_device
extcon: max8997: select IRQ_DOMAIN instead of depending on it
f2fs: add error prints for debugging mount failure
f2fs: fix to release node block count in error path of f2fs_new_node_page()
serial: sh-sci: Extract sci_dma_rx_chan_invalidate()
serial: sh-sci: protect invalidating RXDMA on shutdown
libsubcmd: Fix parse-options memory leak
Input: ims-pcu - fix printf string overflow
Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation
drm/msm/dpu: use kms stored hw mdp block
um: Fix return value in ubd_init()
um: Add winch to winch_handlers before registering winch IRQ
media: stk1160: fix bounds checking in stk1160_copy_video()
powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp
um: Fix the -Wmissing-prototypes warning for __switch_mm
media: cec: cec-adap: always cancel work in cec_transmit_msg_fh
media: cec: cec-api: add locking in cec_release()
null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION()
x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when UNWINDER_FRAME_POINTER=y
nfc: nci: Fix uninit-value in nci_rx_work
ipv6: sr: fix memleak in seg6_hmac_init_algo
params: lift param_set_uint_minmax to common code
tcp: Fix shift-out-of-bounds in dctcp_update_alpha().
openvswitch: Set the skbuff pkt_type for proper pmtud support.
arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY
virtio: delete vq in vp_find_vqs_msix() when request_irq() fails
net: fec: avoid lock evasion when reading pps_enable
nfc: nci: Fix kcov check in nci_rx_work()
nfc: nci: Fix handling of zero-length payload packets in nci_rx_work()
netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()
spi: Don't mark message DMA mapped when no transfer in it is
nvmet: fix ns enable/disable possible hang
net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer exhaustion
dma-buf/sw-sync: don't enable IRQ from sync_print_obj()
enic: Validate length of nl attributes in enic_set_vf_port
smsc95xx: remove redundant function arguments
smsc95xx: use usbnet->driver_priv
net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM
net:fec: Add fec_enet_deinit()
kconfig: fix comparison to constant symbols, 'm', 'n'
ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound
ALSA: timer: Set lower bound of start tick time
genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline
SUNRPC: Fix loop termination condition in gss_free_in_token_pages()
binder: fix max_thread type inconsistency
mmc: core: Do not force a retune before RPMB switch
nilfs2: fix use-after-free of timer for log writer thread
vxlan: Fix regression when dropping packets due to invalid src addresses
neighbour: fix unaligned access to pneigh_entry
ata: pata_legacy: make legacy_exit() work again
arm64: tegra: Correct Tegra132 I2C alias
md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING
wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU
arm64: dts: hi3798cv200: fix the size of GICR
media: mxl5xx: Move xpt structures off stack
media: v4l2-core: hold videodev_lock until dev reg, finishes
fbdev: savage: Handle err return when savagefb_check_var failed
netfilter: nf_tables: pass context to nft_set_destroy()
netfilter: nftables: rename set element data activation/deactivation functions
netfilter: nf_tables: drop map element references from preparation phase
netfilter: nft_set_rbtree: allow loose matching of closing element in interval
netfilter: nft_set_rbtree: Add missing expired checks
netfilter: nft_set_rbtree: Switch to node list walk for overlap detection
netfilter: nft_set_rbtree: fix null deref on element insertion
netfilter: nft_set_rbtree: fix overlap expiration walk
netfilter: nf_tables: don't skip expired elements during walk
netfilter: nf_tables: GC transaction API to avoid race with control plane
netfilter: nf_tables: adapt set backend to use GC transaction API
netfilter: nf_tables: remove busy mark and gc batch API
netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
netfilter: nf_tables: GC transaction race with netns dismantle
netfilter: nf_tables: GC transaction race with abort path
netfilter: nf_tables: defer gc run if previous batch is still pending
netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention
netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
netfilter: nf_tables: fix memleak when more than 255 elements expired
netfilter: nf_tables: unregister flowtable hooks on netns exit
netfilter: nf_tables: double hook unregistration in netns path
netfilter: nftables: update table flags from the commit phase
netfilter: nf_tables: fix table flag updates
netfilter: nf_tables: disable toggling dormant table state more than once
netfilter: nf_tables: bogus EBUSY when deleting flowtable after flush (for 4.19)
netfilter: nft_dynset: fix timeouts later than 23 days
netfilter: nftables: exthdr: fix 4-byte stack OOB write
netfilter: nft_dynset: report EOPNOTSUPP on missing set feature
netfilter: nft_dynset: relax superfluous check on set updates
netfilter: nf_tables: mark newset as dead on transaction abort
netfilter: nf_tables: skip dead set elements in netlink dump
netfilter: nf_tables: validate NFPROTO_* family
netfilter: nft_set_rbtree: skip end interval element from gc
netfilter: nf_tables: set dormant flag on hook register failure
netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate()
netfilter: nf_tables: do not compare internal table flags on updates
netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout
netfilter: nf_tables: reject new basechain after table flag update
netfilter: nf_tables: discard table flag update with pending basechain deletion
KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode
crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak
net/9p: fix uninit-value in p9_client_rpc()
intel_th: pci: Add Meteor Lake-S CPU support
sparc64: Fix number of online CPUs
kdb: Fix buffer overflow during tab-complete
kdb: Use format-strings rather than '\0' injection in kdb_read()
kdb: Fix console handling when editing and tab-completing commands
kdb: Merge identical case statements in kdb_read()
kdb: Use format-specifiers rather than memset() for padding in kdb_read()
net: fix __dst_negative_advice() race
sparc: move struct termio to asm/termios.h
ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find()
s390/ap: Fix crash in AP internal function modify_bitmap()
nfs: fix undefined behavior in nfs_block_bits()
Linux 4.19.316
Change-Id: I51ad6b82ea33614c19b33c26ae939c4a95430d4f
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Daniel Thompson
|
2467f3f182 |
kdb: Use format-specifiers rather than memset() for padding in kdb_read()
commit c9b51ddb66b1d96e4d364c088da0f1dfb004c574 upstream. Currently when the current line should be removed from the display kdb_read() uses memset() to fill a temporary buffer with spaces. The problem is not that this could be trivially implemented using a format string rather than open coding it. The real problem is that it is possible, on systems with a long kdb_prompt_str, to write past the end of the tmpbuffer. Happily, as mentioned above, this can be trivially implemented using a format string. Make it so! Cc: stable@vger.kernel.org Reviewed-by: Douglas Anderson <dianders@chromium.org> Tested-by: Justin Stitt <justinstitt@google.com> Link: https://lore.kernel.org/r/20240424-kgdb_read_refactor-v3-5-f236dbe9828d@linaro.org Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Daniel Thompson
|
4a89182788 |
kdb: Merge identical case statements in kdb_read()
commit 6244917f377bf64719551b58592a02a0336a7439 upstream. The code that handles case 14 (down) and case 16 (up) has been copy and pasted despite being byte-for-byte identical. Combine them. Cc: stable@vger.kernel.org # Not a bug fix but it is needed for later bug fixes Reviewed-by: Douglas Anderson <dianders@chromium.org> Tested-by: Justin Stitt <justinstitt@google.com> Link: https://lore.kernel.org/r/20240424-kgdb_read_refactor-v3-4-f236dbe9828d@linaro.org Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Daniel Thompson
|
21c068c1bb |
kdb: Fix console handling when editing and tab-completing commands
commit db2f9c7dc29114f531df4a425d0867d01e1f1e28 upstream.
Currently, if the cursor position is not at the end of the command buffer
and the user uses the Tab-complete functions, then the console does not
leave the cursor in the correct position.
For example consider the following buffer with the cursor positioned
at the ^:
md kdb_pro 10
^
Pressing tab should result in:
md kdb_prompt_str 10
^
However this does not happen. Instead the cursor is placed at the end
(after then 10) and further cursor movement redraws incorrectly. The
same problem exists when we double-Tab but in a different part of the
code.
Fix this by sending a carriage return and then redisplaying the text to
the left of the cursor.
Cc: stable@vger.kernel.org
Reviewed-by: Douglas Anderson <dianders@chromium.org>
Tested-by: Justin Stitt <justinstitt@google.com>
Link: https://lore.kernel.org/r/20240424-kgdb_read_refactor-v3-3-f236dbe9828d@linaro.org
Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Daniel Thompson
|
4edfbbaca4 |
kdb: Use format-strings rather than '\0' injection in kdb_read()
commit 09b35989421dfd5573f0b4683c7700a7483c71f9 upstream. Currently when kdb_read() needs to reposition the cursor it uses copy and paste code that works by injecting an '\0' at the cursor position before delivering a carriage-return and reprinting the line (which stops at the '\0'). Tidy up the code by hoisting the copy and paste code into an appropriately named function. Additionally let's replace the '\0' injection with a proper field width parameter so that the string will be abridged during formatting instead. Cc: stable@vger.kernel.org # Not a bug fix but it is needed for later bug fixes Tested-by: Justin Stitt <justinstitt@google.com> Reviewed-by: Douglas Anderson <dianders@chromium.org> Link: https://lore.kernel.org/r/20240424-kgdb_read_refactor-v3-2-f236dbe9828d@linaro.org Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Daniel Thompson
|
fb824a99e1 |
kdb: Fix buffer overflow during tab-complete
commit e9730744bf3af04cda23799029342aa3cddbc454 upstream. Currently, when the user attempts symbol completion with the Tab key, kdb will use strncpy() to insert the completed symbol into the command buffer. Unfortunately it passes the size of the source buffer rather than the destination to strncpy() with predictably horrible results. Most obviously if the command buffer is already full but cp, the cursor position, is in the middle of the buffer, then we will write past the end of the supplied buffer. Fix this by replacing the dubious strncpy() calls with memmove()/memcpy() calls plus explicit boundary checks to make sure we have enough space before we start moving characters around. Reported-by: Justin Stitt <justinstitt@google.com> Closes: https://lore.kernel.org/all/CAFhGd8qESuuifuHsNjFPR-Va3P80bxrw+LqvC8deA8GziUJLpw@mail.gmail.com/ Cc: stable@vger.kernel.org Reviewed-by: Douglas Anderson <dianders@chromium.org> Reviewed-by: Justin Stitt <justinstitt@google.com> Tested-by: Justin Stitt <justinstitt@google.com> Link: https://lore.kernel.org/r/20240424-kgdb_read_refactor-v3-1-f236dbe9828d@linaro.org Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Dongli Zhang
|
a40209d355 |
genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline
commit a6c11c0a5235fb144a65e0cb2ffd360ddc1f6c32 upstream.
The absence of IRQD_MOVE_PCNTXT prevents immediate effectiveness of
interrupt affinity reconfiguration via procfs. Instead, the change is
deferred until the next instance of the interrupt being triggered on the
original CPU.
When the interrupt next triggers on the original CPU, the new affinity is
enforced within __irq_move_irq(). A vector is allocated from the new CPU,
but the old vector on the original CPU remains and is not immediately
reclaimed. Instead, apicd->move_in_progress is flagged, and the reclaiming
process is delayed until the next trigger of the interrupt on the new CPU.
Upon the subsequent triggering of the interrupt on the new CPU,
irq_complete_move() adds a task to the old CPU's vector_cleanup list if it
remains online. Subsequently, the timer on the old CPU iterates over its
vector_cleanup list, reclaiming old vectors.
However, a rare scenario arises if the old CPU is outgoing before the
interrupt triggers again on the new CPU.
In that case irq_force_complete_move() is not invoked on the outgoing CPU
to reclaim the old apicd->prev_vector because the interrupt isn't currently
affine to the outgoing CPU, and irq_needs_fixup() returns false. Even
though __vector_schedule_cleanup() is later called on the new CPU, it
doesn't reclaim apicd->prev_vector; instead, it simply resets both
apicd->move_in_progress and apicd->prev_vector to 0.
As a result, the vector remains unreclaimed in vector_matrix, leading to a
CPU vector leak.
