On Tue, Apr 30, 2019 at 04:00:44PM +0700, Phong Tran wrote:
>
> diff --git a/include/linux/of.h b/include/linux/of.h
> index e240992e5cb6..1c35fc8f19b0 100644
> --- a/include/linux/of.h
> +++ b/include/linux/of.h
> @@ -235,7 +235,7 @@ static inline u64 of_read_number(const __be32 *cell, int
>
On Tue, Apr 30, 2019 at 12:19 AM Al Viro wrote:
>
> ... not that there's much sense keeping ->fieldbus_type in host-endian,
> while we are at it.
Interesting! Suppose we make device->fieldbus_type bus-endian.
Then the endinan-ness conversion either needs to happen in
bus_match() (and we'd have
Den 30-04-2019 kl. 16:06, skrev Song Liu:
On Tue, Apr 30, 2019 at 12:55 AM Thomas Backlund wrote:
Den 30-04-2019 kl. 10:26, skrev Thomas Backlund:
Building perf in 5.1-rc5/6/7 fails:
Build start:
make -s -C tools/perf NO_PERF_READ_VDSO32=1 NO_PERF_READ_VDSOX32=1
WERROR=0
On Tue, Apr 30, 2019 at 02:51:31PM +0200, Sebastian Andrzej Siewior wrote:
> On 2019-04-19 10:56:27 [+0200], Juri Lelli wrote:
> > On 26/03/19 10:34, Juri Lelli wrote:
> > > Hi,
> > >
> > > Running this reproducer on a 4.19.25-rt16 kernel (with lock debugging
> > > turned on) produces warning
On Fri, 26 Apr 2019 15:01:27 +0200
Pierre Morel wrote:
> +/**
> + * vfio_ap_clrirq: Disable Interruption for a APQN
> + *
> + * @dev: the device associated with the ap_queue
> + * @q: the vfio_ap_queue holding AQIC parameters
> + *
> + * Issue the host side PQAP/AQIC
> + * On success: unpin
This patch is a part of a series that extends arm64 kernel ABI to allow to
pass tagged user pointers (with the top byte set to something else other
than 0x00) as syscall arguments.
videobuf_dma_contig_user_get() uses provided user pointers for vma
lookups, which can only by done with untagged
This patch is a part of a series that extends arm64 kernel ABI to allow to
pass tagged user pointers (with the top byte set to something else other
than 0x00) as syscall arguments.
vaddr_get_pfn() uses provided user pointers for vma lookups, which can
only by done with untagged pointers.
Untag
This patch is a part of a series that extends arm64 kernel ABI to allow to
pass tagged user pointers (with the top byte set to something else other
than 0x00) as syscall arguments.
This patch adds a simple test, that calls the uname syscall with a
tagged user pointer as an argument. Without the
On Mon, Apr 29, 2019 at 1:23 AM Daniel Lezcano
wrote:
>
> On 23/04/2019 07:59, Zhang Rui wrote:
> > Hi, Daniel,
> >
> > thanks for clarifying.
> > It is true that we need to make thermal framework ready as early as
> > possible. And a static table works for me as long as vmlinux.lds.h is
> > the
On Tue, Apr 30, 2019 at 12:56:10PM +0200, Michal Koutný wrote:
> On Tue, Apr 30, 2019 at 01:45:17PM +0300, Cyrill Gorcunov
> wrote:
> > It setups these parameters unconditionally. I need to revisit
> > this moment. Technically (if only I'm not missing something
> > obvious) we might have a race
://github.com/0day-ci/linux/commits/Matteo-Croce/proc-sysctl-add-shared-variables-for-range-check/20190430-065026
reproduce:
# apt-get install sparse
make ARCH=x86_64 allmodconfig
make C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__'
If you fix the issue, kindly add following tag
On Tue, Apr 30, 2019 at 03:07:39PM +0200, Jan Kara wrote:
> On Tue 30-04-19 04:11:44, Al Viro wrote:
> > On Tue, Apr 30, 2019 at 04:55:01AM +0200, Jan Kara wrote:
> >
> > > Yeah, you're right. And if we push the patch a bit further to not take
> > > loop_ctl_mutex for invalid ioctl number, that
Hi Dave,
can you pick this series up?
This commit introduces support for the "Drop" action in classification
offload. This corresponds to the "-1" action with ethtool -N.
This is achieved using the color marking actions available in the C2
engine, which associate a color to a packet. These colors can be either
Green, Yellow or Red,
Different mechanisms are used to test and set elf_hwcaps between ARM
and ARM64, this results in the use of #ifdef's in this file when
setting/testing for the EVTSTRM hwcap.
Let's improve readability by extracting this to an arch helper.
Signed-off-by: Andrew Murray
---
Hi Chanwoo,
On 4/30/19 3:31 AM, Chanwoo Choi wrote:
> Hi Lukasz,
>
> I have no objection about this patch.
> Instead, as I commented on v4, in order to reduce the confusion
> about multiple clock definitions with same bit range of DIV_CDREX0,
>
> You need to add the additional comment and you
Aviso de seguridad:
Este mensaje es de nuestro centro de mensajería Web Admin a todos nuestros
propietarios de cuentas de correo electrónico. Estamos eliminando el acceso a
todos nuestros clientes de correo web. Su cuenta de correo electrónico se
actualizará a una nueva y mejorada interfaz de
On Tue 30-04-19 04:11:44, Al Viro wrote:
> On Tue, Apr 30, 2019 at 04:55:01AM +0200, Jan Kara wrote:
>
> > Yeah, you're right. And if we push the patch a bit further to not take
> > loop_ctl_mutex for invalid ioctl number, that would fix the problem. I
> > can send a fix.
>
> Huh? We don't take
On Tue, Apr 30, 2019 at 12:55 AM Thomas Backlund wrote:
>
> Den 30-04-2019 kl. 10:26, skrev Thomas Backlund:
> >
> > Building perf in 5.1-rc5/6/7 fails:
> >
> >
> > Build start:
> >
> >
> > make -s -C tools/perf NO_PERF_READ_VDSO32=1 NO_PERF_READ_VDSOX32=1
> > WERROR=0 NO_LIBUNWIND=1
On 30/04/2019 15:20:08+0300, Baruch Siach wrote:
> Hi Alexandre,
>
> On Tue, Apr 30 2019, Alexandre Belloni wrote:
> > On 30/04/2019 14:36:24+0300, Baruch Siach wrote:
> >> Hi Alexandre,
> >>
> >> On Tue, Apr 30 2019, Alexandre Belloni wrote:
> >>
> >> > While the range of REFERENCE + TIME is
On Tue, Apr 30, 2019 at 12:58:21PM +0300, Dan Carpenter wrote:
> On Sat, Apr 27, 2019 at 05:27:25AM +0200, Nicholas Mc Guire wrote:
> > wait_for_completion_timeout() returns unsigned long (0 on timeout or
> > remaining jiffies) not int.
> >
>
> Yeah, but it's fine though because 1 / 256
On Mon, Apr 29, 2019 at 01:06:58PM +0530, Vatsala Narang wrote:
> Modify return statement and remove the respective assignment.
>
> Issue found by coccinelle.
>
> Signed-off-by: Vatsala Narang
> ---
> drivers/staging/vc04_services/bcm2835-camera/bcm2835-camera.c | 3 +--
> 1 file changed, 1
On Sun, Apr 28, 2019 at 05:09:08PM -0700, Linus Torvalds wrote:
> On Sun, Apr 28, 2019 at 4:49 PM Jason Gunthorpe wrote:
> >
> > It is for high availability - we have situations where the hardware
> > can fault and needs some kind of destructive recovery. For instance a
> > firmware reboot, or a
On 2019-04-19 10:56:27 [+0200], Juri Lelli wrote:
> On 26/03/19 10:34, Juri Lelli wrote:
> > Hi,
> >
> > Running this reproducer on a 4.19.25-rt16 kernel (with lock debugging
> > turned on) produces warning below.
>
> And I now think this might lead to an actual crash.
Peter, could you please
On Tue, Apr 30, 2019 at 12:47:18PM +0800, Chuanhua Han wrote:
> The current kernel driver does not consider I2C_IPGCLK_SEL (424 bit
> of RCW) in deciding i2c_clk_rate in function i2c_imx_set_clk()
> { 0 Platform clock/4, 1 Platform clock/2}.
>
> When using ls1046a SoC, this populates incorrect
Aviso de seguridad:
Este mensaje es de nuestro centro de mensajería Web Admin a todos nuestros
propietarios de cuentas de correo electrónico. Estamos eliminando el acceso a
todos nuestros clientes de correo web. Su cuenta de correo electrónico se
actualizará a una nueva y mejorada interfaz de
Aviso de seguridad:
Este mensaje es de nuestro centro de mensajería Web Admin a todos nuestros
propietarios de cuentas de correo electrónico. Estamos eliminando el acceso a
todos nuestros clientes de correo web. Su cuenta de correo electrónico se
actualizará a una nueva y mejorada interfaz de
On 04/29, Linus Torvalds wrote:
>
> Linux vfork() is very much a real vfork(). What do you mean?
Yes, but I am wondering if man vfork should clarify what "child terminates"
actually means. I mean, the child can do clone(CLONE_THREAD) + sys_exit(),
this will wake the parent thread up before the
Hi Chanwoo,
On 4/30/19 6:47 AM, Chanwoo Choi wrote:
> Hi,
>
> On 19. 4. 19. 오후 11:19, Lukasz Luba wrote:
>> Define new IDs for clocks used by Dynamic Memory Controller in
>> Exynos5422 SoC.
>>
>> Acked-by: Rob Herring
>> Signed-off-by: Lukasz Luba
>> ---
>>
On Tue, Apr 30, 2019 at 11:10:49AM +0200, Petr Mladek wrote:
> klp_try_switch_task() is called under klp_mutex. The buffer for
> debugging messages might be static.
>
> Signed-off-by: Petr Mladek
Reviewed-by: Kamalesh Babulal
26.04.2019 18:11, Thierry Reding пишет:
> On Fri, Apr 26, 2019 at 04:03:08PM +0300, Dmitry Osipenko wrote:
>> 26.04.2019 15:42, Dmitry Osipenko пишет:
>>> 26.04.2019 15:18, Dmitry Osipenko пишет:
26.04.2019 14:13, Jon Hunter пишет:
>
> On 26/04/2019 11:45, Dmitry Osipenko wrote:
Hi Alexandre,
On Tue, Apr 30 2019, Alexandre Belloni wrote:
> Use SPDX-License-Identifier instead of a verbose license text.
>
> Signed-off-by: Alexandre Belloni
Acked-by: Baruch Siach
baruch
> ---
> drivers/rtc/rtc-digicolor.c | 6 +-
> 1 file changed, 1 insertion(+), 5 deletions(-)
>
Hi Alexandre,
On Tue, Apr 30 2019, Alexandre Belloni wrote:
> Use .set_time instead of the deprecated .set_mmss.
>
> Signed-off-by: Alexandre Belloni
Acked-by: Baruch Siach
baruch
> ---
> drivers/rtc/rtc-digicolor.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff
Hi Josh,
On 4/25/19 5:25 PM, Josh Poimboeuf wrote:
> On Thu, Apr 25, 2019 at 08:12:24AM +, Raphael Gault wrote:
>> Hi Josh,
>>
>> On 4/24/19 5:56 PM, Josh Poimboeuf wrote:
>>> On Wed, Apr 24, 2019 at 04:32:44PM +, Raphael Gault wrote:
>> diff --git a/tools/objtool/arch/arm64/decode.c
Hi Alexandre,
On Tue, Apr 30 2019, Alexandre Belloni wrote:
> On 30/04/2019 14:36:24+0300, Baruch Siach wrote:
>> Hi Alexandre,
>>
>> On Tue, Apr 30 2019, Alexandre Belloni wrote:
>>
>> > While the range of REFERENCE + TIME is actually 33 bits, the counter
>> > itself (TIME) is a 32-bits seconds
+++ Prarit Bhargava [29/04/19 11:17 -0400]:
Heiko, do you want a Signed-off-by or a Reported-by? Either one works
for me.
P.
8<
On a s390 z14 LAR with 2 cpus about stalls about 3% of the time while
loading the s390_trng.ko module.
Add a reschedule point to the loop that waits for
On Fri, Apr 26, 2019 at 02:57:37PM +0800, Yuyang Du wrote:
> Thanks for review.
>
> On Fri, 26 Apr 2019 at 03:32, Peter Zijlstra wrote:
> >
> > On Wed, Apr 24, 2019 at 06:19:25PM +0800, Yuyang Du wrote:
> >
> > After only a quick read of these next patches; this is the one that
> > worries me
From: NeilBrown
commit d58431eacb226222430940134d97bfd72f292fcd upstream.
A recent commit added a call to cache_fresh_locked()
when an expired item was found.
The call sets the CACHE_VALID flag, so it is important
that the item actually is valid.
There are two ways it could be valid:
1/ If
From: Maarten Lankhorst
commit 462ce5d963f18b71c63f6b7730a35a2ee5273540 upstream.
A pointer to crtc was missing, resulting in the following build error:
drivers/gpu/drm/vc4/vc4_crtc.c:1045:44: sparse: sparse: incorrect type in
argument 1 (different base types)
From: Frank Sorenson
commit 652727bbe1b17993636346716ae5867627793647 upstream.
A path-based rename returning EBUSY will incorrectly try opening
the file with a cifs (NT Create AndX) operation on an smb2+ mount,
which causes the server to force a session close.
If the mount is smb2+, skip the
From: Xin Long
commit 2ac695d1d602ce00b12170242f58c3d3a8e36d04 upstream.
Syzbot found a crash:
BUG: KMSAN: uninit-value in tipc_nl_compat_name_table_dump+0x54f/0xcd0
net/tipc/netlink_compat.c:872
Call Trace:
tipc_nl_compat_name_table_dump+0x54f/0xcd0 net/tipc/netlink_compat.c:872
From: Kai-Heng Feng
commit 7529b2574a7aaf902f1f8159fbc2a7caa74be559 upstream.
Use new helpers to make LPM enabling/disabling more clear.
This is a preparation to subsequent patch.
Signed-off-by: Kai-Heng Feng
Cc: stable # after much soaking
Signed-off-by: Greg Kroah-Hartman
---
From: Lucas Stach
commit 3a349763cf11e63534b8f2d302f2d0c790566497 upstream.
Currently any changed config register values don't take effect, as the
function to write them back is called with the wrong register offset.
Fixes: ff8f83708b3e (Input: synaptics-rmi4 - add support for 2D
On 04/30, Oleg Nesterov wrote:
>
> > > pidfd_poll() can race with the exiting task, miss exit_code != 0, and
> > > return
> > > zero. However, do_poll() won't block after that and pidfd_poll() will be
> > > called
> > > again.
> >
> > Here also I didn't follow what you mean. If exit_code is read
From: Xie XiuQi
commit a860fa7b96e1a1c974556327aa1aee852d434c21 upstream.
sched_clock_cpu() may not be consistent between CPUs. If a task
migrates to another CPU, then se.exec_start is set to that CPU's
rq_clock_task() by update_stats_curr_start(). Specifically, the new
value might be before
From: Wenwen Wang
commit 91862cc7867bba4ee5c8fcf0ca2f1d30427b6129 upstream.
In trace_pid_write(), the buffer for trace parser is allocated through
kmalloc() in trace_parser_get_init(). Later on, after the buffer is used,
it is then freed through kfree() in trace_parser_put(). However, it is
From: Josh Collier
commit 7c39f7f671d2acc0a1f39ebbbee4303ad499bbfa upstream.
Current implementation was not properly handling frwr memory
registrations. This was uncovered by commit 27f26cec761das ("xprtrdma:
Plant XID in on-the-wire RDMA offset (FRWR)") in which xprtrdma, which is
used for NFS
From: Eric Dumazet
[ Upstream commit 415787d7799f4fccbe8d49cb0b8e5811be6b0389 ]
lockdep does not know that the locks used by IPv4 defrag
and IPv6 reassembly units are of different classes.
It complains because of following chains :
1) sch_direct_xmit()(lock txq->_xmit_lock)
From: Peter Oskolkov
[ Upstream commit d4289fcc9b16b89619ee1c54f829e05e56de8b9a ]
Currently, IPv6 defragmentation code drops non-last fragments that
are smaller than 1280 bytes: see
commit 0ed4229b08c1 ("ipv6: defrag: drop non-last frags smaller than min mtu")
This behavior is not specified in
From: Hangbin Liu
[ Upstream commit 925b0c841e066b488cc3a60272472b2c56300704 ]
If we add a bond device which is already the master of the team interface,
we will hold the team->lock in team_add_slave() first and then request the
lock in team_set_mac_address() again. The functions are called
This is the start of the stable review cycle for the 4.9.172 release.
There are 41 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu 02 May 2019 11:34:41 AM UTC.
Anything
From: Tetsuo Handa
commit 7c2bd9a39845bfb6d72ddb55ce737650271f6f96 upstream.
syzbot is reporting uninitialized value at rpc_sockaddr2uaddr() [1]. This
is because syzbot is setting AF_INET6 to "struct sockaddr_in"->sin_family
(which is embedded into user-visible "struct nfs_mount_data"
On 4/30/19 1:13 PM, Ulf Hansson wrote:
On Fri, 26 Apr 2019 at 09:46, Ludovic Barre wrote:
From: Ludovic Barre
This patch series adds busy detect for stm32 sdmmc variant.
Some adaptations are required:
-Avoid to check and poll busy status when is not expected.
-Clear busy status bit if
From: Amit Cohen
[ Upstream commit 151f0dddbbfe4c35c9c5b64873115aafd436af9d ]
If link is down and autoneg is set to on/off, the status in ethtool does
not change.
The reason is when the link is down the function returns with zero
before changing autoneg value.
Move the checking of link state
From: Xin Long
commit 8c63bf9ab4be8b83bd8c34aacfd2f1d2c8901c8a upstream.
A similar issue as fixed by Patch "tipc: check bearer name with right
length in tipc_nl_compat_bearer_enable" was also found by syzbot in
tipc_nl_compat_link_set().
The length to check with should be
From: Yue Haibing
commit 01ca667133d019edc9f0a1f70a272447c84ec41f upstream.
Syzkaller report this:
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: [#1] SMP KASAN PTI
CPU: 0 PID: 4378 Comm: syz-executor.0 Tainted: G C5.0.0+ #5
From: Xin Long
commit 6f07e5f06c8712acc423485f657799fc8e11e56c upstream.
Syzbot reported the following crash:
BUG: KMSAN: uninit-value in memchr+0xce/0x110 lib/string.c:961
memchr+0xce/0x110 lib/string.c:961
string_is_valid net/tipc/netlink_compat.c:176 [inline]
From: Jeff Layton
commit 76a495d666e5043ffc315695f8241f5e94a98849 upstream.
Take the d_lock here to ensure that d_name doesn't change.
Cc: sta...@vger.kernel.org
Signed-off-by: Jeff Layton
Reviewed-by: "Yan, Zheng"
Signed-off-by: Ilya Dryomov
Signed-off-by: Greg Kroah-Hartman
---
From: Xie XiuQi
commit a860fa7b96e1a1c974556327aa1aee852d434c21 upstream.
sched_clock_cpu() may not be consistent between CPUs. If a task
migrates to another CPU, then se.exec_start is set to that CPU's
rq_clock_task() by update_stats_curr_start(). Specifically, the new
value might be before
From: Ard Biesheuvel
commit e17b1af96b2afc38e684aa2f1033387e2ed10029 upstream.
The EFI stub is entered with the caches and MMU enabled by the
firmware, and once the stub is ready to hand over to the decompressor,
we clean and disable the caches.
The cache clean routines use CP15 barrier
From: Dave Airlie
commit 9fa246256e09dc30820524401cdbeeaadee94025 upstream.
This reverts commit d179b88deb3bf6fed4991a31fd6f0f2cad21fab5.
This commit is documented to break userspace X.org modesetting driver in
certain configurations.
The X.org modesetting userspace driver is broken. No
From: Trond Myklebust
commit e6abc8caa6deb14be2a206253f7e1c5e37e9515b upstream.
If there are multiple callbacks queued, waiting for the callback
slot when the callback gets shut down, then they all currently
end up acting as if they hold the slot, and call
nfsd4_cb_sequence_done() resulting in
From: Maarten Lankhorst
commit 462ce5d963f18b71c63f6b7730a35a2ee5273540 upstream.
A pointer to crtc was missing, resulting in the following build error:
drivers/gpu/drm/vc4/vc4_crtc.c:1045:44: sparse: sparse: incorrect type in
argument 1 (different base types)
On 30/04/2019 12:32, Christoph Hellwig wrote:
On Tue, Apr 30, 2019 at 12:27:02PM +0100, Robin Murphy wrote:
Hmm, I don't think we need the DMA mask for the MSI mapping, this
should probably always use a 64-bit mask.
If that were true then we wouldn't need DMA masks for regular mappings
From: YueHaibing
commit 89189557b47b35683a27c80ee78aef18248eefb4 upstream.
Syzkaller report this:
sysctl could not get directory: /net//bridge -12
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: [#1]
From: Jann Horn
commit b987222654f84f7b4ca95b3a55eca784cb30235b upstream.
This fixes multiple issues in buffer_pipe_buf_ops:
- The ->steal() handler must not return zero unless the pipe buffer has
the only reference to the page. But generic_pipe_buf_steal() assumes
that every reference
From: Xin Long
commit 2ac695d1d602ce00b12170242f58c3d3a8e36d04 upstream.
Syzbot found a crash:
BUG: KMSAN: uninit-value in tipc_nl_compat_name_table_dump+0x54f/0xcd0
net/tipc/netlink_compat.c:872
Call Trace:
tipc_nl_compat_name_table_dump+0x54f/0xcd0 net/tipc/netlink_compat.c:872
From: YueHaibing
commit ae3d6a323347940f0548bbb4b17f0bb2e9164169 upstream.
If CONFIG_TEST_KMOD is set to M, while CONFIG_BLOCK is not set, XFS and
BTRFS can not be compiled successly.
Link: http://lkml.kernel.org/r/20190410075434.35220-1-yuehaib...@huawei.com
Fixes: d9c6a72d6fa2 ("kmod: add
From: Aurelien Jarno
commit 79b4a9cf0e2ea8203ce777c8d5cfa86c71eae86e upstream.
Commit 4c21b8fd8f14 (MIPS: seccomp: Handle indirect system calls (o32))
added indirect syscall detection for O32 processes running on MIPS64,
but it did not work correctly for big endian kernel/processes. The
reason
From: Linus Torvalds
commit baf76f0c58aec435a3a864075b8f6d8ee5d1f17e upstream.
This way, slhc_free() accepts what slhc_init() returns, whether that is
an error or not.
In particular, the pattern in sl_alloc_bufs() is
slcomp = slhc_init(16, 16);
...
slhc_free(slcomp);
From: Greg Kroah-Hartman
This reverts commit 57da9a9742200f391d1cf93fea389f7ddc25ec9a which is
commit 310ca162d779efee8a2dc3731439680f3e9c1e86 upstream.
Jan Kara has reported seeing problems with this patch applied, as has
Salvatore Bonaccorso, so let's drop it for now.
Reported-by: Salvatore
From: Todd Kjos
commit 26528be6720bb40bc8844e97ee73a37e530e9c5e upstream.
Fixes crash found by syzbot:
kernel BUG at drivers/android/binder_alloc.c:LINE! (2)
Reported-and-tested-by: syzbot+55de1eb4975dec156...@syzkaller.appspotmail.com
Signed-off-by: Todd Kjos
Reviewed-by: Joel Fernandes
From: Su Bao Cheng
[ Upstream commit e0c1d14a1a3211dccf0540a6703ffbd5d2a75bdb ]
Since there are more IOT2040 variants with identical hardware but
different asset tags, the asset tag matching should be adjusted to
support them.
For the board name "SIMATIC IOT2000", currently there are 2 types
From: Vinod Koul
[ Upstream commit b561af36b1841088552464cdc3f6371d92f17710 ]
stmmac_check_ether_addr() checks the MAC address and assigns one in
driver open(). In many cases when we create slave netdevice, the dev
addr is inherited from master but the master dev addr maybe NULL at
that time,
From: luca abeni
commit 1b02cd6a2d7f3e2a6a5262887d2cb2912083e42f upstream.
syzbot reported the following warning:
[ ] WARNING: CPU: 4 PID: 17089 at kernel/sched/deadline.c:255
task_non_contending+0xae0/0x1950
line 255 of deadline.c is:
From: Eric Dumazet
[ Upstream commit 20ff83f10f113c88d0bb74589389b05250994c16 ]
Before calling __ip_options_compile(), we need to ensure the network
header is a an IPv4 one, and that it is already pulled in skb->head.
RAW sockets going through a tunnel can end up calling ipv4_link_failure()
From: Zhu Yanjun
[ Upstream commit 4b9fc7146249a6e0e3175d0acc033fdcd2bfcb17 ]
Before the commit 490ea5967b0d ("RDS: IB: move FMR code to its own file"),
when the dirty_count is greater than 9/10 of max_items of 8K pool,
1M pool is used, Vice versa. After the commit 490ea5967b0d ("RDS: IB: move
From: Florian Westphal
commit 7caa56f006e9d712b44f27b32520c66420d5cbc6 upstream.
It means userspace gave us a ruleset where there is some other
data after the ebtables target but before the beginning of the next rule.
Fixes: 81e675c227ec ("netfilter: ebtables: add CONFIG_COMPAT support")
[ Upstream commit e4056bbb6719fe713bfc4030ac78e8e97ddf7574 ]
This is basically the same fix as in
commit fa68d4f8476b ("drm/rockchip: fix for mailbox read size")
but for cdn_dp_mailbox_validate_receive function.
See patchwork.kernel.org/patch/10671981/ for details.
Signed-off-by: Damian Kos
The nft_compat destroy function deletes the nft_xt object from a list.
This isn't allowed anymore. Destroy functions are called asynchronously,
i.e. next batch can find the object that has a pending ->destroy()
invocation:
cpu0 cpu1
worker
->destroy
->destroy is only allowed to free data, or do other cleanups that do not
have side effects on other state, such as visibility to other netlink
requests.
Such things need to be done in ->deactivate.
As a transaction can fail, we need to make sure we can undo such
operations, therefore ->activate()
This is the start of the stable review cycle for the 4.19.38 release.
There are 100 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu 02 May 2019 11:34:55 AM UTC.
Anything
[ Upstream commit cd5125d8f51882279f50506bb9c7e5e89dc9bef3 ]
Splits unbind_set into destroy_set and unbinding operation.
Unbinding removes set from lists (so new transaction would not
find it anymore) but keeps memory allocated (so packet path continues
to work).
Rebind function is added to
From: Yue Haibing
commit 01ca667133d019edc9f0a1f70a272447c84ec41f upstream.
Syzkaller report this:
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: [#1] SMP KASAN PTI
CPU: 0 PID: 4378 Comm: syz-executor.0 Tainted: G C5.0.0+ #5
The patch looks good, but the force in the subject sounds weird now.
From: Xin Long
commit 6f07e5f06c8712acc423485f657799fc8e11e56c upstream.
Syzbot reported the following crash:
BUG: KMSAN: uninit-value in memchr+0xce/0x110 lib/string.c:961
memchr+0xce/0x110 lib/string.c:961
string_is_valid net/tipc/netlink_compat.c:176 [inline]
[ Upstream commit cf52572ebbd7189a1966c2b5fc34b97078cd1dce ]
There are two problems with nft_compat since the netlink config
plane uses a per-netns mutex:
1. Concurrent add/del accesses to the same list
2. accesses to a list element after it has been free'd already.
This patch fixes the first
From: Daniel Borkmann
commit ce02ef06fcf7a399a6276adb83f37373d10cbbe1 upstream.
>From networking side, there are numerous attempts to get rid of indirect
calls in fast-path wherever feasible in order to avoid the cost of
retpolines, for example, just to name a few:
* 283c16a2dfd3 ("indirect
[ Upstream commit 12c44aba6618b7f6c437076e5722237190f6cd5f ]
Using standard integer type was fine while all operations on it were
guarded by the nftnl subsys mutex.
This isn't true anymore:
1. transactions are guarded only by a pernet mutex, so concurrent
rule manipulation in different netns
[ Upstream commit 3acca1dd17060332cfab15693733cdaf9fba1c90 ]
In the original patch I missed to add mv88e6xxx_ports_cmode_init()
to the second probe function, the one for the new DSA framework.
Fixes: ed8fe20205ac ("net: dsa: mv88e6xxx: prevent interrupt storm caused by
[ Upstream commit c97617a81a7616d49bc3700959e08c6c6f447093 ]
A call of pci_iounmap() call without CONFIG_PCI leads to a build error
on some architectures. We tried to address this and add a check of
IS_ENABLED(CONFIG_PCI), but this still doesn't seem enough for sh.
Ideally we should fix it
[ Upstream commit dd9a994fc68d196a052b73747e3366c57d14a09e ]
Commit b5b4453e7912 ("powerpc/vdso64: Fix CLOCK_MONOTONIC
inconsistencies across Y2038") changed the type of wtom_clock_sec
to s64 on PPC64. Therefore, VDSO32 needs to read it with a 4 bytes
shift in order to retrieve the lower part of
From: Frank Sorenson
commit 652727bbe1b17993636346716ae5867627793647 upstream.
A path-based rename returning EBUSY will incorrectly try opening
the file with a cifs (NT Create AndX) operation on an smb2+ mount,
which causes the server to force a session close.
If the mount is smb2+, skip the
From: Jason Gunthorpe
commit c660133c339f9ab684fdf568c0d51b9ae5e86002 upstream.
The intent of this VMA was to be read-only from user space, but the
VM_MAYWRITE masking was missed, so mprotect could make it writable.
Cc: sta...@vger.kernel.org
Fixes: 5c99eaecb1fc ("IB/mlx5: Mmap the HCA's clock
From: Yan, Zheng
commit 37659182bff1eeaaeadcfc8f853c6d2b6dbc3f47 upstream.
We missed two places that i_wrbuffer_ref_head, i_wr_ref, i_dirty_caps
and i_flushing_caps may change. When they are all zeros, we should free
i_head_snapc.
Cc: sta...@vger.kernel.org
Link:
From: Baolin Wang
commit 102bbe34b31c9159e714432afd64458f6f3876d7 upstream.
When setting sync EIC as IRQ_TYPE_EDGE_BOTH type, we missed to set the
SPRD_EIC_SYNC_INTMODE register to 0, which means detecting edge signals.
Thus this patch fixes the issue.
Fixes: 25518e024e3a ("gpio: Add
From: Ronnie Sahlberg
commit 05fd5c2c61732152a6bddc318aae62d7e436629b upstream.
Commit 088aaf17aa79300cab14dbee2569c58cfafd7d6e introduced a leak where
if SMB2_read() returned an error we would return without freeing the
request buffer.
Cc: Stable
Signed-off-by: Ronnie Sahlberg
Reviewed-by:
From: Josh Collier
commit 7c39f7f671d2acc0a1f39ebbbee4303ad499bbfa upstream.
Current implementation was not properly handling frwr memory
registrations. This was uncovered by commit 27f26cec761das ("xprtrdma:
Plant XID in on-the-wire RDMA offset (FRWR)") in which xprtrdma, which is
used for NFS
[ Upstream commit 273fe3f1006ea5ebc63d6729e43e8e45e32b256a ]
Set deletion after flush coming in the same batch results in EBUSY. Add
set use counter to track the number of references to this set from
rules. We cannot rely on the list of bindings for this since such list
is still populated from
From: NeilBrown
commit d58431eacb226222430940134d97bfd72f292fcd upstream.
A recent commit added a call to cache_fresh_locked()
when an expired item was found.
The call sets the CACHE_VALID flag, so it is important
that the item actually is valid.
There are two ways it could be valid:
1/ If
401 - 500 of 972 matches
Mail list logo