ping ?
On 2018/10/6 17:09, Hou Tao wrote:
> When an invalid mount option is passed to jffs2, jffs2_parse_options()
> will fail and jffs2_sb_info will be freed, but then jffs2_sb_info will
> be used (use-after-free) and freeed (double-free) in jffs2_kill_sb().
>
> Fix it by removing the buggy
ping ?
On 2018/10/6 17:09, Hou Tao wrote:
> When an invalid mount option is passed to jffs2, jffs2_parse_options()
> will fail and jffs2_sb_info will be freed, but then jffs2_sb_info will
> be used (use-after-free) and freeed (double-free) in jffs2_kill_sb().
>
> Fix it by removing the buggy
On Mon, Oct 15, 2018 at 10:54 PM Doug Anderson wrote:
>
> Vivek,
>
> On Mon, Oct 15, 2018 at 8:23 AM Vivek Gautam
> wrote:
> >
> > Hi Doug,
> >
> > On Sat, Oct 13, 2018 at 3:09 AM Douglas Anderson
> > wrote:
> > >
> > > If you look at the bindings for the UFS Host Controller it says:
> > >
> >
On Mon, Oct 15, 2018 at 10:54 PM Doug Anderson wrote:
>
> Vivek,
>
> On Mon, Oct 15, 2018 at 8:23 AM Vivek Gautam
> wrote:
> >
> > Hi Doug,
> >
> > On Sat, Oct 13, 2018 at 3:09 AM Douglas Anderson
> > wrote:
> > >
> > > If you look at the bindings for the UFS Host Controller it says:
> > >
> >
Support dword access for get_user_size and redesign put_user_size with
the same style of get_user_size. It's Ok to use xxx_user_asm_common for
all size of variable with ldb, ldh, ldw, ld.d
ld.d rx, (addr, 0) could "rx <= addr" "and r(x+1) <= addr+4" and this also
follow abiv2 gcc ABI for dword
Support dword access for get_user_size and redesign put_user_size with
the same style of get_user_size. It's Ok to use xxx_user_asm_common for
all size of variable with ldb, ldh, ldw, ld.d
ld.d rx, (addr, 0) could "rx <= addr" "and r(x+1) <= addr+4" and this also
follow abiv2 gcc ABI for dword
On Mon, Oct 15, 2018 at 02:14:34PM +0300, Tomas Winkler wrote:
> Ignore the return value of go_to_idle() in tpm_try_transmit().
> Once it may shadow the return value of actual tpm operation,
> second the consequent command will fail as well and the error
> will be caought anyway.
> Last fix wrong
On Mon, Oct 15, 2018 at 02:14:34PM +0300, Tomas Winkler wrote:
> Ignore the return value of go_to_idle() in tpm_try_transmit().
> Once it may shadow the return value of actual tpm operation,
> second the consequent command will fail as well and the error
> will be caought anyway.
> Last fix wrong
Hi all,
Changes since 20181015:
The jc_docs tree gained a conflict against the pci tree
The netfilter-next tree gained a build failure so I used the version
from next-20181015.
The block tree gained a conflict against the pci tree.
I added a patch to the akpm tree to fix my qemu PowerPC boot
Hi all,
Changes since 20181015:
The jc_docs tree gained a conflict against the pci tree
The netfilter-next tree gained a build failure so I used the version
from next-20181015.
The block tree gained a conflict against the pci tree.
I added a patch to the akpm tree to fix my qemu PowerPC boot
On Thu, Oct 11, 2018 at 01:11:59AM +0200, Frederic Weisbecker wrote:
> This pair of function is implemented on top of local_bh_disable() that
> is going to handle a softirq mask in order to apply finegrained vector
> disablement. The lock function is going to return the previous vectors
> enabled
On Thu, Oct 11, 2018 at 01:11:59AM +0200, Frederic Weisbecker wrote:
> This pair of function is implemented on top of local_bh_disable() that
> is going to handle a softirq mask in order to apply finegrained vector
> disablement. The lock function is going to return the previous vectors
> enabled
Add DT bindings for PCIe controller implemented in UniPhier SoCs when
configured in Root Complex (host) mode. This controller is based on
the DesignWare PCIe core.