To address this issue, move the invocation of irq_force_complete_move()
before the irq_needs_fixup() call to reclaim apicd->prev_vector, if the
interrupt is currently or used to be affine to the outgoing CPU.
Additionally, reclaim the vector in __vector_schedule_cleanup() as well,
following a warning message, although theoretically it should never see
apicd->move_in_progress with apicd->prev_cpu pointing to an offline CPU.
Fixes:
|
||
|
Sagi Grimberg
|
459de98d7a |
params: lift param_set_uint_minmax to common code
[ Upstream commit 2a14c9ae15a38148484a128b84bff7e9ffd90d68 ] It is a useful helper hence move it to common code so others can enjoy it. Suggested-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Chaitanya Kulkarni <chaitanya.kulkarni@wdc.com> Reviewed-by: Hannes Reinecke <hare@suse.com> Signed-off-by: Sagi Grimberg <sagi@grimberg.me> Signed-off-by: Christoph Hellwig <hch@lst.de> Stable-dep-of: 3ebc46ca8675 ("tcp: Fix shift-out-of-bounds in dctcp_update_alpha().") Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Vitalii Bursov
|
454de5ed81 |
sched/fair: Allow disabling sched_balance_newidle with sched_relax_domain_level
[ Upstream commit a1fd0b9d751f840df23ef0e75b691fc00cfd4743 ]
Change relax_domain_level checks so that it would be possible
to include or exclude all domains from newidle balancing.
This matches the behavior described in the documentation:
-1 no request. use system default or follow request of others.
0 no search.
1 search siblings (hyperthreads in a core).
"2" enables levels 0 and 1, level_max excludes the last (level_max)
level, and level_max+1 includes all levels.
Fixes:
|
||
|
Valentin Schneider
|
046daa54c3 |
sched/topology: Don't set SD_BALANCE_WAKE on cpuset domain relax
[ Upstream commit 9ae7ab20b4835dbea0e5fc6a5c70171dc354a72e ]
As pointed out in commit
|
||
|
Petr Pavlu
|
b50932ea67 |
ring-buffer: Fix a race between readers and resize checks
commit c2274b908db05529980ec056359fae916939fdaa upstream.
The reader code in rb_get_reader_page() swaps a new reader page into the
ring buffer by doing cmpxchg on old->list.prev->next to point it to the
new page. Following that, if the operation is successful,
old->list.next->prev gets updated too. This means the underlying
doubly-linked list is temporarily inconsistent, page->prev->next or
page->next->prev might not be equal back to page for some page in the
ring buffer.
The resize operation in ring_buffer_resize() can be invoked in parallel.
It calls rb_check_pages() which can detect the described inconsistency
and stop further tracing:
[ 190.271762] ------------[ cut here ]------------
[ 190.271771] WARNING: CPU: 1 PID: 6186 at kernel/trace/ring_buffer.c:1467 rb_check_pages.isra.0+0x6a/0xa0
[ 190.271789] Modules linked in: [...]
[ 190.271991] Unloaded tainted modules: intel_uncore_frequency(E):1 skx_edac(E):1
[ 190.272002] CPU: 1 PID: 6186 Comm: cmd.sh Kdump: loaded Tainted: G E 6.9.0-rc6-default #5 158d3e1e6d0b091c34c3b96bfd99a1c58306d79f
[ 190.272011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.0-0-gd239552c-rebuilt.opensuse.org 04/01/2014
[ 190.272015] RIP: 0010:rb_check_pages.isra.0+0x6a/0xa0
[ 190.272023] Code: [...]
[ 190.272028] RSP: 0018:ffff9c37463abb70 EFLAGS: 00010206
[ 190.272034] RAX: ffff8eba04b6cb80 RBX: 0000000000000007 RCX: ffff8eba01f13d80
[ 190.272038] RDX: ffff8eba01f130c0 RSI: ffff8eba04b6cd00 RDI: ffff8eba0004c700
[ 190.272042] RBP: ffff8eba0004c700 R08: 0000000000010002 R09: 0000000000000000
[ 190.272045] R10: 00000000ffff7f52 R11: ffff8eba7f600000 R12: ffff8eba0004c720
[ 190.272049] R13: ffff8eba00223a00 R14: 0000000000000008 R15: ffff8eba067a8000
[ 190.272053] FS: 00007f1bd64752c0(0000) GS:ffff8eba7f680000(0000) knlGS:0000000000000000
[ 190.272057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 190.272061] CR2: 00007f1bd6662590 CR3: 000000010291e001 CR4: 0000000000370ef0
[ 190.272070] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 190.272073] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 190.272077] Call Trace:
[ 190.272098] <TASK>
[ 190.272189] ring_buffer_resize+0x2ab/0x460
[ 190.272199] __tracing_resize_ring_buffer.part.0+0x23/0xa0
[ 190.272206] tracing_resize_ring_buffer+0x65/0x90
[ 190.272216] tracing_entries_write+0x74/0xc0
[ 190.272225] vfs_write+0xf5/0x420
[ 190.272248] ksys_write+0x67/0xe0
[ 190.272256] do_syscall_64+0x82/0x170
[ 190.272363] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 190.272373] RIP: 0033:0x7f1bd657d263
[ 190.272381] Code: [...]
[ 190.272385] RSP: 002b:00007ffe72b643f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 190.272391] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f1bd657d263
[ 190.272395] RDX: 0000000000000002 RSI: 0000555a6eb538e0 RDI: 0000000000000001
[ 190.272398] RBP: 0000555a6eb538e0 R08: 000000000000000a R09: 0000000000000000
[ 190.272401] R10: 0000555a6eb55190 R11: 0000000000000246 R12: 00007f1bd6662500
[ 190.272404] R13: 0000000000000002 R14: 00007f1bd6667c00 R15: 0000000000000002
[ 190.272412] </TASK>
[ 190.272414] ---[ end trace 0000000000000000 ]---
Note that ring_buffer_resize() calls rb_check_pages() only if the parent
trace_buffer has recording disabled. Recent commit d78ab792705c
("tracing: Stop current tracer when resizing buffer") causes that it is
now always the case which makes it more likely to experience this issue.
The window to hit this race is nonetheless very small. To help
reproducing it, one can add a delay loop in rb_get_reader_page():
ret = rb_head_page_replace(reader, cpu_buffer->reader_page);
if (!ret)
goto spin;
for (unsigned i = 0; i < 1U << 26; i++) /* inserted delay loop */
__asm__ __volatile__ ("" : : : "memory");
rb_list_head(reader->list.next)->prev = &cpu_buffer->reader_page->list;
.. and then run the following commands on the target system:
echo 1 > /sys/kernel/tracing/events/sched/sched_switch/enable
while true; do
echo 16 > /sys/kernel/tracing/buffer_size_kb; sleep 0.1
echo 8 > /sys/kernel/tracing/buffer_size_kb; sleep 0.1
done &
while true; do
for i in /sys/kernel/tracing/per_cpu/*; do
timeout 0.1 cat $i/trace_pipe; sleep 0.2
done
done
To fix the problem, make sure ring_buffer_resize() doesn't invoke
rb_check_pages() concurrently with a reader operating on the same
ring_buffer_per_cpu by taking its cpu_buffer->reader_lock.
Link: https://lore.kernel.org/linux-trace-kernel/20240517134008.24529-3-petr.pavlu@suse.com
Cc: stable@vger.kernel.org
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Fixes:
|
||
|
Greg Kroah-Hartman
|
8ccbe2083a |
Merge 4.19.315 into android-4.19-stable
Changes in 4.19.315 Revert "selftests: mm: fix map_hugetlb failure on 64K page size systems" dm: limit the number of targets and parameter size area btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() tracing: Simplify creation and deletion of synthetic events tracing: Add unified dynamic event framework tracing: Use dyn_event framework for synthetic events tracing: Remove unneeded synth_event_mutex tracing: Consolidate trace_add/remove_event_call back to the nolock functions string.h: Add str_has_prefix() helper function tracing: Use str_has_prefix() helper for histogram code tracing: Use str_has_prefix() instead of using fixed sizes tracing: Have the historgram use the result of str_has_prefix() for len of prefix tracing: Refactor hist trigger action code tracing: Split up onmatch action data tracing: Generalize hist trigger onmax and save action tracing: Remove unnecessary var_ref destroy in track_data_destroy() serial: kgdboc: Fix NMI-safety problems from keyboard reset code docs: kernel_include.py: Cope with docutils 0.21 Linux 4.19.315 Change-Id: I20fdf3ecd83c6f7654e6118390444de784a0b100 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Tom Zanussi
|
3fe17266db |
tracing: Remove unnecessary var_ref destroy in track_data_destroy()
commit ff9d31d0d46672e201fc9ff59c42f1eef5f00c77 upstream. Commit 656fe2ba85e8 (tracing: Use hist trigger's var_ref array to destroy var_refs) centralized the destruction of all the var_refs in one place so that other code didn't have to do it. The track_data_destroy() added later ignored that and also destroyed the track_data var_ref, causing a double-free error flagged by KASAN. ================================================================== BUG: KASAN: use-after-free in destroy_hist_field+0x30/0x70 Read of size 8 at addr ffff888086df2210 by task bash/1694 CPU: 6 PID: 1694 Comm: bash Not tainted 5.1.0-rc1-test+ #15 Hardware name: Hewlett-Packard HP Compaq Pro 6300 SFF/339A, BIOS K01 v03.03 07/14/2016 Call Trace: dump_stack+0x71/0xa0 ? destroy_hist_field+0x30/0x70 print_address_description.cold.3+0x9/0x1fb ? destroy_hist_field+0x30/0x70 ? destroy_hist_field+0x30/0x70 kasan_report.cold.4+0x1a/0x33 ? __kasan_slab_free+0x100/0x150 ? destroy_hist_field+0x30/0x70 destroy_hist_field+0x30/0x70 track_data_destroy+0x55/0xe0 destroy_hist_data+0x1f0/0x350 hist_unreg_all+0x203/0x220 event_trigger_open+0xbb/0x130 do_dentry_open+0x296/0x700 ? stacktrace_count_trigger+0x30/0x30 ? generic_permission+0x56/0x200 ? __x64_sys_fchdir+0xd0/0xd0 ? inode_permission+0x55/0x200 ? security_inode_permission+0x18/0x60 path_openat+0x633/0x22b0 ? path_lookupat.isra.50+0x420/0x420 ? __kasan_kmalloc.constprop.12+0xc1/0xd0 ? kmem_cache_alloc+0xe5/0x260 ? getname_flags+0x6c/0x2a0 ? do_sys_open+0x149/0x2b0 ? do_syscall_64+0x73/0x1b0 ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 ? _raw_write_lock_bh+0xe0/0xe0 ? __kernel_text_address+0xe/0x30 ? unwind_get_return_address+0x2f/0x50 ? __list_add_valid+0x2d/0x70 ? deactivate_slab.isra.62+0x1f4/0x5a0 ? getname_flags+0x6c/0x2a0 ? set_track+0x76/0x120 do_filp_open+0x11a/0x1a0 ? may_open_dev+0x50/0x50 ? _raw_spin_lock+0x7a/0xd0 ? _raw_write_lock_bh+0xe0/0xe0 ? __alloc_fd+0x10f/0x200 do_sys_open+0x1db/0x2b0 ? filp_open+0x50/0x50 do_syscall_64+0x73/0x1b0 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x7fa7b24a4ca2 Code: 25 00 00 41 00 3d 00 00 41 00 74 4c 48 8d 05 85 7a 0d 00 8b 00 85 c0 75 6d 89 f2 b8 01 01 00 00 48 89 fe bf 9c ff ff ff 0f 05 <48> 3d 00 f0 ff ff 0f 87 a2 00 00 00 48 8b 4c 24 28 64 48 33 0c 25 RSP: 002b:00007fffbafb3af0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 RAX: ffffffffffffffda RBX: 000055d3648ade30 RCX: 00007fa7b24a4ca2 RDX: 0000000000000241 RSI: 000055d364a55240 RDI: 00000000ffffff9c RBP: 00007fffbafb3bf0 R08: 0000000000000020 R09: 0000000000000002 R10: 00000000000001b6 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000003 R14: 0000000000000001 R15: 000055d364a55240 ================================================================== So remove the track_data_destroy() destroy_hist_field() call for that var_ref. Link: http://lkml.kernel.org/r/1deffec420f6a16d11dd8647318d34a66d1989a9.camel@linux.intel.com Fixes: 466f4528fbc69 ("tracing: Generalize hist trigger onmax and save action") Reported-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: Tom Zanussi <tom.zanussi@linux.intel.com> Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: George Guo <guodongtai@kylinos.cn> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Tom Zanussi
|
19ff369680 |
tracing: Generalize hist trigger onmax and save action
commit 466f4528fbc692ea56deca278fa6aeb79e6e8b21 upstream. The action refactor code allowed actions and handlers to be separated, but the existing onmax handler and save action code is still not flexible enough to handle arbitrary coupling. This change generalizes them and in the process makes additional handlers and actions easier to implement. The onmax action can be broken up and thought of as two separate components - a variable to be tracked (the parameter given to the onmax($var_to_track) function) and an invisible variable created to save the ongoing result of doing something with that variable, such as saving the max value of that variable so far seen. Separating it out like this and renaming it appropriately allows us to use the same code for similar tracking functions such as onchange($var_to_track), which would just track the last value seen rather than the max seen so far, which is useful in some situations. Additionally, because different handlers and actions may want to save and access data differently e.g. save and retrieve tracking values as local variables vs something more global, save_val() and get_val() interface functions are introduced and max-specific implementations are used instead. The same goes for the code that checks whether a maximum has been hit - a generic check_val() interface and max-checking implementation is used instead, which allows future patches to make use of he same code using their own implemetations of similar functionality. Link: http://lkml.kernel.org/r/980ea73dd8e3f36db3d646f99652f8fed42b77d4.1550100284.git.tom.zanussi@linux.intel.com Signed-off-by: Tom Zanussi <tom.zanussi@linux.intel.com> Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: George Guo <guodongtai@kylinos.cn> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Tom Zanussi
|
93b9409a08 |
tracing: Split up onmatch action data
commit c3e49506a0f426a850675e39419879214060ca8b upstream. Currently, the onmatch action data binds the onmatch action to data related to synthetic event generation. Since we want to allow the onmatch handler to potentially invoke a different action, and because we expect other handlers to generate synthetic events, we need to separate the data related to these two functions. Also rename the onmatch data to something more descriptive, and create and use common action data destroy function. Link: http://lkml.kernel.org/r/b9abbf9aae69fe3920cdc8ddbcaad544dd258d78.1550100284.git.tom.zanussi@linux.intel.com Signed-off-by: Tom Zanussi <tom.zanussi@linux.intel.com> Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: George Guo <guodongtai@kylinos.cn> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Tom Zanussi
|
5dc8fe9c75 |
tracing: Refactor hist trigger action code
commit 7d18a10c316783357fb1b2b649cfcf97c70a7bee upstream. The hist trigger action code currently implements two essentially hard-coded pairs of 'actions' - onmax(), which tracks a variable and saves some event fields when a max is hit, and onmatch(), which is hard-coded to generate a synthetic event. These hardcoded pairs (track max/save fields and detect match/generate synthetic event) should really be decoupled into separate components that can then be arbitrarily combined. The first component of each pair (track max/detect match) is called a 'handler' in the new code, while the second component (save fields/generate synthetic event) is called an 'action' in this scheme. This change refactors the action code to reflect this split by adding two handlers, HANDLER_ONMATCH and HANDLER_ONMAX, along with two actions, ACTION_SAVE and ACTION_TRACE. The new code combines them to produce the existing ONMATCH/TRACE and ONMAX/SAVE functionality, but doesn't implement the other combinations now possible. Future patches will expand these to further useful cases, such as ONMAX/TRACE, as well as add additional handlers and actions such as ONCHANGE and SNAPSHOT. Also, add abbreviated documentation for handlers and actions to README. Link: http://lkml.kernel.org/r/98bfdd48c1b4ff29fc5766442f99f5bc3c34b76b.1550100284.git.tom.zanussi@linux.intel.com Signed-off-by: Tom Zanussi <tom.zanussi@linux.intel.com> Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: George Guo <guodongtai@kylinos.cn> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Steven Rostedt (VMware)
|
647c999c9e |
tracing: Have the historgram use the result of str_has_prefix() for len of prefix
commit 036876fa56204ae0fa59045bd6bbb2691a060633 upstream. As str_has_prefix() returns the length on match, we can use that for the updating of the string pointer instead of recalculating the prefix size. Cc: Tom Zanussi <zanussi@kernel.org> Acked-by: Namhyung Kim <namhyung@kernel.org> Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: George Guo <guodongtai@kylinos.cn> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Steven Rostedt (VMware)
|
b2aba66d31 |
tracing: Use str_has_prefix() instead of using fixed sizes
commit b6b2735514bcd70ad1556a33892a636b20ece671 upstream. There are several instances of strncmp(str, "const", 123), where 123 is the strlen of the const string to check if "const" is the prefix of str. But this can be error prone. Use str_has_prefix() instead. Acked-by: Namhyung Kim <namhyung@kernel.org> Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: George Guo <guodongtai@kylinos.cn> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Steven Rostedt (VMware)
|
03aacb9039 |
tracing: Use str_has_prefix() helper for histogram code
commit 754481e6954cbef53f8bc4412ad48dde611e21d3 upstream.
The tracing histogram code contains a lot of instances of the construct:
strncmp(str, "const", sizeof("const") - 1)
This can be prone to bugs due to typos or bad cut and paste. Use the
str_has_prefix() helper macro instead that removes the need for having two
copies of the constant string.
Cc: Tom Zanussi <tom.zanussi@linux.intel.com>
Acked-by: Namhyung Kim <namhyung@kernel.org>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: George Guo <guodongtai@kylinos.cn>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Steven Rostedt (VMware)
|
13b957b785 |
tracing: Consolidate trace_add/remove_event_call back to the nolock functions
commit 7e1413edd6194a9807aa5f3ac0378b9b4b9da879 upstream. The trace_add/remove_event_call_nolock() functions were added to allow the tace_add/remove_event_call() code be called when the event_mutex lock was already taken. Now that all callers are done within the event_mutex, there's no reason to have two different interfaces. Remove the current wrapper trace_add/remove_event_call()s and rename the _nolock versions back to the original names. Link: http://lkml.kernel.org/r/154140866955.17322.2081425494660638846.stgit@devbox Acked-by: Masami Hiramatsu <mhiramat@kernel.org> Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: George Guo <guodongtai@kylinos.cn> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Masami Hiramatsu
|
8f7139ab2b |
tracing: Remove unneeded synth_event_mutex
commit 0e2b81f7b52a1c1a8c46986f9ca01eb7b3c421f8 upstream. Rmove unneeded synth_event_mutex. This mutex protects the reference count in synth_event, however, those operational points are already protected by event_mutex. 1. In __create_synth_event() and create_or_delete_synth_event(), those synth_event_mutex clearly obtained right after event_mutex. 2. event_hist_trigger_func() is trigger_hist_cmd.func() which is called by trigger_process_regex(), which is a part of event_trigger_regex_write() and this function takes event_mutex. 3. hist_unreg_all() is trigger_hist_cmd.unreg_all() which is called by event_trigger_regex_open() and it takes event_mutex. 4. onmatch_destroy() and onmatch_create() have long call tree, but both are finally invoked from event_trigger_regex_write() and event_trace_del_tracer(), former takes event_mutex, and latter ensures called under event_mutex locked. Finally, I ensured there is no resource conflict. For safety, I added lockdep_assert_held(&event_mutex) for each function. Link: http://lkml.kernel.org/r/154140864134.17322.4796059721306031894.stgit@devbox Reviewed-by: Tom Zanussi <tom.zanussi@linux.intel.com> Tested-by: Tom Zanussi <tom.zanussi@linux.intel.com> Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org> Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: George Guo <guodongtai@kylinos.cn> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Masami Hiramatsu
|
73b24eeb0e |
tracing: Use dyn_event framework for synthetic events
commit 7bbab38d07f3185fddf6fce126e2239010efdfce upstream. Use dyn_event framework for synthetic events. This shows synthetic events on "tracing/dynamic_events" file in addition to tracing/synthetic_events interface. User can also define new events via tracing/dynamic_events with "s:" prefix. So, the new syntax is below; s:[synthetic/]EVENT_NAME TYPE ARG; [TYPE ARG;]... To remove events via tracing/dynamic_events, you can use "-:" prefix as same as other events. Link: http://lkml.kernel.org/r/154140861301.17322.15454611233735614508.stgit@devbox Reviewed-by: Tom Zanussi <tom.zanussi@linux.intel.com> Tested-by: Tom Zanussi <tom.zanussi@linux.intel.com> Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org> Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: George Guo <guodongtai@kylinos.cn> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Masami Hiramatsu
|
7d00580499 |
tracing: Add unified dynamic event framework
commit 5448d44c38557fc15d1c53b608a9c9f0e1ca8f86 upstream. Add unified dynamic event framework for ftrace kprobes, uprobes and synthetic events. Those dynamic events can be co-exist on same file because those syntax doesn't overlap. This introduces a framework part which provides a unified tracefs interface and operations. Link: http://lkml.kernel.org/r/154140852824.17322.12250362185969352095.stgit@devbox Reviewed-by: Tom Zanussi <tom.zanussi@linux.intel.com> Tested-by: Tom Zanussi <tom.zanussi@linux.intel.com> Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org> Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: George Guo <guodongtai@kylinos.cn> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Masami Hiramatsu
|
e57b1e9a69 |
tracing: Simplify creation and deletion of synthetic events
commit faacb361f271be4baf2d807e2eeaba87e059225f upstream. Since the event_mutex and synth_event_mutex ordering issue is gone, we can skip existing event check when adding or deleting events, and some redundant code in error path. This changes release_all_synth_events() to abort the process when it hits any error and returns the error code. It succeeds only if it has no error. Link: http://lkml.kernel.org/r/154140847194.17322.17960275728005067803.stgit@devbox Reviewed-by: Tom Zanussi <tom.zanussi@linux.intel.com> Tested-by: Tom Zanussi <tom.zanussi@linux.intel.com> Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org> Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: George Guo <guodongtai@kylinos.cn> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Sebastiano Barezzi
|
f3d39dae32 |
Merge remote-tracking branch 'qcom_sm8250/lineage-20' into lineage-20
Change-Id: I4b52f660c586a3f9a7393cbff534ff35e83fc1a3 |
||
|
Michael Bestas
|
e8e6720b34 |
Merge tag 'ASB-2024-05-05_4.19-stable' of https://android.googlesource.com/kernel/common into android13-4.19-kona
https://source.android.com/docs/security/bulletin/2024-05-01 CVE-2023-4622 * tag 'ASB-2024-05-05_4.19-stable' of https://android.googlesource.com/kernel/common: Revert "timers: Rename del_timer_sync() to timer_delete_sync()" Revert "geneve: make sure to pull inner header in geneve_rx()" Linux 4.19.312 amdkfd: use calloc instead of kzalloc to avoid integer overflow initramfs: fix populate_initrd_image() section mismatch ip_gre: do not report erspan version on GRE interface erspan: Check IFLA_GRE_ERSPAN_VER is set. VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() Bluetooth: btintel: Fixe build regression x86/mm/pat: fix VM_PAT handling in COW mappings virtio: reenable config if freezing device failed drm/vkms: call drm_atomic_helper_shutdown before drm_dev_put() tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc fbmon: prevent division by zero in fb_videomode_from_videomode() fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined tools: iio: replace seekdir() in iio_generic_buffer ktest: force $buildonly = 1 for 'make_warnings_file' test type Input: allocate keycode for Display refresh rate toggle block: prevent division by zero in blk_rq_stat_sum() SUNRPC: increase size of rpc_wait_queue.qlen from unsigned short to unsigned int drm/amd/display: Fix nanosec stat overflow media: sta2x11: fix irq handler cast isofs: handle CDs with bad root inode but good Joliet root directory scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() sysv: don't call sb_bread() with pointers_lock held Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails Bluetooth: btintel: Fix null ptr deref in btintel_read_version btrfs: send: handle path ref underflow in header iterate_inode_ref() btrfs: export: handle invalid inode or root reference in btrfs_get_parent() btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() tools/power x86_energy_perf_policy: Fix file leak in get_pkg_num() arm64: dts: rockchip: fix rk3399 hdmi ports node VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() wifi: ath9k: fix LNA selection in ath_ant_try_scan() ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone ata: sata_mv: Fix PCI device ID table declaration compilation warning ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw erspan: make sure erspan_base_hdr is present in skb->head erspan: Add type I version 0 support. init: open /initrd.image with O_LARGEFILE initramfs: switch initramfs unpacking to struct file based APIs fs: add a vfs_fchmod helper fs: add a vfs_fchown helper initramfs: factor out a helper to populate the initrd image staging: vc04_services: fix information leak in create_component() staging: vc04_services: changen strncpy() to strscpy_pad() staging: mmal-vchiq: Fix client_component for 64 bit kernel staging: mmal-vchiq: Allocate and free components as required staging: mmal-vchiq: Avoid use of bool in structures i40e: fix vf may be used uninitialized in this function