Signed-off-by: Kunihiko Hayashi
Reviewed-by: Rob Herring
---
.../devicetree/bindings/pci/uniphier-pcie.txt | 81
This introduces specific glue layer for UniPhier platform to support
PCIe host controller that is based on the DesignWare PCIe core, and
this driver supports Root Complex (host) mode.
Signed-off-by: Kunihiko Hayashi
---
drivers/pci/controller/dwc/Kconfig | 9 +
Add DT bindings for PCIe controller implemented in UniPhier SoCs when
configured in Root Complex (host) mode. This controller is based on
the DesignWare PCIe core.
Signed-off-by: Kunihiko Hayashi
Reviewed-by: Rob Herring
---
.../devicetree/bindings/pci/uniphier-pcie.txt | 81
This introduces specific glue layer for UniPhier platform to support
PCIe host controller that is based on the DesignWare PCIe core, and
this driver supports Root Complex (host) mode.
Signed-off-by: Kunihiko Hayashi
---
drivers/pci/controller/dwc/Kconfig | 9 +
This series adds PCIe host controller driver for Socionext UniPhier SoCs.
This controller is based on the DesignWare PCIe core. This driver
supports LD20 and PXs3 SoCs.
v2: https://www.spinics.net/lists/linux-pci/msg75930.html
About legacy IRQ, it might be necessary to share common view from
This series adds PCIe host controller driver for Socionext UniPhier SoCs.
This controller is based on the DesignWare PCIe core. This driver
supports LD20 and PXs3 SoCs.
v2: https://www.spinics.net/lists/linux-pci/msg75930.html
About legacy IRQ, it might be necessary to share common view from
Switch to uart_port_lock macros:
- use uart_port_lock_for_printk()/uart_port_unlock_after_printk() in
serial8250_console_write().
- use uart_port_lock_*()/uart_port_unlock_*() elsewhere.
Signed-off-by: Sergey Senozhatsky
---
drivers/tty/serial/8250/8250_core.c | 8 +--
Switch to uart_port_lock macros:
- use uart_port_lock_for_printk()/uart_port_unlock_after_printk() in
serial8250_console_write().
- use uart_port_lock_*()/uart_port_unlock_*() elsewhere.
Signed-off-by: Sergey Senozhatsky
---
drivers/tty/serial/8250/8250_core.c | 8 +--
The patch introduces several macros which should make serial console
drivers less printk() deadlock prone.
There are several console driver entry points so we are looking at
several slightly different deadlock scenarios.
- The first entry point is console ->write() callback, which we call
from
Make printk_safe_enter_irqsave()/etc macros available to the
rest of the kernel.
Signed-off-by: Sergey Senozhatsky
---
include/linux/printk.h | 40 +
kernel/printk/internal.h| 37 --
kernel/printk/printk_safe.c | 6
The patch introduces several macros which should make serial console
drivers less printk() deadlock prone.
There are several console driver entry points so we are looking at
several slightly different deadlock scenarios.
- The first entry point is console ->write() callback, which we call
from
Make printk_safe_enter_irqsave()/etc macros available to the
rest of the kernel.
Signed-off-by: Sergey Senozhatsky
---
include/linux/printk.h | 40 +
kernel/printk/internal.h| 37 --
kernel/printk/printk_safe.c | 6
Hello,
RFC
The patch set reduces the number of ways serial consoles
can deadlock the system, including the recently reported deadlock
in panic().
The test scenario I ran on my x86_64 box:
- panic() the system while one of the CPUs holds 8250's
uart_port->lock.
Test
Hello,
RFC
The patch set reduces the number of ways serial consoles
can deadlock the system, including the recently reported deadlock
in panic().
The test scenario I ran on my x86_64 box:
- panic() the system while one of the CPUs holds 8250's
uart_port->lock.
Test
>From printk()/serial console point of view panic() is special, because
it may force CPU to re-enter printk() or/and serial console driver.