warning ipv6: Fix infinite recursion in fib6_dump_done(). selftests: reuseaddr_conflict: add missing new line at the end of the output net: stmmac: fix rx queue priority assignment net/sched: act_skbmod: prevent kernel-infoleak netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() mm, vmscan: prevent infinite loop for costly GFP_NOIO | __GFP_RETRY_MAYFAIL allocations Revert "x86/mm/ident_map: Use gbpages only where full GB page should be mapped." net/rds: fix possible cp null dereference netfilter: nf_tables: disallow timeout for anonymous sets Bluetooth: Fix TOCTOU in HCI debugfs implementation Bluetooth: hci_event: set the conn encrypted before conn establishes r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d tcp: properly terminate timers for kernel sockets mptcp: add sk_stop_timer_sync helper nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet USB: core: Fix deadlock in usb_deauthorize_interface() scsi: lpfc: Correct size for wqe for memset() x86/cpu: Enable STIBP on AMD if Automatic IBRS is enabled scsi: qla2xxx: Fix command flush on cable pull usb: udc: remove warning when queue disabled ep usb: dwc2: gadget: LPM flow fix usb: dwc2: host: Fix ISOC flow in DDMA mode usb: dwc2: host: Fix hibernation flow usb: dwc2: host: Fix remote wakeup from hibernation loop: loop_set_status_from_info() check before assignment loop: Check for overflow while configuring loop loop: Factor out configuring loop from status powerpc: xor_vmx: Add '-mhard-float' to CFLAGS efivarfs: Request at most 512 bytes for variable names perf/core: Fix reentry problem in perf_output_read_group() loop: properly observe rotational flag of underlying device loop: Refactor loop_set_status() size calculation loop: Factor out setting loop device size loop: Remove sector_t truncation checks loop: Call loop_config_discard() only after new config is applied Revert "loop: Check for overflow while configuring loop" btrfs: allocate btrfs_ioctl_defrag_range_args on stack printk: Update @console_may_schedule in console_trylock_spinning() fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs usb: cdc-wdm: close race between read and workqueue exec: Fix NOMMU linux_binprm::exec in transfer_args_to_stack() wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes mm/migrate: set swap entry values of THP tail pages properly. mm/memory-failure: fix an incorrect use of tail pages vt: fix memory overlapping when deleting chars in the buffer vt: fix unicode buffer corruption when deleting characters tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled usb: port: Don't try to peer unused USB ports based on location usb: gadget: ncm: Fix handling of zero block length packets USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command ALSA: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897 platform xfrm: Avoid clang fortify warning in copy_to_user_tmpl() netfilter: nf_tables: reject constant set with timeout netfilter: nf_tables: disallow anonymous set with timeout flag comedi: comedi_test: Prevent timers rescheduling during deletion ahci: asm1064: asm1166: don't limit reported ports ahci: asm1064: correct count of reported ports x86/CPU/AMD: Update the Zenbleed microcode revisions nilfs2: prevent kernel bug at submit_bh_wbc() nilfs2: use a more common logging style nilfs2: fix failure to detect DAT corruption in btree and direct mappings memtest: use {READ,WRITE}_ONCE in memory scanning drm/vc4: hdmi: do not return negative values from .get_modes() drm/imx/ipuv3: do not return negative values from .get_modes() s390/zcrypt: fix reference counting on zcrypt card objects soc: fsl: qbman: Use raw spinlock for cgr_lock soc: fsl: qbman: Add CGR update function soc: fsl: qbman: Add helper for sanity checking cgr ops soc: fsl: qbman: Always disable interrupts when taking cgr_lock vfio/platform: Disable virqfds on cleanup kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1 speakup: Fix 8bit characters from direct synth slimbus: core: Remove usage of the deprecated ida_simple_xx() API ext4: fix corruption during on-line resize hwmon: (amc6821) add of_match table mmc: core: Fix switch on gp3 partition dm-raid: fix lockdep waring in "pers->hot_add_disk" Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"" PCI/PM: Drain runtime-idle callbacks before driver removal PCI: Drop pci_device_remove() test of pci_dev->driver fuse: don't unhash root mmc: tmio: avoid concurrent runs of mmc_request_done() PM: sleep: wakeirq: fix wake irq warning in system suspend USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M USB: serial: option: add MeiG Smart SLM320 product USB: serial: cp210x: add ID for MGP Instruments PDS100 USB: serial: add device ID for VeriFone adapter USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB powerpc/fsl: Fix mfpmr build errors with newer binutils clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays PM: suspend: Set mem_sleep_current during kernel command line setup parisc: Strip upper 32 bit of sum in csum_ipv6_magic for 64-bit builds parisc: Fix csum_ipv6_magic on 64-bit systems parisc: Fix csum_ipv6_magic on 32-bit systems parisc: Fix ip_fast_csum parisc: Do not hardcode registers in checksum functions ubi: correct the calculation of fastmap size ubi: Check for too small LEB size in VTBL code ubifs: Set page uptodate in the correct place fat: fix uninitialized field in nostale filehandles crypto: qat - resolve race condition during AER recovery crypto: qat - fix double free during reset sparc: vDSO: fix return value of __setup handler sparc64: NMI watchdog: fix return value of __setup handler KVM: Always flush async #PF workqueue when vCPU is being destroyed media: xc4000: Fix atomicity violation in xc4000_get_frequency arm: dts: marvell: Fix maxium->maxim typo in brownstone dts ARM: dts: mmp2-brownstone: Don't redeclare phandle references smack: Handle SMACK64TRANSMUTE in smack_inode_setsecurity() smack: Set SMACK64TRANSMUTE only for dirs in smack_inode_setxattr() wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach timers: Rename del_timer_sync() to timer_delete_sync() timers: Use del_timer_sync() even on UP timers: Update kernel-doc for various functions timers: Prepare support for PREEMPT_RT timer/trace: Improve timer tracing timer/trace: Replace deprecated vsprintf pointer extension %pf by %ps x86/bugs: Use sysfs_emit() x86/cpu: Support AMD Automatic IBRS Documentation/hw-vuln: Update spectre doc Linux 4.19.311 crypto: af_alg - Work around empty control messages without MSG_MORE crypto: af_alg - Fix regression on empty requests spi: spi-mt65xx: Fix NULL pointer access in interrupt handler net/bnx2x: Prevent access to a freed page in page_pool hsr: Handle failures in module init rds: introduce acquire/release ordering in acquire/release_in_xmit() hsr: Fix uninit-value access in hsr_get_node() net: hsr: fix placement of logical operator in a multi-line statement usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin staging: greybus: fix get_channel_from_mode() failure path serial: 8250_exar: Don't remove GPIO device on suspend rtc: mt6397: select IRQ_DOMAIN instead of depending on it kconfig: fix infinite loop when expanding a macro at the end of file tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT serial: max310x: fix syntax error in IRQ error message clk: qcom: gdsc: Add support to update GDSC transition delay NFS: Fix an off by one in root_nfs_cat() net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn scsi: csiostor: Avoid function pointer casts ALSA: usb-audio: Stop parsing channels bits when all channels are found. sparc32: Fix section mismatch in leon_pci_grpci backlight: lp8788: Fully initialize backlight_properties during probe backlight: lm3639: Fully initialize backlight_properties during probe backlight: da9052: Fully initialize backlight_properties during probe backlight: lm3630a: Don't set bl->props.brightness in get_brightness backlight: lm3630a: Initialize backlight_properties on init powerpc/embedded6xx: Fix no previous prototype for avr_uart_send() etc. powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip media: go7007: fix a memleak in go7007_load_encoder media: dvb-frontends: avoid stack overflow warnings with clang media: pvrusb2: fix uaf in pvr2_context_set_notify drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int() ASoC: meson: axg-tdm-interface: fix mclk setup without mclk-fs mtd: rawnand: lpc32xx_mlc: fix irq handler prototype crypto: arm/sha - fix function cast warnings crypto: arm - Rename functions to avoid conflict with crypto/sha256.h mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref drm/tegra: put drm_gem_object ref on error in tegra_fb_create clk: hisilicon: hi3519: Release the correct number of gates in hi3519_clk_unregister() PCI: Mark 3ware-9650SE Root Port Extended Tags as broken drm/mediatek: dsi: Fix DSI RGB666 formats and definitions clk: qcom: dispcc-sdm845: Adjust internal GDSC wait times firmware: qcom: scm: Add WLAN VMID for Qualcomm SCM interface media: pvrusb2: fix pvr2_stream_callback casts media: go7007: add check of return value of go7007_read_addr() ALSA: seq: fix function cast warnings drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode() perf thread_map: Free strlist on normal path in thread_map__new_by_tid_str() quota: Fix rcu annotations of inode dquot pointers quota: Fix potential NULL pointer dereference quota: simplify drop_dquot_ref() quota: check time limit when back out space/inode change fs/quota: erase unused but set variable warning quota: code cleanup for __dquot_alloc_space() clk: qcom: reset: Ensure write completion on reset de/assertion clk: qcom: reset: Commonize the de/assert functions clk: qcom: reset: support resetting multiple bits clk: qcom: reset: Allow specifying custom reset delay media: edia: dvbdev: fix a use-after-free media: dvb-core: Fix use-after-free due to race at dvb_register_device() media: dvbdev: fix error logic at dvb_register_device() media: dvbdev: Fix memleak in dvb_register_device media: media/dvb: Use kmemdup rather than duplicating its implementation media: dvbdev: remove double-unlock media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity media: v4l2-tpg: fix some memleaks in tpg_alloc media: em28xx: annotate unchecked call to media_device_register() ABI: sysfs-bus-pci-devices-aer_stats uses an invalid tag perf evsel: Fix duplicate initialization of data->id in evsel__parse_sample() media: tc358743: register v4l2 async device only after successful setup drm/rockchip: lvds: do not print scary message when probing defer drm/rockchip: lvds: do not overwrite error code drm: Don't treat 0 as -1 in drm_fixp2int_ceil drm/rockchip: inno_hdmi: Fix video timing drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path of tegra_dsi_probe() drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe() drm/tegra: dsi: Make use of the helper function dev_err_probe() gpu: host1x: mipi: Update tegra_mipi_request() to be node based drm/tegra: dsi: Add missing check for of_find_device_by_node dm: call the resume method on internal suspend dm raid: fix false positive for requeue needed during reshape nfp: flower: handle acti_netdevs allocation failure net/x25: fix incorrect parameter validation in the x25_getsockopt() function net: kcm: fix incorrect parameter validation in the kcm_getsockopt) function udp: fix incorrect parameter validation in the udp_lib_getsockopt() function l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function ipv6: fib6_rules: flush route cache when rule is changed bpf: Fix stackmap overflow check on 32-bit arches bpf: Fix hashtab overflow check on 32-bit arches sr9800: Add check for usbnet_get_endpoints Bluetooth: hci_core: Fix possible buffer overflow Bluetooth: Remove superfluous call to hci_conn_check_pending() igb: Fix missing time sync events igb: move PEROUT and EXTTS isr logic to separate functions mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove function SUNRPC: fix some memleaks in gssx_dec_option_array x86, relocs: Ignore relocations in .notes section ACPI: scan: Fix device check notification handling ARM: dts: arm: realview: Fix development chip ROM compatible value wifi: brcmsmac: avoid function pointer casts iommu/amd: Mark interrupt as managed bus: tegra-aconnect: Update dependency to ARCH_TEGRA ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() af_unix: Annotate data-race of gc_in_progress in wait_for_unix_gc(). sock_diag: annotate data-races around sock_diag_handlers[family] wifi: mwifiex: debugfs: Drop unnecessary error check for debugfs_create_dir() wifi: b43: Disable QoS for bcm4331 wifi: b43: Stop correct queue in DMA worker when QoS is disabled b43: main: Fix use true/false for bool type wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled b43: dma: Fix use true/false for bool type variable wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() timekeeping: Fix cross-timestamp interpolation for non-x86 timekeeping: Fix cross-timestamp interpolation corner case decision timekeeping: Fix cross-timestamp interpolation on counter wrap aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts md: Don't clear MD_CLOSING when the raid is about to stop md: implement ->set_read_only to hook into BLKROSET processing block: add a new set_read_only method md: switch to ->check_events for media change notifications fs/select: rework stack allocation hack for clang do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak crypto: algif_aead - Only wake up when ctx->more is zero crypto: af_alg - make some functions static crypto: algif_aead - fix uninitialized ctx->init ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC Input: gpio_keys_polled - suppress deferred probe error for gpio ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet firewire: core: use long bus reset on gap count error Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security scsi: mpt3sas: Prevent sending diag_reset when the controller is ready dm-verity, dm-crypt: align "struct bvec_iter" correctly block: sed-opal: handle empty atoms when parsing response net/iucv: fix the allocation size of iucv_path_table array MIPS: Clear Cause.BD in instruction_pointer_set x86/xen: Add some null pointer checking to smp.c ASoC: rt5645: Make LattePanda board DMI match more precise Linux 4.19.310 selftests/vm: fix map_hugetlb length used for testing read and write selftests/vm: fix display of page size in map_hugetlb getrusage: use sig->stats_lock rather than lock_task_sighand() getrusage: use __for_each_thread() getrusage: move thread_group_cputime_adjusted() outside of lock_task_sighand() getrusage: add the "signal_struct *sig" local variable y2038: rusage: use __kernel_old_timeval hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed hv_netvsc: use netif_is_bond_master() instead of open code hv_netvsc: Make netvsc/VF binding check both MAC and serial number Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU um: allow not setting extra rpaths in the linux binary selftests: mm: fix map_hugetlb failure on 64K page size systems tools/selftest/vm: allow choosing mem size and page size in map_hugetlb btrfs: ref-verify: free ref cache before clearing mount opt netrom: Fix data-races around sysctl_net_busy_read netrom: Fix a data-race around sysctl_netrom_link_fails_count netrom: Fix a data-race around sysctl_netrom_routing_control netrom: Fix a data-race around sysctl_netrom_transport_no_activity_timeout netrom: Fix a data-race around sysctl_netrom_transport_requested_window_size netrom: Fix a data-race around sysctl_netrom_transport_busy_delay netrom: Fix a data-race around sysctl_netrom_transport_acknowledge_delay netrom: Fix a data-race around sysctl_netrom_transport_maximum_tries netrom: Fix a data-race around sysctl_netrom_transport_timeout netrom: Fix data-races around sysctl_netrom_network_ttl_initialiser netrom: Fix a data-race around sysctl_netrom_obsolescence_count_initialiser netrom: Fix a data-race around sysctl_netrom_default_path_quality netfilter: nf_conntrack_h323: Add protection for bmp length out of range net/rds: fix WARNING in rds_conn_connect_if_down net/ipv6: avoid possible UAF in ip6_route_mpath_notify() geneve: make sure to pull inner header in geneve_rx() net: move definition of pcpu_lstats to header file net: lan78xx: fix runtime PM count underflow on link stop lan78xx: Fix race conditions in suspend/resume handling lan78xx: Fix partial packet errors on suspend/resume lan78xx: Add missing return code checks lan78xx: Fix white space and style issues net: usb: lan78xx: Remove lots of set but unused 'ret' variables Linux 4.19.309 gpio: 74x164: Enable output pins after registers are reset cachefiles: fix memory leak in cachefiles_add_cache() mmc: core: Fix eMMC initialization with 1-bit bus connection btrfs: dev-replace: properly validate device names wifi: nl80211: reject iftype change with mesh ID change gtp: fix use-after-free and null-ptr-deref in gtp_newlink() ALSA: Drop leftover snd-rtctimer stuff from Makefile power: supply: bq27xxx-i2c: Do not free non existing IRQ efi/capsule-loader: fix incorrect allocation size Bluetooth: Enforce validation on max value of connection interval Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST Bluetooth: Avoid potential use-after-free in hci_error_reset net: usb: dm9601: fix wrong return value in dm9601_mdio_read lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected tun: Fix xdp_rxq_info's queue_index when detaching netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter Linux 4.19.308 scripts/bpf: Fix xdp_md forward declaration typo fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() PCI/MSI: Prevent MSI hardware interrupt number truncation s390: use the correct count for __iowrite64_copy() packet: move from strlcpy with unused retval to strscpy ipv6: sr: fix possible use-after-free and null-ptr-deref nouveau: fix function cast warnings scsi: jazz_esp: Only build if SCSI core is builtin bpf, scripts: Correct GPL license name scripts/bpf: teach bpf_helpers_doc.py to dump BPF helper definitions RDMA/srpt: fix function pointer cast warnings RDMA/srpt: Make debug output more detailed RDMA/ulp: Use dev_name instead of ibdev->name RDMA/srpt: Support specifying the srpt_service_guid parameter RDMA/bnxt_re: Return error for SRQ resize IB/hfi1: Fix a memleak in init_credit_return usb: roles: don't get/set_role() when usb_role_switch is unregistered usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs ARM: ep93xx: Add terminator to gpiod_lookup_table l2tp: pass correct message length to ip6_append_data gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() dm-crypt: don't modify the data when using authenticated encryption mm: memcontrol: switch to rcu protection in drain_all_stock() IB/hfi1: Fix sdma.h tx->num_descs off-by-one error pmdomain: renesas: r8a77980-sysc: CR7 must be always on s390/qeth: Fix potential loss of L3-IP@ in case of network issues virtio-blk: Ensure no requests in virtqueues before deleting vqs. firewire: core: send bus reset promptly on gap count error hwmon: (coretemp) Enlarge per package core count limit regulator: pwm-regulator: Add validity checks in continuous .get_voltage ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() ahci: asm1166: correct count of reported ports fbdev: sis: Error out if pixclock equals zero fbdev: savage: Error out if pixclock equals zero wifi: mac80211: fix race condition on enabling fast-xmit wifi: cfg80211: fix missing interfaces when dumping dmaengine: shdma: increase size of 'dev_id' scsi: target: core: Add TMF to tmr_list handling sched/rt: Disallow writing invalid values to sched_rt_period_us sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset sched/rt: Fix sysctl_sched_rr_timeslice intial value userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb nilfs2: replace WARN_ONs for invalid DAT metadata block requests memcg: add refcnt for pcpu stock to avoid UAF problem in drain_all_stock() net: stmmac: fix notifier registration stmmac: no need to check return value of debugfs_create functions net/sched: Retire dsmark qdisc net/sched: Retire ATM qdisc net/sched: Retire CBQ qdisc Linux 4.19.307 netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() lsm: new security_file_ioctl_compat() hook nilfs2: fix potential bug in end_buffer_async_write sched/membarrier: reduce the ability to hammer on sys_membarrier Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d" pmdomain: core: Move the unused cleanup to a _sync initcall irqchip/irq-brcmstb-l2: Add write memory barrier before exit nfp: use correct macro for LengthSelect in BAR config nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() nilfs2: fix data corruption in dsync block recovery for small block sizes ALSA: hda/conexant: Add quirk for SWS JS201D x86/mm/ident_map: Use gbpages only where full GB page should be mapped. x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 serial: max310x: improve crystal stable clock detection serial: max310x: set default value when reading clock ready bit ring-buffer: Clean ring_buffer_poll_wait() error return staging: iio: ad5933: fix type mismatch regression ext4: fix double-free of blocks due to wrong extents moved_len binder: signal epoll threads of self-work xen-netback: properly sync TX responses nfc: nci: free rx_data_reassembly skb on NCI device cleanup firewire: core: correct documentation of fw_csr_string() kernel API scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" usb: f_mass_storage: forbid async queue when shutdown happen USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT HID: wacom: Do not register input devices until after hid_hw_start HID: wacom: generic: Avoid reporting a serial of '0' to userspace mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again tracing/trigger: Fix to return error if failed to alloc snapshot i40e: Fix waiting for queues of all VSIs to be disabled MIPS: Add 'memory' clobber to csum_ipv6_magic() inline assembler net: sysfs: Fix /sys/class/net/<iface> path for statistics Documentation: net-sysfs: describe missing statistics ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work() spi: ppc4xx: Drop write-only variable btrfs: send: return EOPNOTSUPP on unknown flags btrfs: forbid creating subvol qgroups hrtimer: Report offline hrtimer enqueue vhost: use kzalloc() instead of kmalloc() followed by memset() Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID USB: serial: cp210x: add ID for IMST iM871A-USB USB: serial: option: add Fibocom FM101-GL variant USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e net/af_iucv: clean up a try_then_request_module() netfilter: nft_compat: restrict match/target protocol to u16 netfilter: nft_compat: reject unused compat flag ppp_async: limit MRU to 64K tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() rxrpc: Fix response to PING RESPONSE ACKs to a dead call inet: read sk->sk_family once in inet_recv_error() hwmon: (coretemp) Fix bogus core_id to attr name mapping hwmon: (coretemp) Fix out-of-bounds memory access hwmon: (aspeed-pwm-tacho) mutex for tach reading atm: idt77252: fix a memleak in open_card_ubr0 phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV bonding: remove print in bond_verify_device_path HID: apple: Add 2021 magic keyboard FN key mapping HID: apple: Swap the Fn and Left Control keys on Apple keyboards HID: apple: Add support for the 2021 Magic Keyboard net: sysfs: Fix /sys/class/net/<iface> path af_unix: fix lockdep positive in sk_diag_dump_icons() net: ipv4: fix a memleak in ip_setup_cork netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger llc: call sock_orphan() at release time ipv6: Ensure natural alignment of const ipv6 loopback and router addresses ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550() ixgbe: Refactor overtemp event handling ixgbe: Refactor returning internal error codes ixgbe: Remove non-inclusive language net: remove unneeded break scsi: isci: Fix an error code problem in isci_io_request_build() wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' ceph: fix deadlock or deadcode of misusing dget() blk-mq: fix IO hang from sbitmap wakeup race virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a region of size 10" warnings libsubcmd: Fix memory leak in uniq() usb: hub: Replace hardcoded quirk value with BIT() macro PCI: Only override AMD USB controller if required mfd: ti_am335x_tscadc: Fix TI SoC dependencies um: net: Fix return type of uml_net_start_xmit() um: Don't use vfprintf() for os_info() um: Fix naming clash between UML and scheduler leds: trigger: panic: Don't register panic notifier if creating the trigger failed drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' drm/amdgpu: Let KFD sync with VM fences clk: mmp: pxa168: Fix memory leak in pxa168_clk_init() clk: hi3620: Fix memory leak in hi3620_mmc_clk_init() drm/msm/dpu: Ratelimit framedone timeout msgs media: ddbridge: fix an error code problem in ddb_probe IB/ipoib: Fix mcast list locking drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time ALSA: hda: Intel: add HDA_ARL PCI ID support PCI: add INTEL_HDA_ARL to pci_ids.h media: rockchip: rga: fix swizzling for RGB formats media: stk1160: Fixed high volume of stk1160_dbg messages drm/mipi-dsi: Fix detach call without attach drm/framebuffer: Fix use of uninitialized variable drm/drm_file: fix use of uninitialized variable RDMA/IPoIB: Fix error code return in ipoib_mcast_join fast_dput(): handle underflows gracefully ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument f2fs: fix to check return value of f2fs_reserve_new_block() wifi: cfg80211: free beacon_ies when overridden from hidden BSS wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices md: Whenassemble the array, consult the superblock of the freshest device ARM: dts: imx23/28: Fix the DMA controller node name ARM: dts: imx23-sansa: Use preferred i2c-gpios properties ARM: dts: imx27-apf27dev: Fix LED name ARM: dts: imx1: Fix sram node ARM: dts: imx27: Fix sram node ARM: dts: imx: Use flash@0,0 pattern ARM: dts: imx25/27-eukrea: Fix RTC node name ARM: dts: rockchip: fix rk3036 hdmi ports node scsi: libfc: Fix up timeout error in fc_fcp_rec_error() scsi: libfc: Don't schedule abort twice bpf: Add map and need_defer parameters to .map_fd_put_ptr() wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() ARM: dts: imx7s: Fix nand-controller #size-cells ARM: dts: imx7s: Fix lcdif compatible bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk PCI: Add no PM reset quirk for NVIDIA Spectrum devices scsi: lpfc: Fix possible file string name overflow when updating firmware ext4: avoid online resizing failures due to oversized flex bg ext4: remove unnecessary check from alloc_flex_gd() ext4: unify the type of flexbg_size to unsigned int ext4: fix inconsistent between segment fstrim and full fstrim SUNRPC: Fix a suspicious RCU usage warning KVM: s390: fix setting of fpc register s390/ptrace: handle setting of fpc register correctly jfs: fix array-index-out-of-bounds in diNewExt rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock() afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() crypto: stm32/crc32 - fix parsing list of devices pstore/ram: Fix crash when setting number of cpus to an odd number jfs: fix uaf in jfs_evict_inode jfs: fix array-index-out-of-bounds in dbAdjTree jfs: fix slab-out-of-bounds Read in dtSearch UBSAN: array-index-out-of-bounds in dtSplitRoot FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree ACPI: extlog: fix NULL pointer dereference check PNP: ACPI: fix fortify warning ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop audit: Send netlink ACK before setting connection in auditd_set powerpc/lib: Validate size for vector operations powerpc/mm: Fix build failures due to arch_reserved_kernel_pages() powerpc: Fix build error due to is_valid_bugaddr() powerpc/mm: Fix null-pointer dereference in pgtable_cache_add net/sched: cbs: Fix not adding cbs instance to list x86/entry/ia32: Ensure s32 is sign extended to s64 tick/sched: Preserve number of idle sleeps across CPU hotplug events mips: Call lose_fpu(0) before initializing fcr31 in mips_set_personality_nan gpio: eic-sprd: Clear interrupt after set the interrupt type drm/exynos: gsc: minor fix for loop iteration in gsc_runtime_resume drm/bridge: nxp-ptn3460: simplify some error checking drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking drm: Don't unref the same fb many times by mistake due to deadlock handling gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04 netfilter: nf_tables: reject QUEUE/DROP verdict parameters btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args btrfs: don't warn if discard range is not aligned to sector net: fec: fix the unhandled context fault from smmu fjes: fix memleaks in fjes_hw_setup netfilter: nf_tables: restrict anonymous set and map names to 16 bytes net/mlx5e: fix a double-free in arfs_create_groups net/mlx5: Use kfree(ft->g) in arfs_create_groups() netlink: fix potential sleeping issue in mqueue_flush_file Conflicts: include/linux/fs.h include/linux/timer.h init/initramfs.c kernel/time/timer.c mm/memory-failure.c mm/page_alloc.c net/core/sock.c scripts/Makefile.extrawarn Change-Id: I0ccfce4c1a43240cfb997b426ef9fc59e61e3c55 |
||
|
Greg Kroah-Hartman
|
5c67c90113 |
Merge 4.19.313 into android-4.19-stable
Changes in 4.19.313
batman-adv: Avoid infinite loop trying to resize local TT
Bluetooth: Fix memory leak in hci_req_sync_complete()
nouveau: fix function cast warning
geneve: fix header validation in geneve[6]_xmit_skb
ipv6: fib: hide unused 'pn' variable
ipv4/route: avoid unused-but-set-variable warning
ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr
net/mlx5: Properly link new fs rules into the tree
tracing: hide unused ftrace_event_id_fops
vhost: Add smp_rmb() in vhost_vq_avail_empty()
selftests: timers: Fix abs() warning in posix_timers test
x86/apic: Force native_apic_mem_read() to use the MOV instruction
btrfs: record delayed inode root in transaction
selftests/ftrace: Limit length in subsystem-enable tests
kprobes: Fix possible use-after-free issue on kprobe registration
Revert "tracing/trigger: Fix to return error if failed to alloc snapshot"
netfilter: nf_tables: __nft_expr_type_get() selects specific family type
netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()
tun: limit printing rate when illegal packet received by tun dev
RDMA/mlx5: Fix port number for counter query in multi-port configuration
drm: nv04: Fix out of bounds access
comedi: vmk80xx: fix incomplete endpoint checking
serial/pmac_zilog: Remove flawed mitigation for rx irq flood
USB: serial: option: add Fibocom FM135-GL variants
USB: serial: option: add support for Fibocom FM650/FG650
USB: serial: option: add Lonsung U8300/U9300 product
USB: serial: option: support Quectel EM060K sub-models
USB: serial: option: add Rolling RW101-GL and RW135-GL support
USB: serial: option: add Telit FN920C04 rmnet compositions
Revert "usb: cdc-wdm: close race between read and workqueue"
usb: dwc2: host: Fix dereference issue in DDMA completion flow.
speakup: Avoid crash on very long word
fs: sysfs: Fix reference leak in sysfs_break_active_protection()
nouveau: fix instmem race condition around ptr stores
nilfs2: fix OOB in nilfs_set_de_type
tracing: Remove hist trigger synth_var_refs
tracing: Use var_refs[] for hist trigger reference checking
arm64: dts: rockchip: fix alphabetical ordering RK3399 puma
arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for RK3399 Puma
arm64: dts: mediatek: mt7622: fix IR nodename
arm64: dts: mediatek: mt7622: fix ethernet controller "compatible"
arm64: dts: mediatek: mt7622: drop "reset-names" from thermal block
ARC: [plat-hsdk]: Remove misplaced interrupt-cells property
vxlan: drop packets from invalid src-address
mlxsw: core: Unregister EMAD trap using FORWARD action
NFC: trf7970a: disable all regulators on removal
net: usb: ax88179_178a: stop lying about skb->truesize
net: gtp: Fix Use-After-Free in gtp_dellink
ipvs: Fix checksumming on GSO of SCTP packets
net: openvswitch: ovs_ct_exit to be done under ovs_lock
net: openvswitch: Fix Use-After-Free in ovs_ct_exit
i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
serial: core: Provide port lock wrappers
serial: mxs-auart: add spinlock around changing cts state
drm/amdgpu: restrict bo mapping within gpu address limits
amdgpu: validate offset_in_bo of drm_amdgpu_gem_va
drm/amdgpu: validate the parameters of bo mapping operations more clearly
Revert "crypto: api - Disallow identical driver names"
tracing: Show size of requested perf buffer
tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker together
Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 Puma
irqchip/gic-v3-its: Prevent double free on error
net: b44: set pause params only when interface is up
stackdepot: respect __GFP_NOLOCKDEP allocation flag
mtd: diskonchip: work around ubsan link failure
tcp: Clean up kernel listener's reqsk in inet_twsk_purge()
tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge()
dmaengine: owl: fix register access functions
idma64: Don't try to serve interrupts when device is powered off
i2c: smbus: fix NULL function pointer dereference
HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up
Revert "loop: Remove sector_t truncation checks"
Revert "y2038: rusage: use __kernel_old_timeval"
udp: preserve the connected status if only UDP cmsg
serial: core: fix kernel-doc for uart_port_unlock_irqrestore()
Linux 4.19.313
Change-Id: I6558068fa522b4cd853251716389c0d30a47522f
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Ben Hutchings
|
271b53d629 |
Revert "y2038: rusage: use __kernel_old_timeval"
This reverts commit
|
||
|
Robin H. Johnson
|
78b92d50fe |
tracing: Show size of requested perf buffer
commit a90afe8d020da9298c98fddb19b7a6372e2feb45 upstream. If the perf buffer isn't large enough, provide a hint about how large it needs to be for whatever is running. Link: https://lkml.kernel.org/r/20210831043723.13481-1-robbat2@gentoo.org Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@igalia.com> |
||
|
Tom Zanussi
|
3dc763bdb0 |
tracing: Use var_refs[] for hist trigger reference checking
commit e4f6d245031e04bdd12db390298acec0474a1a46 upstream. Since all the variable reference hist_fields are collected into hist_data->var_refs[] array, there's no need to go through all the fields looking for them, or in separate arrays like synth_var_refs[], which will be going away soon anyway. This also allows us to get rid of some unnecessary code and functions currently used for the same purpose. Link: http://lkml.kernel.org/r/1545246556.4239.7.camel@gmail.com Acked-by: Namhyung Kim <namhyung@kernel.org> Reviewed-by: Masami Hiramatsu <mhiramat@kernel.org> Signed-off-by: Tom Zanussi <tom.zanussi@linux.intel.com> Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: George Guo <guodongtai@kylinos.cn> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Tom Zanussi
|
d74f1a1f91 |
tracing: Remove hist trigger synth_var_refs
commit 912201345f7c39e6b0ac283207be2b6641fa47b9 upstream. All var_refs are now handled uniformly and there's no reason to treat the synth_refs in a special way now, so remove them and associated functions. Link: http://lkml.kernel.org/r/b4d3470526b8f0426dcec125399dad9ad9b8589d.1545161087.git.tom.zanussi@linux.intel.com Acked-by: Namhyung Kim <namhyung@kernel.org> Reviewed-by: Masami Hiramatsu <mhiramat@kernel.org> Signed-off-by: Tom Zanussi <tom.zanussi@linux.intel.com> Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: George Guo <guodongtai@kylinos.cn> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Siddh Raman Pant
|
34925d01ba |
Revert "tracing/trigger: Fix to return error if failed to alloc snapshot"
This reverts commit
|
||
|
Zheng Yejian
|
b5808d4009 |
kprobes: Fix possible use-after-free issue on kprobe registration
commit 325f3fb551f8cd672dbbfc4cf58b14f9ee3fc9e8 upstream. When unloading a module, its state is changing MODULE_STATE_LIVE -> MODULE_STATE_GOING -> MODULE_STATE_UNFORMED. Each change will take a time. `is_module_text_address()` and `__module_text_address()` works with MODULE_STATE_LIVE and MODULE_STATE_GOING. If we use `is_module_text_address()` and `__module_text_address()` separately, there is a chance that the first one is succeeded but the next one is failed because module->state becomes MODULE_STATE_UNFORMED between those operations. In `check_kprobe_address_safe()`, if the second `__module_text_address()` is failed, that is ignored because it expected a kernel_text address. But it may have failed simply because module->state has been changed to MODULE_STATE_UNFORMED. In this case, arm_kprobe() will try to modify non-exist module text address (use-after-free). To fix this problem, we should not use separated `is_module_text_address()` and `__module_text_address()`, but use only `__module_text_address()` once and do `try_module_get(module)` which is only available with MODULE_STATE_LIVE. Link: https://lore.kernel.org/all/20240410015802.265220-1-zhengyejian1@huawei.com/ Fixes: 28f6c37a2910 ("kprobes: Forbid probing on trampoline and BPF code areas") Cc: stable@vger.kernel.org Signed-off-by: Zheng Yejian <zhengyejian1@huawei.com> Signed-off-by: Masami Hiramatsu (Google) <mhiramat@kernel.org> [Fix conflict due to lack dependency commit 223a76b268c9 ("kprobes: Fix coding style issues")] Signed-off-by: Zheng Yejian <zhengyejian1@huawei.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Arnd Bergmann
|
8bfa576fe3 |
tracing: hide unused ftrace_event_id_fops
[ Upstream commit 5281ec83454d70d98b71f1836fb16512566c01cd ]
When CONFIG_PERF_EVENTS, a 'make W=1' build produces a warning about the
unused ftrace_event_id_fops variable:
kernel/trace/trace_events.c:2155:37: error: 'ftrace_event_id_fops' defined but not used [-Werror=unused-const-variable=]
2155 | static const struct file_operations ftrace_event_id_fops = {
Hide this in the same #ifdef as the reference to it.