Therefore, some of serial consoles drivers are re-entrant. E.g. 8250:
serial8250_console_write()
{
if (port->sysrq)
locked = 0;
>From printk()/serial console point of view panic() is special, because
it may force CPU to re-enter printk() or/and serial console driver.
Therefore, some of serial consoles drivers are re-entrant. E.g. 8250:
serial8250_console_write()
{
if (port->sysrq)
locked = 0;
On 15 Oct 2018, at 9:07 pm, Jerome Brunet wrote:
>
> On Sat, 2018-10-13 at 18:08 +0200, Michael Turquette wrote:
>> Quoting Christian Hewitt (2018-10-13 12:04:46)
>>> On the Khadas VIM2 (GXM) and LePotato (GXL) board there are problems
>>> with reboot; e.g. a ~60 second delay between issuing
On 15 Oct 2018, at 9:07 pm, Jerome Brunet wrote:
>
> On Sat, 2018-10-13 at 18:08 +0200, Michael Turquette wrote:
>> Quoting Christian Hewitt (2018-10-13 12:04:46)
>>> On the Khadas VIM2 (GXM) and LePotato (GXL) board there are problems
>>> with reboot; e.g. a ~60 second delay between issuing
Hi, Stephen
Anson Huang
Best Regards!
> -Original Message-
> From: Stephen Boyd
> Sent: Tuesday, October 16, 2018 12:46 AM
> To: ker...@pengutronix.de; linux-arm-ker...@lists.infradead.org;
> linux-...@vger.kernel.org; linux-kernel@vger.kernel.org;
> mturque...@baylibre.com;
Hi, Stephen
Anson Huang
Best Regards!
> -Original Message-
> From: Stephen Boyd
> Sent: Tuesday, October 16, 2018 12:46 AM
> To: ker...@pengutronix.de; linux-arm-ker...@lists.infradead.org;
> linux-...@vger.kernel.org; linux-kernel@vger.kernel.org;
> mturque...@baylibre.com;
From: Steffen Klassert
[ Upstream commit 07bf7908950a8b14e81aa1807e3c667eab39287a ]
We don't validate the address prefix lengths in the xfrm
selector we got from userspace. This can lead to undefined
behaviour in the address matching functions if the prefix
is too big for the given address
From: Steffen Klassert
[ Upstream commit 07bf7908950a8b14e81aa1807e3c667eab39287a ]
We don't validate the address prefix lengths in the xfrm
selector we got from userspace. This can lead to undefined
behaviour in the address matching functions if the prefix
is too big for the given address
From: Andrei Otcheretianski
[ Upstream commit 24f33e64fcd0d50a4b1a8e5b41bd0257aa66b0e8 ]
Core regulatory hints didn't set wiphy_idx to WIPHY_IDX_INVALID. Since
the regulatory request is zeroed, wiphy_idx was always implicitly set to
0. This resulted in updating only phy #0.
Fix that.
Fixes:
From: Sowmini Varadhan
[ Upstream commit 782710e333a526780d65918d669cb96646983ba2 ]
We only support one offloaded xfrm (we do not have devices that
can handle more than one offload), so reset crypto_done in
xfrm_input() when iterating over multiple transforms in xfrm_input,
so that we can
From: Thadeu Lima de Souza Cascardo
[ Upstream commit 215ab0f021c9fea3c18b75e7d522400ee6a49990 ]
After commit d6990976af7c5d8f55903bfb4289b6fb030bf754 ("vti6: fix PMTU caching
and reporting on xmit"), some too big skbs might be potentially passed down to
__xfrm6_output, causing it to fail to
From: Andrei Otcheretianski
[ Upstream commit 24f33e64fcd0d50a4b1a8e5b41bd0257aa66b0e8 ]
Core regulatory hints didn't set wiphy_idx to WIPHY_IDX_INVALID. Since
the regulatory request is zeroed, wiphy_idx was always implicitly set to
0. This resulted in updating only phy #0.
Fix that.
Fixes:
From: Sowmini Varadhan
[ Upstream commit 782710e333a526780d65918d669cb96646983ba2 ]
We only support one offloaded xfrm (we do not have devices that
can handle more than one offload), so reset crypto_done in
xfrm_input() when iterating over multiple transforms in xfrm_input,
so that we can
From: Thadeu Lima de Souza Cascardo
[ Upstream commit 215ab0f021c9fea3c18b75e7d522400ee6a49990 ]
After commit d6990976af7c5d8f55903bfb4289b6fb030bf754 ("vti6: fix PMTU caching
and reporting on xmit"), some too big skbs might be potentially passed down to
__xfrm6_output, causing it to fail to
From: Johannes Berg
[ Upstream commit cb59bc14e830028d2244861216df038165d7625d ]
If the TDLS setup happens over a connection to an AP that
doesn't have QoS, we nevertheless assign a non-zero TID
(skb->priority) and queue mapping, which may confuse us or
drivers later.
Fix it by just assigning
From: Bob Copeland
[ Upstream commit 6eae4a6c2be387fec41b0d2782c4fffb57159498 ]
In our environment running lots of mesh nodes, we are seeing the
pending queue hang periodically, with the debugfs queues file showing
lines such as:
00: 0x/348
i.e. there are a large number of frames
From: Andrei Otcheretianski
[ Upstream commit 8682250b3c1b75a45feb7452bc413d004cfe3778 ]
If a frame is dropped for any reason, mac80211 wouldn't report the TX
status back to user space.
As the user space may rely on the TX_STATUS to kick its state
machines, resends etc, it's better to just
From: Johannes Berg
[ Upstream commit cb59bc14e830028d2244861216df038165d7625d ]
If the TDLS setup happens over a connection to an AP that
doesn't have QoS, we nevertheless assign a non-zero TID
(skb->priority) and queue mapping, which may confuse us or
drivers later.
Fix it by just assigning
From: Bob Copeland
[ Upstream commit 6eae4a6c2be387fec41b0d2782c4fffb57159498 ]
In our environment running lots of mesh nodes, we are seeing the
pending queue hang periodically, with the debugfs queues file showing
lines such as:
00: 0x/348
i.e. there are a large number of frames
From: Andrei Otcheretianski
[ Upstream commit 8682250b3c1b75a45feb7452bc413d004cfe3778 ]
If a frame is dropped for any reason, mac80211 wouldn't report the TX
status back to user space.
As the user space may rely on the TX_STATUS to kick its state
machines, resends etc, it's better to just
From: Thomas Petazzoni
[ Upstream commit 3a58ac65e2d7969bcdf1b6acb70fa4d12a88e53e ]
IO_SPACE_LIMIT is the ending address of the PCI IO space, i.e
something like 0xf (and not 0x10).
Therefore, when offset = 0xf is passed as argument, this function
fails even though the offset +
From: Yuan-Chi Pang
[ Upstream commit c42055105785580563535e6d3143cad95c7ac7ee ]
TX status reporting to ieee80211s is through ieee80211s_update_metric.
There are two problems about ieee80211s_update_metric:
1. The purpose is to estimate the fail probability
to a specific link. No need to
From: Thomas Petazzoni
[ Upstream commit 3a58ac65e2d7969bcdf1b6acb70fa4d12a88e53e ]
IO_SPACE_LIMIT is the ending address of the PCI IO space, i.e
something like 0xf (and not 0x10).
Therefore, when offset = 0xf is passed as argument, this function
fails even though the offset +
From: Yuan-Chi Pang
[ Upstream commit c42055105785580563535e6d3143cad95c7ac7ee ]
TX status reporting to ieee80211s is through ieee80211s_update_metric.
There are two problems about ieee80211s_update_metric:
1. The purpose is to estimate the fail probability
to a specific link. No need to
From: Jouni Malinen
[ Upstream commit 119f94a6fefcc76d47075b83d2b73d04c895df78 ]
cfg80211_get_bss_channel() is used to update the RX channel based on the
available frame payload information (channel number from DSSS Parameter
Set element or HT Operation element). This is needed on 2.4 GHz
The reason of including here is just for BIT() and
GENMASK macros.
Since commit 8bd9cb51daac8 ("locking/atomics, asm-generic: Move some
macros from to a new file"),
is enough for such compile-time macros.
Signed-off-by: Masahiro Yamada
---
drivers/gpio/gpio-uniphier.c | 2 +-
1 file
From: Steffen Klassert
[ Upstream commit 9e1437937807b0122e8da1ca8765be2adca9aee6 ]
Since commit 222d7dbd258d ("net: prevent dst uses after free")
skb_dst_force() might clear the dst_entry attached to the skb.
The xfrm code don't expect this to happen, so we crash with
a NULL pointer
The reason of including here is just for BIT() and
GENMASK macros.
Since commit 8bd9cb51daac8 ("locking/atomics, asm-generic: Move some
macros from to a new file"),
is enough for such compile-time macros.
Signed-off-by: Masahiro Yamada
---
drivers/gpio/gpio-uniphier.c | 2 +-
1 file
From: Steffen Klassert
[ Upstream commit 9e1437937807b0122e8da1ca8765be2adca9aee6 ]
Since commit 222d7dbd258d ("net: prevent dst uses after free")
skb_dst_force() might clear the dst_entry attached to the skb.
The xfrm code don't expect this to happen, so we crash with
a NULL pointer
From: Jouni Malinen
[ Upstream commit 119f94a6fefcc76d47075b83d2b73d04c895df78 ]
cfg80211_get_bss_channel() is used to update the RX channel based on the
available frame payload information (channel number from DSSS Parameter
Set element or HT Operation element). This is needed on 2.4 GHz
From: Hans Verkuil
[ Upstream commit e0dccce1193f87597548d0db6ecc942fb92c04cd ]
The CEC_TX_STATUS_MAX_RETRIES should be set for errors only to
prevent the CEC framework from retrying the transmit. If the
transmit was successful, then don't set this flag.
Found by running 'cec-compliance -A' on
From: Colin Ian King
[ Upstream commit d98627d1360d55e3b28f702caca8b6342c4a4e45 ]
Currently the check to see if the timeout has reached zero is incorrect
and the check is instead checking if the timeout is non-zero and not
zero, hence it will break out of the loop on the first iteration and
the
From: zhong jiang
[ Upstream commit 346fa83d10934cf206e2fd0f514bf8ce186f08fe ]
sizeof(sizeof()) is quite strange and does not seem to be what
is wanted here.
The issue is detected with the help of Coccinelle.
Fixes: 39215846740a ("netfilter: conntrack: remove nlattr_size pointer from
l4proto
The reason of including here is just for BIT() and
GENMASK macros.
Since commit 8bd9cb51daac8 ("locking/atomics, asm-generic: Move some
macros from to a new file"),
is enough for such compile-time macros.
Signed-off-by: Masahiro Yamada
---
drivers/mtd/nand/raw/denali.h | 2 +-
1 file
From: Hans Verkuil
[ Upstream commit e0dccce1193f87597548d0db6ecc942fb92c04cd ]
The CEC_TX_STATUS_MAX_RETRIES should be set for errors only to
prevent the CEC framework from retrying the transmit. If the
transmit was successful, then don't set this flag.
Found by running 'cec-compliance -A' on
From: Colin Ian King
[ Upstream commit d98627d1360d55e3b28f702caca8b6342c4a4e45 ]
Currently the check to see if the timeout has reached zero is incorrect
and the check is instead checking if the timeout is non-zero and not
zero, hence it will break out of the loop on the first iteration and
the
From: zhong jiang
[ Upstream commit 346fa83d10934cf206e2fd0f514bf8ce186f08fe ]
sizeof(sizeof()) is quite strange and does not seem to be what
is wanted here.
The issue is detected with the help of Coccinelle.
Fixes: 39215846740a ("netfilter: conntrack: remove nlattr_size pointer from
l4proto
The reason of including here is just for BIT() and
GENMASK macros.
Since commit 8bd9cb51daac8 ("locking/atomics, asm-generic: Move some
macros from to a new file"),
is enough for such compile-time macros.
Signed-off-by: Masahiro Yamada
---
drivers/mtd/nand/raw/denali.h | 2 +-
1 file
From: Sean Tranchetti
[ Upstream commit 32bf94fb5c2ec4ec842152d0e5937cd4bb6738fa ]
XFRM mode parameters passed as part of the user templates
in the IP_XFRM_POLICY are never properly validated. Passing
values other than valid XFRM modes can cause stack-out-of-bounds
reads to occur later in the
From: Martin Willi
[ Upstream commit 628980e5c8f038f730582c6ee50b7410741cd96e ]
The cleanup of radios during namespace exit has recently been reworked
to directly delete a radio while temporarily releasing the spinlock,
fixing a race condition between the work-queue execution and namespace
From: Alexandre Belloni
[ Upstream commit 64e9e22e68512da8df3c9a7430f07621e48db3c2 ]
If the qman driver didn't probe, calling qman_alloc_fqid_range,
qman_alloc_pool_range or qman_alloc_cgrid_range (as done in dpaa_eth) will
pass a NULL pointer to gen_pool_alloc, leading to a NULL pointer
From: Yunsheng Lin
[ Upstream commit 2e9361efa707e186d91b938e44f9e326725259f7 ]
If SMMU is on, there is more likely that skb_shinfo(skb)->frags[i]
can not send by a single BD. when this happen, the
hns_nic_net_xmit_hw function map the whole data in a frags using
skb_frag_dma_map, but unmap each
From: Masashi Honma
[ Upstream commit 30fe6d50eb088783c8729c7d930f65296b2b3fa7 ]
Use array_index_nospec() to sanitize ridx with respect to speculation.
Signed-off-by: Masashi Honma
Signed-off-by: Johannes Berg
Signed-off-by: Sasha Levin
---
net/wireless/nl80211.c | 1 +
1 file changed, 1
From: Sean Tranchetti
[ Upstream commit 32bf94fb5c2ec4ec842152d0e5937cd4bb6738fa ]
XFRM mode parameters passed as part of the user templates
in the IP_XFRM_POLICY are never properly validated. Passing
values other than valid XFRM modes can cause stack-out-of-bounds
reads to occur later in the
From: Martin Willi
[ Upstream commit 628980e5c8f038f730582c6ee50b7410741cd96e ]
The cleanup of radios during namespace exit has recently been reworked
to directly delete a radio while temporarily releasing the spinlock,
fixing a race condition between the work-queue execution and namespace
From: Alexandre Belloni
[ Upstream commit 64e9e22e68512da8df3c9a7430f07621e48db3c2 ]
If the qman driver didn't probe, calling qman_alloc_fqid_range,
qman_alloc_pool_range or qman_alloc_cgrid_range (as done in dpaa_eth) will
pass a NULL pointer to gen_pool_alloc, leading to a NULL pointer
From: Yunsheng Lin
[ Upstream commit 2e9361efa707e186d91b938e44f9e326725259f7 ]
If SMMU is on, there is more likely that skb_shinfo(skb)->frags[i]
can not send by a single BD. when this happen, the
hns_nic_net_xmit_hw function map the whole data in a frags using
skb_frag_dma_map, but unmap each
From: Masashi Honma
[ Upstream commit 30fe6d50eb088783c8729c7d930f65296b2b3fa7 ]
Use array_index_nospec() to sanitize ridx with respect to speculation.
Signed-off-by: Masashi Honma
Signed-off-by: Johannes Berg
Signed-off-by: Sasha Levin
---
net/wireless/nl80211.c | 1 +
1 file changed, 1
From: Michal Simek
[ Upstream commit e1e5d8a9fe737d94ccc0ccbaf0c97f69a8f3e000 ]
Clear ADDR64 dma bit in DMACFG register in case that HW_DMA_CAP_64B is
not detected on 64bit system.
The issue was observed when bootloader(u-boot) does not check macb
feature at DCFG6 register (DAW64_OFFSET) and
From: Steve Capper
[ Upstream commit 469ed9d823b7d240d6b9574f061ded7c3834c167 ]
In the contiguous bit hugetlb break-before-make code we assume that all
hugetlb pages are young.
In fact, remove_migration_pte is able to place an old hugetlb pte so
this assumption is not valid.
This patch fixes
From: Zhao Qiang
[ Upstream commit 96fc74333f84cfdf8d434c6c07254e215e2aad00 ]
There is a copy and paste bug so we accidentally use the RX_ shift when
we're in TX_ mode.
Fixes: bb8b2062aff3 ("fsl/qe: setup clock source for TDM mode")
Signed-off-by: Dan Carpenter
Signed-off-by: Zhao Qiang
From: Michal Simek
[ Upstream commit e1e5d8a9fe737d94ccc0ccbaf0c97f69a8f3e000 ]
Clear ADDR64 dma bit in DMACFG register in case that HW_DMA_CAP_64B is
not detected on 64bit system.
The issue was observed when bootloader(u-boot) does not check macb
feature at DCFG6 register (DAW64_OFFSET) and
From: Steve Capper
[ Upstream commit 469ed9d823b7d240d6b9574f061ded7c3834c167 ]
In the contiguous bit hugetlb break-before-make code we assume that all
hugetlb pages are young.
In fact, remove_migration_pte is able to place an old hugetlb pte so
this assumption is not valid.
This patch fixes
From: Zhao Qiang
[ Upstream commit 96fc74333f84cfdf8d434c6c07254e215e2aad00 ]
There is a copy and paste bug so we accidentally use the RX_ shift when
we're in TX_ mode.
Fixes: bb8b2062aff3 ("fsl/qe: setup clock source for TDM mode")
Signed-off-by: Dan Carpenter
Signed-off-by: Zhao Qiang
From: Nathan Chancellor
[ Upstream commit a898fba32229efd5e6b6154f83fa86a7145156b9 ]
Clang warns when one enumerated type is implicitly converted to another.
drivers/net/ethernet/qlogic/qed/qed_sp_commands.c:163:25: warning:
implicit conversion from enumeration type 'enum tunnel_clss' to
From: Matias Karhumaa
[ Upstream commit cb28c306b93b71f2741ce1a5a66289db26715f4d ]
In case unpair_device() was called through mgmt interface at the same time
when pairing was in progress, Bluetooth kernel module crash was seen.
[ 600.351225] general protection fault: [#1] SMP PTI
[
From: Martin Willi
[ Upstream commit f1c47eb61d52379de5747d02bb36be20d7a2d0d3 ]
The asynchronous destruction from a work-queue of radios tagged with
destroy-on-close may race with the owning namespace about to exit,
resulting in potential use-after-free of that namespace.
Instead of using a
From: Martin Willi
[ Upstream commit 28ef8b49a338dc1844e86b7954cfffc7dfa2660a ]
The allocation of hwsim radio identifiers uses a post-increment from 0,
so the first radio has idx 0. This idx is explicitly excluded from
multicast announcements ever since, but it is unclear why.
Drop that idx
From: Nathan Chancellor
[ Upstream commit a898fba32229efd5e6b6154f83fa86a7145156b9 ]
Clang warns when one enumerated type is implicitly converted to another.
drivers/net/ethernet/qlogic/qed/qed_sp_commands.c:163:25: warning:
implicit conversion from enumeration type 'enum tunnel_clss' to
From: Matias Karhumaa
[ Upstream commit cb28c306b93b71f2741ce1a5a66289db26715f4d ]
In case unpair_device() was called through mgmt interface at the same time
when pairing was in progress, Bluetooth kernel module crash was seen.
[ 600.351225] general protection fault: [#1] SMP PTI
[
From: Martin Willi
[ Upstream commit f1c47eb61d52379de5747d02bb36be20d7a2d0d3 ]
The asynchronous destruction from a work-queue of radios tagged with
destroy-on-close may race with the owning namespace about to exit,
resulting in potential use-after-free of that namespace.
Instead of using a
From: Martin Willi
[ Upstream commit 28ef8b49a338dc1844e86b7954cfffc7dfa2660a ]
The allocation of hwsim radio identifiers uses a post-increment from 0,
so the first radio has idx 0. This idx is explicitly excluded from
multicast announcements ever since, but it is unclear why.
Drop that idx
From: Nathan Chancellor
[ Upstream commit db803f36e56f23b5a2266807e190d1dc11554d54 ]
Clang complains when one enumerated type is implicitly converted to
another.
drivers/net/ethernet/qlogic/qed/qed_vf.c:686:6: warning: implicit
conversion from enumeration type 'enum qed_tunn_mode' to different
From: Nathan Chancellor
[ Upstream commit d3a315795b4ce8b105a64a90699103121bde04a8 ]
Clang warns when one enumerated type is implicitly converted to another.
drivers/net/ethernet/qlogic/qed/qed_roce.c:153:12: warning: implicit
conversion from enumeration type 'enum roce_mode' to different
From: Lubomir Rintel
[ Upstream commit d85536cde91fcfed6fb8d983783bd2b92c843939 ]
Add missing prepare/unprepare operations for fbi->clk,
this fixes following kernel warning:
[ cut here ]
WARNING: CPU: 0 PID: 1 at drivers/clk/clk.c:874 clk_core_enable+0x2c/0x1b0
From: Mahesh Bandewar
[ Upstream commit 6a9e461f6fe4434e6172304b69774daff9a3ac4c ]
Commit b89f04c61efe ("bonding: deliver link-local packets with
skb->dev set to link that packets arrived on") changed the behavior
of how link-local-multicast packets are processed. The change in
the behavior
From: Mahesh Bandewar
[ Upstream commit 6a9e461f6fe4434e6172304b69774daff9a3ac4c ]
Commit b89f04c61efe ("bonding: deliver link-local packets with
skb->dev set to link that packets arrived on") changed the behavior
of how link-local-multicast packets are processed. The change in
the behavior
From: Nathan Chancellor
[ Upstream commit d3a315795b4ce8b105a64a90699103121bde04a8 ]
Clang warns when one enumerated type is implicitly converted to another.
drivers/net/ethernet/qlogic/qed/qed_roce.c:153:12: warning: implicit
conversion from enumeration type 'enum roce_mode' to different
From: Lubomir Rintel
[ Upstream commit d85536cde91fcfed6fb8d983783bd2b92c843939 ]
Add missing prepare/unprepare operations for fbi->clk,
this fixes following kernel warning:
[ cut here ]
WARNING: CPU: 0 PID: 1 at drivers/clk/clk.c:874 clk_core_enable+0x2c/0x1b0
From: Nathan Chancellor
[ Upstream commit db803f36e56f23b5a2266807e190d1dc11554d54 ]
Clang complains when one enumerated type is implicitly converted to
another.
drivers/net/ethernet/qlogic/qed/qed_vf.c:686:6: warning: implicit
conversion from enumeration type 'enum qed_tunn_mode' to different
From: Mahesh Bandewar
[ Upstream commit d4859d749aa7090ffb743d15648adb962a1baeae ]
Syzkaller reported this on a slightly older kernel but it's still
applicable to the current kernel -
==
WARNING: possible circular locking dependency detected
From: Nathan Chancellor
[ Upstream commit 1c492a9d55ba99079210ed901dd8a5423f980487 ]
Clang warns when a constant is used in a boolean context as it thinks a
bitwise operation may have been intended.
drivers/net/ethernet/qlogic/qed/qed_vf.c:415:27: warning: use of logical
'&&' with constant
From: Nathan Chancellor
[ Upstream commit 77f2d753819b7d50c16abfb778caf1fe075faed0 ]
Clang warns when one enumerated type is implicitly converted to another.
drivers/net/ethernet/qlogic/qed/qed_iwarp.c:1713:25: warning: implicit
conversion from enumeration type 'enum tcp_ip_version' to
From: Nilesh Javali
[ Upstream commit 3cc5746e5ad7688e274e193fa71278d98aa52759 ]
Fix kernel NULL pointer dereference,
Call Trace:
[] __mutex_lock_slowpath+0xa6/0x1d0
[] mutex_lock+0x1f/0x2f
[] qedi_get_protocol_tlv_data+0x61/0x450 [qedi]
[] ? map_vm_area+0x2e/0x40
[] ?
1 - 100 of 1736 matches
Mail list logo