Link: https://lore.kernel.org/linux-trace-kernel/20240403080702.3509288-7-arnd@kernel.org
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: Zheng Yejian <zhengyejian1@huawei.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Ajay Kaher <akaher@vmware.com>
Cc: Jinjie Ruan <ruanjinjie@huawei.com>
Cc: Clément Léger <cleger@rivosinc.com>
Cc: Dan Carpenter <dan.carpenter@linaro.org>
Cc: "Tzvetomir Stoyanov (VMware)" <tz.stoyanov@gmail.com>
Fixes:
|
||
|
Stephen Boyd
|
3e33b60fe6 |
alarmtimer: Make alarmtimer platform device child of RTC device
[ Upstream commit c79108bd19a8490315847e0c95ac6526fcd8e770 ] The alarmtimer_suspend() function will fail if an RTC device is on a bus such as SPI or i2c and that RTC device registers and probes after alarmtimer_init() registers and probes the 'alarmtimer' platform device. This is because system wide suspend suspends devices in the reverse order of their probe. When alarmtimer_suspend() attempts to program the RTC for a wakeup it will try to program an RTC device on a bus that has already been suspended. Move the alarmtimer device registration to happen when the RTC which is used for wakeup is registered. Register the 'alarmtimer' platform device as a child of the RTC device too, so that it can be guaranteed that the RTC device won't be suspended when alarmtimer_suspend() is called. Reported-by: Douglas Anderson <dianders@chromium.org> Signed-off-by: Stephen Boyd <swboyd@chromium.org> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Douglas Anderson <dianders@chromium.org> Link: https://lore.kernel.org/r/20200124055849.154411-2-swboyd@chromium.org Signed-off-by: Sasha Levin <sashal@kernel.org> Change-Id: I4338fb4708dda7a759338cac33ea975e685ea7c6 |
||
|
Michael Bestas
|
a8804204c0 |
Merge tag 'ASB-2024-04-05_4.19-stable' of https://android.googlesource.com/kernel/common into android13-4.19-kona
https://source.android.com/docs/security/bulletin/2024-04-01 * tag 'ASB-2024-04-05_4.19-stable' of https://android.googlesource.com/kernel/common: Revert "Reapply "cred: switch to using atomic_long_t"" Reapply "cred: switch to using atomic_long_t" BACKPORT: net: core: enable SO_BINDTODEVICE for non-root users tcp: Add memory barrier to tcp_push() tracing: Ensure visibility when inserting an element into tracing_map net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv llc: Drop support for ETH_P_TR_802_2. llc: make llc_ui_sendmsg() more robust against bonding changes vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING net/smc: fix illegal rmb_desc access in SMC-D connection dump drivers: core: fix kernel-doc markup for dev_err_probe() driver code: print symbolic error code block: Remove special-casing of compound pages Revert "driver core: Annotate dev_err_probe() with __must_check" nouveau/vmm: don't set addr on the fail path to avoid warning driver core: Annotate dev_err_probe() with __must_check parisc/firmware: Fix F-extend for PDC addresses x86/CPU/AMD: Fix disabling XSAVES on AMD family 0x17 due to erratum rpmsg: virtio: Free driver_override when rpmsg_remove() powerpc: Use always instead of always-y in for crtsavres.o hwrng: core - Fix page fault dead lock on mmap-ed hwrng PM: hibernate: Enforce ordering during image compression/decompression crypto: api - Disallow identical driver names ext4: allow for the last group to be marked as trimmed serial: sc16is7xx: add check for unsupported SPI modes during probe spi: introduce SPI_MODE_X_MASK macro driver core: add device probe log helper serial: sc16is7xx: set safe default SPI clock frequency units: add the HZ macros units: change from 'L' to 'UL' units: Add Watt units include/linux/units.h: add helpers for kelvin to/from Celsius conversion PCI: mediatek: Clear interrupt status before dispatching handler Change-Id: I5a5f215e11cc4d2ae7ad65c53d50819f18988acf |
||
|
Peter Zijlstra
|
260d03bf36 |
sched: Provide sched_set_fifo()
SCHED_FIFO (or any static priority scheduler) is a broken scheduler model; it is fundamentally incapable of resource management, the one thing an OS is actually supposed to do. It is impossible to compose static priority workloads. One cannot take two well designed and functional static priority workloads and mash them together and still expect them to work. Therefore it doesn't make sense to expose the priority field; the kernel is fundamentally incapable of setting a sensible value, it needs systems knowledge that it doesn't have. Take away sched_setschedule() / sched_setattr() from modules and replace them with: - sched_set_fifo(p); create a FIFO task (at prio 50) - sched_set_fifo_low(p); create a task higher than NORMAL, which ends up being a FIFO task at prio 1. - sched_set_normal(p, nice); (re)set the task to normal This stops the proliferation of randomly chosen, and irrelevant, FIFO priorities that dont't really mean anything anyway. The system administrator/integrator, whoever has insight into the actual system design and requirements (userspace) can set-up appropriate priorities if and when needed. Cc: airlied@redhat.com Cc: alexander.deucher@amd.com Cc: awalls@md.metrocast.net Cc: axboe@kernel.dk Cc: broonie@kernel.org Cc: daniel.lezcano@linaro.org Cc: gregkh@linuxfoundation.org Cc: hannes@cmpxchg.org Cc: herbert@gondor.apana.org.au Cc: hverkuil@xs4all.nl Cc: john.stultz@linaro.org Cc: nico@fluxnic.net Cc: paulmck@kernel.org Cc: rafael.j.wysocki@intel.com Cc: rmk+kernel@arm.linux.org.uk Cc: sudeep.holla@arm.com Cc: tglx@linutronix.de Cc: ulf.hansson@linaro.org Cc: wim@linux-watchdog.org Change-Id: I52ed4f1253e82ba3e8f40f3aa1aff62580163f25 Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Reviewed-by: Ingo Molnar <mingo@kernel.org> Tested-by: Paul E. McKenney <paulmck@kernel.org> |
||
|
Greg Kroah-Hartman
|
115c8415ca |
Revert "timers: Rename del_timer_sync() to timer_delete_sync()"
This reverts commit
|
||
|
Greg Kroah-Hartman
|
ec0ad95612 |
Merge 4.19.312 into android-4.19-stable
Changes in 4.19.312
Documentation/hw-vuln: Update spectre doc
x86/cpu: Support AMD Automatic IBRS
x86/bugs: Use sysfs_emit()
timer/trace: Replace deprecated vsprintf pointer extension %pf by %ps
timer/trace: Improve timer tracing
timers: Prepare support for PREEMPT_RT
timers: Update kernel-doc for various functions
timers: Use del_timer_sync() even on UP
timers: Rename del_timer_sync() to timer_delete_sync()
wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
smack: Set SMACK64TRANSMUTE only for dirs in smack_inode_setxattr()
smack: Handle SMACK64TRANSMUTE in smack_inode_setsecurity()
ARM: dts: mmp2-brownstone: Don't redeclare phandle references
arm: dts: marvell: Fix maxium->maxim typo in brownstone dts
media: xc4000: Fix atomicity violation in xc4000_get_frequency
KVM: Always flush async #PF workqueue when vCPU is being destroyed
sparc64: NMI watchdog: fix return value of __setup handler
sparc: vDSO: fix return value of __setup handler
crypto: qat - fix double free during reset
crypto: qat - resolve race condition during AER recovery
fat: fix uninitialized field in nostale filehandles
ubifs: Set page uptodate in the correct place
ubi: Check for too small LEB size in VTBL code
ubi: correct the calculation of fastmap size
parisc: Do not hardcode registers in checksum functions
parisc: Fix ip_fast_csum
parisc: Fix csum_ipv6_magic on 32-bit systems
parisc: Fix csum_ipv6_magic on 64-bit systems
parisc: Strip upper 32 bit of sum in csum_ipv6_magic for 64-bit builds
PM: suspend: Set mem_sleep_current during kernel command line setup
clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays
clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays
clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays
powerpc/fsl: Fix mfpmr build errors with newer binutils
USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB
USB: serial: add device ID for VeriFone adapter
USB: serial: cp210x: add ID for MGP Instruments PDS100
USB: serial: option: add MeiG Smart SLM320 product
USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M
PM: sleep: wakeirq: fix wake irq warning in system suspend
mmc: tmio: avoid concurrent runs of mmc_request_done()
fuse: don't unhash root
PCI: Drop pci_device_remove() test of pci_dev->driver
PCI/PM: Drain runtime-idle callbacks before driver removal
Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d""
dm-raid: fix lockdep waring in "pers->hot_add_disk"
mmc: core: Fix switch on gp3 partition
hwmon: (amc6821) add of_match table
ext4: fix corruption during on-line resize
slimbus: core: Remove usage of the deprecated ida_simple_xx() API
speakup: Fix 8bit characters from direct synth
kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1
vfio/platform: Disable virqfds on cleanup
soc: fsl: qbman: Always disable interrupts when taking cgr_lock
soc: fsl: qbman: Add helper for sanity checking cgr ops
soc: fsl: qbman: Add CGR update function
soc: fsl: qbman: Use raw spinlock for cgr_lock
s390/zcrypt: fix reference counting on zcrypt card objects
drm/imx/ipuv3: do not return negative values from .get_modes()
drm/vc4: hdmi: do not return negative values from .get_modes()
memtest: use {READ,WRITE}_ONCE in memory scanning
nilfs2: fix failure to detect DAT corruption in btree and direct mappings
nilfs2: use a more common logging style
nilfs2: prevent kernel bug at submit_bh_wbc()
x86/CPU/AMD: Update the Zenbleed microcode revisions
ahci: asm1064: correct count of reported ports
ahci: asm1064: asm1166: don't limit reported ports
comedi: comedi_test: Prevent timers rescheduling during deletion
netfilter: nf_tables: disallow anonymous set with timeout flag
netfilter: nf_tables: reject constant set with timeout
xfrm: Avoid clang fortify warning in copy_to_user_tmpl()
ALSA: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897 platform
USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command
usb: gadget: ncm: Fix handling of zero block length packets
usb: port: Don't try to peer unused USB ports based on location
tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled
vt: fix unicode buffer corruption when deleting characters
vt: fix memory overlapping when deleting chars in the buffer
mm/memory-failure: fix an incorrect use of tail pages
mm/migrate: set swap entry values of THP tail pages properly.
wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes
exec: Fix NOMMU linux_binprm::exec in transfer_args_to_stack()
usb: cdc-wdm: close race between read and workqueue
ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs
fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion
printk: Update @console_may_schedule in console_trylock_spinning()
btrfs: allocate btrfs_ioctl_defrag_range_args on stack
Revert "loop: Check for overflow while configuring loop"
loop: Call loop_config_discard() only after new config is applied
loop: Remove sector_t truncation checks
loop: Factor out setting loop device size
loop: Refactor loop_set_status() size calculation
loop: properly observe rotational flag of underlying device
perf/core: Fix reentry problem in perf_output_read_group()
efivarfs: Request at most 512 bytes for variable names
powerpc: xor_vmx: Add '-mhard-float' to CFLAGS
loop: Factor out configuring loop from status
loop: Check for overflow while configuring loop
loop: loop_set_status_from_info() check before assignment
usb: dwc2: host: Fix remote wakeup from hibernation
usb: dwc2: host: Fix hibernation flow
usb: dwc2: host: Fix ISOC flow in DDMA mode
usb: dwc2: gadget: LPM flow fix
usb: udc: remove warning when queue disabled ep
scsi: qla2xxx: Fix command flush on cable pull
x86/cpu: Enable STIBP on AMD if Automatic IBRS is enabled
scsi: lpfc: Correct size for wqe for memset()
USB: core: Fix deadlock in usb_deauthorize_interface()
nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
mptcp: add sk_stop_timer_sync helper
tcp: properly terminate timers for kernel sockets
r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d
Bluetooth: hci_event: set the conn encrypted before conn establishes
Bluetooth: Fix TOCTOU in HCI debugfs implementation
netfilter: nf_tables: disallow timeout for anonymous sets
net/rds: fix possible cp null dereference
Revert "x86/mm/ident_map: Use gbpages only where full GB page should be mapped."
mm, vmscan: prevent infinite loop for costly GFP_NOIO | __GFP_RETRY_MAYFAIL allocations
netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()
net/sched: act_skbmod: prevent kernel-infoleak
net: stmmac: fix rx queue priority assignment
selftests: reuseaddr_conflict: add missing new line at the end of the output
ipv6: Fix infinite recursion in fib6_dump_done().
i40e: fix vf may be used uninitialized in this function warning
staging: mmal-vchiq: Avoid use of bool in structures
staging: mmal-vchiq: Allocate and free components as required
staging: mmal-vchiq: Fix client_component for 64 bit kernel
staging: vc04_services: changen strncpy() to strscpy_pad()
staging: vc04_services: fix information leak in create_component()
initramfs: factor out a helper to populate the initrd image
fs: add a vfs_fchown helper
fs: add a vfs_fchmod helper
initramfs: switch initramfs unpacking to struct file based APIs
init: open /initrd.image with O_LARGEFILE
erspan: Add type I version 0 support.
erspan: make sure erspan_base_hdr is present in skb->head
ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw
ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit
ata: sata_mv: Fix PCI device ID table declaration compilation warning
ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone
wifi: ath9k: fix LNA selection in ath_ant_try_scan()
VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
arm64: dts: rockchip: fix rk3399 hdmi ports node
tools/power x86_energy_perf_policy: Fix file leak in get_pkg_num()
btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()
btrfs: export: handle invalid inode or root reference in btrfs_get_parent()
btrfs: send: handle path ref underflow in header iterate_inode_ref()
Bluetooth: btintel: Fix null ptr deref in btintel_read_version
Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails
sysv: don't call sb_bread() with pointers_lock held
scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()
isofs: handle CDs with bad root inode but good Joliet root directory
media: sta2x11: fix irq handler cast
drm/amd/display: Fix nanosec stat overflow
SUNRPC: increase size of rpc_wait_queue.qlen from unsigned short to unsigned int
block: prevent division by zero in blk_rq_stat_sum()
Input: allocate keycode for Display refresh rate toggle
ktest: force $buildonly = 1 for 'make_warnings_file' test type
tools: iio: replace seekdir() in iio_generic_buffer
usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined
fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2
fbmon: prevent division by zero in fb_videomode_from_videomode()
tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
drm/vkms: call drm_atomic_helper_shutdown before drm_dev_put()
virtio: reenable config if freezing device failed
x86/mm/pat: fix VM_PAT handling in COW mappings
Bluetooth: btintel: Fixe build regression
VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler()
erspan: Check IFLA_GRE_ERSPAN_VER is set.
ip_gre: do not report erspan version on GRE interface
initramfs: fix populate_initrd_image() section mismatch
amdkfd: use calloc instead of kzalloc to avoid integer overflow
Linux 4.19.312
Change-Id: Ic4c50de6afb4c88c8011be6cc93f960d2dc968e0
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Greg Kroah-Hartman
|
32e0a5db51 |
Merge 4.19.311 into android-4.19-stable
Changes in 4.19.311 ASoC: rt5645: Make LattePanda board DMI match more precise x86/xen: Add some null pointer checking to smp.c MIPS: Clear Cause.BD in instruction_pointer_set net/iucv: fix the allocation size of iucv_path_table array block: sed-opal: handle empty atoms when parsing response dm-verity, dm-crypt: align "struct bvec_iter" correctly scsi: mpt3sas: Prevent sending diag_reset when the controller is ready Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security firewire: core: use long bus reset on gap count error ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet Input: gpio_keys_polled - suppress deferred probe error for gpio ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll crypto: algif_aead - fix uninitialized ctx->init crypto: af_alg - make some functions static crypto: algif_aead - Only wake up when ctx->more is zero do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak fs/select: rework stack allocation hack for clang md: switch to ->check_events for media change notifications block: add a new set_read_only method md: implement ->set_read_only to hook into BLKROSET processing md: Don't clear MD_CLOSING when the raid is about to stop aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts timekeeping: Fix cross-timestamp interpolation on counter wrap timekeeping: Fix cross-timestamp interpolation corner case decision timekeeping: Fix cross-timestamp interpolation for non-x86 wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() b43: dma: Fix use true/false for bool type variable wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled b43: main: Fix use true/false for bool type wifi: b43: Stop correct queue in DMA worker when QoS is disabled wifi: b43: Disable QoS for bcm4331 wifi: mwifiex: debugfs: Drop unnecessary error check for debugfs_create_dir() sock_diag: annotate data-races around sock_diag_handlers[family] af_unix: Annotate data-race of gc_in_progress in wait_for_unix_gc(). wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() bus: tegra-aconnect: Update dependency to ARCH_TEGRA iommu/amd: Mark interrupt as managed wifi: brcmsmac: avoid function pointer casts ARM: dts: arm: realview: Fix development chip ROM compatible value ACPI: scan: Fix device check notification handling x86, relocs: Ignore relocations in .notes section SUNRPC: fix some memleaks in gssx_dec_option_array mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove function igb: move PEROUT and EXTTS isr logic to separate functions igb: Fix missing time sync events Bluetooth: Remove superfluous call to hci_conn_check_pending() Bluetooth: hci_core: Fix possible buffer overflow sr9800: Add check for usbnet_get_endpoints bpf: Fix hashtab overflow check on 32-bit arches bpf: Fix stackmap overflow check on 32-bit arches ipv6: fib6_rules: flush route cache when rule is changed tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function udp: fix incorrect parameter validation in the udp_lib_getsockopt() function net: kcm: fix incorrect parameter validation in the kcm_getsockopt) function net/x25: fix incorrect parameter validation in the x25_getsockopt() function nfp: flower: handle acti_netdevs allocation failure dm raid: fix false positive for requeue needed during reshape dm: call the resume method on internal suspend drm/tegra: dsi: Add missing check for of_find_device_by_node gpu: host1x: mipi: Update tegra_mipi_request() to be node based drm/tegra: dsi: Make use of the helper function dev_err_probe() drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe() drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path of tegra_dsi_probe() drm/rockchip: inno_hdmi: Fix video timing drm: Don't treat 0 as -1 in drm_fixp2int_ceil drm/rockchip: lvds: do not overwrite error code drm/rockchip: lvds: do not print scary message when probing defer media: tc358743: register v4l2 async device only after successful setup perf evsel: Fix duplicate initialization of data->id in evsel__parse_sample() ABI: sysfs-bus-pci-devices-aer_stats uses an invalid tag media: em28xx: annotate unchecked call to media_device_register() media: v4l2-tpg: fix some memleaks in tpg_alloc media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity media: dvbdev: remove double-unlock media: media/dvb: Use kmemdup rather than duplicating its implementation media: dvbdev: Fix memleak in dvb_register_device media: dvbdev: fix error logic at dvb_register_device() media: dvb-core: Fix use-after-free due to race at dvb_register_device() media: edia: dvbdev: fix a use-after-free clk: qcom: reset: Allow specifying custom reset delay clk: qcom: reset: support resetting multiple bits clk: qcom: reset: Commonize the de/assert functions clk: qcom: reset: Ensure write completion on reset de/assertion quota: code cleanup for __dquot_alloc_space() fs/quota: erase unused but set variable warning quota: check time limit when back out space/inode change quota: simplify drop_dquot_ref() quota: Fix potential NULL pointer dereference quota: Fix rcu annotations of inode dquot pointers perf thread_map: Free strlist on normal path in thread_map__new_by_tid_str() drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode() ALSA: seq: fix function cast warnings media: go7007: add check of return value of go7007_read_addr() media: pvrusb2: fix pvr2_stream_callback casts firmware: qcom: scm: Add WLAN VMID for Qualcomm SCM interface clk: qcom: dispcc-sdm845: Adjust internal GDSC wait times drm/mediatek: dsi: Fix DSI RGB666 formats and definitions PCI: Mark 3ware-9650SE Root Port Extended Tags as broken clk: hisilicon: hi3519: Release the correct number of gates in hi3519_clk_unregister() drm/tegra: put drm_gem_object ref on error in tegra_fb_create mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref crypto: arm - Rename functions to avoid conflict with crypto/sha256.h crypto: arm/sha - fix function cast warnings mtd: rawnand: lpc32xx_mlc: fix irq handler prototype ASoC: meson: axg-tdm-interface: fix mclk setup without mclk-fs drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int() media: pvrusb2: fix uaf in pvr2_context_set_notify media: dvb-frontends: avoid stack overflow warnings with clang media: go7007: fix a memleak in go7007_load_encoder drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks powerpc/embedded6xx: Fix no previous prototype for avr_uart_send() etc. backlight: lm3630a: Initialize backlight_properties on init backlight: lm3630a: Don't set bl->props.brightness in get_brightness backlight: da9052: Fully initialize backlight_properties during probe backlight: lm3639: Fully initialize backlight_properties during probe backlight: lp8788: Fully initialize backlight_properties during probe sparc32: Fix section mismatch in leon_pci_grpci ALSA: usb-audio: Stop parsing channels bits when all channels are found. scsi: csiostor: Avoid function pointer casts scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() NFS: Fix an off by one in root_nfs_cat() clk: qcom: gdsc: Add support to update GDSC transition delay serial: max310x: fix syntax error in IRQ error message tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT kconfig: fix infinite loop when expanding a macro at the end of file rtc: mt6397: select IRQ_DOMAIN instead of depending on it serial: 8250_exar: Don't remove GPIO device on suspend staging: greybus: fix get_channel_from_mode() failure path usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin net: hsr: fix placement of logical operator in a multi-line statement hsr: Fix uninit-value access in hsr_get_node() rds: introduce acquire/release ordering in acquire/release_in_xmit() hsr: Handle failures in module init net/bnx2x: Prevent access to a freed page in page_pool spi: spi-mt65xx: Fix NULL pointer access in interrupt handler crypto: af_alg - Fix regression on empty requests crypto: af_alg - Work around empty control messages without MSG_MORE Linux 4.19.311 Change-Id: I034e9a44b6dec1a7b5c600b3cd77aabc401044d7 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |