On 02/10/2018 12:36 PM, Marcus Folkesson wrote:
watchdog_init_timeout() will preserve wdd->timeout value if
no parameter nor timeout-secs dt property is set.
Signed-off-by: Marcus Folkesson
Reviewed-by: Guenter Roeck
---
drivers/watchdog/omap_wdt.c | 4 ++--
1 file changed, 2 insertions
On 02/10/2018 12:36 PM, Marcus Folkesson wrote:
watchdog_init_timeout() will preserve wdd->timeout value if
no parameter nor timeout-secs dt property is set.
Signed-off-by: Marcus Folkesson
Reviewed-by: Guenter Roeck
---
drivers/watchdog/gpio_wdt.c | 4 ++--
1 file changed, 2 insertions
On 02/10/2018 12:36 PM, Marcus Folkesson wrote:
Signed-off-by: Marcus Folkesson
Reviewed-by: Guenter Roeck
---
drivers/watchdog/lpc18xx_wdt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/watchdog/lpc18xx_wdt.c b/drivers/watchdog/lpc18xx_wdt.c
index b4221f43
Hi test robot,
2018-02-11 12:41 GMT+09:00 kbuild test robot :
> tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
> master
> head: d48fcbd864a008802a90c58a9ceddd9436d11a49
> commit: 9e3e10c725360b9d07018cfcd5b7b6b7d325fae5 kconfig: send error messages
> to stderr
> da
On Sat, Feb 10, 2018 at 12:08 PM, Linus Torvalds
wrote:
> On Sat, Feb 10, 2018 at 11:23 AM, Kees Cook wrote:
>>
>> So, if this could do something like this:
>>
>> config CC_HAS_STACKPROTECTOR_STRONG
>> bool
>> option
>> shell="scripts/gcc-${ARCH}_${BITS}-ha
Hi Arnd,
FYI, the error/warning still remains.
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
master
head: d48fcbd864a008802a90c58a9ceddd9436d11a49
commit: 71e7673dadfdae0605d4c1f66ecb4b045c79fe0f microblaze: fix endian handling
date: 4 weeks ago
config: microblaz
3.2.99-rc1 review patch. If anyone has any objections, please let me know.
--
From: Dan Carpenter
commit 3e351275655d3c84dc28abf170def9786db5176d upstream.
We could allocate less memory than intended because we do:
bfad->regdata = kzalloc(len << 2, GFP_KERNEL);
The s
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Guillaume Nault
commit cdd10c9627496ad25c87ce6394e29752253c69d3 upstream.
If l2tp_tunnel_delete() or l2tp_tunnel_closeall() deletes a session
right after pppol2tp_release() orphaned its socket
3.2.99-rc1 review patch. If anyone has any objections, please let me know.
--
From: Younger Liu
commit d62e74be1270c89fbaf7aada8218bfdf62d00a58 upstream.
The issue scenario is as following:
- Create a small file and fallocate a large disk space for a file with
FALLOC_FL_KEE
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Ladi Prosek
commit 21f2d551183847bc7fbe8d866151d00cdad18752 upstream.
Intel SDM 27.5.2 Loading Host Segment and Descriptor-Table Registers:
"The GDTR and IDTR limits are each set to H."
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Dongho Sim
commit 33be828ada7274ebcade2001f16e5b4e33a4636e upstream.
There are redundant lines in allocate_data_block.
In this function, we call refresh_sit_entry with old seg and old curseg.
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Bernhard Rosenkraenzer
commit a0fea6027f19c62727315aba1a7fae75a9caa842 upstream.
Without this patch, K70 LUX keyboards don't work, saying
usb 3-3: unable to read config index 0 descriptor/all
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Alexander Potapenko
commit 15339e441ec46fbc3bf3486bb1ae4845b0f1bb8d upstream.
KMSAN reported use of uninitialized sctp_addr->v4.sin_addr.s_addr and
sctp_addr->v6.sin6_scope_id in sctp_v6_cmp_a
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Dan Carpenter
commit 3e351275655d3c84dc28abf170def9786db5176d upstream.
We could allocate less memory than intended because we do:
bfad->regdata = kzalloc(len << 2, GFP_KERNEL);
The
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Johan Hovold
commit 33ec6dbc5a02677509d97fe36cd2105753f0f0ea upstream.
Fix child node-lookup during probe, which ended up searching the whole
device tree depth-first starting at parent rather
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Colin Ian King
commit 123c0aab0050cd0e07ce18e453389fbbb0a5a425 upstream.
There is a check on pmlmepriv before dereferencing it when
vfree'ing pmlmepriv->free_bss_buf however the previous call
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Dan Carpenter
commit db86be3a12d0b6e5c5b51c2ab2a48f06329cb590 upstream.
We're freeing the list iterator so we should be using the _safe()
version of hlist_for_each_entry().
Fixes: 88b4a07e661
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Peter Ujfalusi
commit 660e1551939931657808d47838a3f443c0e83fd0 upstream.
of_find_node_by_name() will call of_node_put() on the node so we need to
get it first to avoid warnings.
The cfg_node n
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: "Andrew F. Davis"
commit 8adc430603d67e76a0f8491df21654f691acda62 upstream.
The binding states the reset GPIO property shall be named
"cirrus,gpio-nreset" and this is what the driver looks for
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: James Morse
commit 520e18a5080d2c444a03280d99c8a35cb667d321 upstream.
Now that nothing is using the ghes_ioremap_area pages, rip them out.
Signed-off-by: James Morse
Reviewed-by: Borislav Pe
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Vasily Gorbik
commit b192571d1ae375e0bbe0aa3ccfa1a3c3704454b9 upstream.
Current buffer size of 64 is too small. objdump shows that there are
instructions which would require up to 75 bytes buf
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Nicholas Bellinger
commit 3fc9fb13a4b2576aeab86c62fd64eb29ab68659c upstream.
This patch fixes a se_cmd->cmd_kref reference leak that can
occur when a non immediate TMR is proceeded our of comm
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Waiman Long
commit 5acb3cc2c2e9d3020a4fee43763c6463767f1572 upstream.
The lockdep code had reported the following unsafe locking scenario:
CPU0CPU1
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Markus Elfring
commit f6c8a317ab208aee223776327c06f23342492d54 upstream.
Source code review for a specific software refactoring showed the need
for another correction because the error code "-
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: "William A. Kennington III"
commit 71e24d7731a2903b1ae2bba2b2971c654d9c2aa6 upstream.
The current code checks the completion map to look for the first token
that is complete. In some cases, a
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Bart Van Assche
commit 59b6986dbfcdab96a971f9663221849de79a7556 upstream.
Allocate a task management request structure for all task management
requests, including task reassignment. This chang
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Markus Elfring
commit bfba2b3e21b9426c0f9aca00f3cad8631b2da170 upstream.
Move a debug message so that a null pointer access can not happen
for the variable "vout" in this function.
Fixes: 5c7
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Brent Taylor
commit 30863e38ebeb500a31cecee8096fb5002677dd9b upstream.
When mtdoops calls mtd_panic_write(), it eventually calls
panic_nand_write() in nand_base.c. In order to properly wait fo
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Douglas Fischer
commit 771394a54148f18926ca86414e51c69eda27d0cd upstream.
Add USB PID/VID for Sierra Wireless EM7355 LTE modem QDL firmware update
mode.
Signed-off-by: Douglas Fischer
Signed
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Arnd Bergmann
commit 34be4dbf87fc3e474a842305394534216d428f5d upstream.
isofs uses a 'char' variable to load the number of years since
1900 for an inode timestamp. On architectures that use a
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Nicholas Bellinger
commit 1c21a48055a67ceb693e9c2587824a8de60a217c upstream.
This patch fixes bug where early se_cmd exceptions that occur
before backend execution can result in use-after-free
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Mark Rutland
commit c80ed088a519da53f27b798a69748eaabc66aadf upstream.
The vdso tries to check for a NULL res pointer in __kernel_clock_getres,
but only checks the lower 32 bits as is uses CBZ
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Michał Mirosław
commit 54eff2264d3e9fd7e3987de1d7eba1d3581c631e upstream.
According to comments in code and common sense, cclk_lp uses its
own divisor, not cclk_g's.
Fixes: b08e8c0ecc42 ("clk
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Nicholas Bellinger
commit ae072726f6109bb1c94841d6fb3a82dde298ea85 upstream.
Since commit 59b6986dbf fixed a potential NULL pointer dereference
by allocating a se_tmr_req for ISCSI_TM_FUNC_TAS
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Yunlong Song
commit 65f1b80b33378501ea552ef085e9c31739af356c upstream.
This reverts commit 5e443818fa0b2a2845561ee25bec181424fb2889
The commit should be reverted because call sequence of belo
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Johan Hovold
commit c45e3e4c5b134b081e8af362109905427967eb19 upstream.
A recent change fixing NFC device allocation itself introduced an
error-handling bug by returning an error pointer in cas
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Doug Berger
commit 28c2d1a7a0bfdf3617800d2beae1c67983c03d15 upstream.
It is necessary for the UniMAC to be clocked at least 5 cycles
while the sw_reset is asserted to ensure a clean reset.
It
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Guillaume Nault
commit 3953ae7b218df4d1e544b98a393666f9ae58a78c upstream.
Sessions created by l2tp_session_create() aren't fully initialised:
some pseudo-wire specific operations need to be do
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Guillaume Nault
commit ee40fb2e1eb5bc0ddd3f2f83c6e39a454ef5a741 upstream.
pppol2tp_session_create() registers sessions that can't have their
corresponding socket initialised. This socket has t
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Roman Kapl
commit 4f626a4ac8f57ddabf06d03870adab91e463217f upstream.
The function for byteswapping the data send to/from atombios was buggy for
num_bytes not divisible by four. The function mu
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Roger Quadros
commit 739c64414f01748a36e7d82c8e0611dea94412bd upstream.
Since v4.12, NAND subpage writes were causing a NULL pointer
dereference on OMAP platforms (omap2-nand) using OMAP_ECC_B
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Colin Ian King
commit 3993b112dac968612b0b213ed59cb30f50b0015b upstream.
There are checks on fs_info in __btrfs_panic to avoid dereferencing a
null fs_info, however, there is a call to btrfs_c
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Christian König
commit 4d98e5ee6084f6d7bc578c5d5f86de7156aaa4cb upstream.
When the mutex is locked just in the moment we copy it we end up with a
warning that we release a locked mutex.
Fix t
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Nathan Lynch
commit e1b6b6ce55a0a25c8aa8af019095253b2133a41a upstream.
The vdso implementation of clock_getres currently returns 0 (success)
whenever a null timespec is provided by the caller,
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Radu Alexe
commit cc2f8ab5334a736fa0e775cfccf06c1e268667f0 upstream.
Fixes: 3ebfa92f49a6 ("crypto: caam - Add new macros for building extended SEC
descriptors (> 64 words)")
Signed-off-by: Ra
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Stanislaw Gruszka
commit bfa62a52cad93686bb8d8171ea5288813248a7c6 upstream.
ENOENT usb error mean "specified interface or endpoint does not exist or
is not enabled". Mark device not present wh
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Jens Axboe
commit 1f2cac107c591c24b60b115d6050adc213d10fc0 upstream.
sg.c calls into the blktrace functions without holding the proper queue
mutex for doing setup, start/stop, or teardown.
Ad
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Alan Stern
commit 2ef47001b3ee3ded579b7532ebdcf8680e4d8c54 upstream.
The USB kerneldoc says that the actual_length field "is read in
non-iso completion functions", but the usbfs driver uses it
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Hou Tao
commit b9a41d21dceadf8104812626ef85dc56ee8a60ed upstream.
The following BUG_ON was hit when testing repeat creation and removal of
DM devices:
kernel BUG at drivers/md/dm.c:2919!
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Mark Bloch
commit 5f22a1d87c5315a98981ecf93cd8de226cffe6ca upstream.
Maximal message should be used as a limit to the max message payload allowed,
without the headers. The ConnectX-3 check is
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: "Eric W. Biederman"
commit 7c8a61d9ee1df0fb4747879fa67a99614eb62fec upstream.
Alexandar Potapenko while testing the kernel with KMSAN and syzkaller
discovered that in some configurations sctp
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: alex chen
commit 28f5a8a7c033cbf3e32277f4cc9c6afd74f05300 upstream.
we should wait dio requests to finish before inode lock in
ocfs2_setattr(), otherwise the following deadlock will happen:
p
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Heiko Carstens
commit a1c5befc1c24eb9c1ee83f711e0f21ee79cbb556 upstream.
Dan Horák reported the following crash related to transactional execution:
User process fault: interruption code 0013
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Jason Gunthorpe
commit 299ee123e19889d511092347f5fc14db0f10e3a6 upstream.
The SCTP socket extensions API document describes the v4mapping option as
follows:
8.1.15. Set/Clear IPv4 Mapped Add
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Nadav Amit
commit 4566654bb9be9e8864df417bb72ceee5136b6a6a upstream.
Guest which sets the PAT CR to invalid value should get a #GP. Currently, if
vmx supports loading PAT CR during entry, the
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Philip Derrin
commit 3b0c0c922ff4be275a8beb87ce5657d16f355b54 upstream.
When CONFIG_ARM_LPAE is set, the PMD dump relies on the software
read-only bit to determine whether a page is writable.
On Sat, Feb 10, 2018 at 8:13 PM, Kees Cook wrote:
>
> It's been there since the very beginning when Arjan added it to
> validate that the compiler actually produces a stack protector when
> you give it -fstack-protector. Older gccs broke this entirely, more
> recent misconfigurations (as seen with
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Mike Snitzer
commit 8a74d29d541cd86569139c6f3f44b2d210458071 upstream.
A DM device with a mix of discard capabilities (due to some underlying
devices not having discard support) _should_ just
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: John David Anglin
commit 05f016d2ca7a4fab99d5d5472168506ddf95e74f upstream.
As noted by Christoph Biedl, passing a pointer size of 4 in the new CAS
implementation causes a kernel crash. The a
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Chuck Lever
commit c05cefcc72416a37eba5a2b35f0704ed758a9145 upstream.
Before traversing a referral and performing a mount, the mounted-on
directory looks strange:
dr-xr-xr-x. 2 4294967294 429
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Ladislav Michl
commit c98769475575c8a585f5b3952f4b5f90266f699b upstream.
While usb_control_msg function expects timeout in miliseconds, a value
of HZ is used. Replace it with USB_CTRL_GET_TIME
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Peter Zijlstra
commit 3f3295709edea6268ff1609855f498035286af73 upstream.
The current int_sqrt() computation is sub-optimal for the case of small
@x. Which is the interesting case when we're g
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Majd Dibbiny
commit 31fde034a8bd964a5c7c1a5663fc87a913158db2 upstream.
The UMR's QP is created by calling mlx5_ib_create_qp directly, and
therefore the send CQ and the recv CQ on the ibqp were
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Anna Schumaker
commit 3944369db701f075092357b511fd9f5755771585 upstream.
There isn't an obvious way to acquire and release the RCU lock during a
tracepoint, so we can't use the rpc_peeraddr2st
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Eric Biggers
commit 74d4108d9e681dbbe4a2940ed8fdff1f6868184c upstream.
The default max_cache_size_bytes for dm-bufio is meant to be the lesser
of 25% of the size of the vmalloc area and 2% of
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Paolo Bonzini
commit 15038e14724799b8c205beb5f20f9e54896013c3 upstream.
For many years some users of assigned devices have reported worse
performance on AMD processors with NPT than on AMD wit
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Xin Long
commit e39d5246111399dbc6e11cd39fd8580191b86c47 upstream.
Now when creating fnhe for redirect, it sets fnhe_expires for this
new route cache. But when updating the exist one, it doesn
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Joshua Watt
commit f02fee227e5f21981152850744a6084ff3fa94ee upstream.
The option was incorrectly masking off all other options.
Signed-off-by: Joshua Watt
Signed-off-by: Anna Schumaker
Sign
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Andreas Rohner
commit 31ccb1f7ba3cfe29631587d451cf5bb8ab593550 upstream.
There is a race condition between nilfs_dirty_inode() and
nilfs_set_file_dirty().
When a file is opened, nilfs_dirty_i
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Takashi Iwai
commit 0a62d6c966956d77397c32836a5bbfe3af786fc1 upstream.
The helper functions to parse and look for the clock source, selector
and multiplier unit may return the descriptor with
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: John Johansen
commit 844b8292b6311ecd30ae63db1471edb26e01d895 upstream.
Profiles that have an undecidable overlap in their attachments are
being incorrectly handled. Instead of failing to atta
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Xin Long
commit cebe84c6190d741045a322f5343f717139993c08 upstream.
Now when ip route flush cache and it turn out all fnhe_genid != genid.
If a redirect/pmtu icmp packet comes and the old fnhe
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: NeilBrown
commit ecc0c469f27765ed1e2b967be0aa17cee1a60b76 upstream.
Currently if the autofs kernel module gets an error when writing to the
pipe which links to the daemon, then it marks the wh
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Johannes Berg
commit 44905265bc155e0237c76c25bf5ddf740d85a8f2 upstream.
For mesh, this is simply wrong - there's no SSID, only the
mesh ID, so don't expose it at all.
For (P2P) client, it's wr
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: NeilBrown
commit 302ec300ef8a545a7fc7f667e5fd743b091c2eeb upstream.
Commit ecc0c469f277 ("autofs: don't fail mount for transient error") was
meant to replace an 'if' with a 'switch', but inste
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Takashi Iwai
commit 3d4e8303f2c747c8540a0a0126d0151514f6468b upstream.
Some timer compat ioctls have NULL checks of timer instance with
snd_BUG_ON() that bring up WARN_ON() when the debug opti
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Brian King
commit 0a9a17e3bb4564caf4bfe2a6783ae1287667d188 upstream.
This patch fixes an issue seen on Power systems with ixgbe which results
in skb list corruption and an eventual kernel oops
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Takashi Iwai
commit d937cd6790a2bef2d07b500487646bd794c039bb upstream.
When the usb-audio descriptor contains the malformed feature unit
description with a too short length, the driver may acc
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Brian King
commit 52c6912fde0133981ee50ba08808f257829c4c93 upstream.
The original issue being fixed in this patch was seen with the ixgbe
driver, but the same issue exists with i40e as well, a
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Takashi Iwai
commit 8428a8ebde2db1e988e41a58497a28beb7ce1705 upstream.
parse_audio_feature_unit() contains a code dividing potentially with
zero when a malformed FU descriptor is passed. Alth
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Takashi Iwai
commit f658f17b5e0e339935dca23e77e0f3cad591926b upstream.
The usb-audio driver may trigger an out-of-bound access at parsing a
malformed selector unit, as it checks the header len
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Alexander Popov
commit 8c7003a3b4b4afd3734cdcc39217ef22d78a4a16 upstream.
Fix NULL pointer dereference and obsolete comments forgotten when
usbip server was converted from an interface driver
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Brian King
commit f72271e2a0ae4277d53c4053f5eed8bb346ba38a upstream.
The original issue being fixed in this patch was seen with the ixgbe
driver, but the same issue exists with i40evf as well,
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Shuah Khan
commit c6688ef9f29762e65bce325ef4acd6c675806366 upstream.
Harden CMD_SUBMIT path to handle malicious input that could trigger
large memory allocations. Add checks to validate transf
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Brian King
commit 1e1f9ca546556e508d021545861f6b5fc75a95fe upstream.
The original issue being fixed in this patch was seen with the ixgbe
driver, but the same issue exists with igbvf as well,
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Shuah Khan
commit 635f545a7e8be7596b9b2b6a43cab6bbd5a88e43 upstream.
get_pipe() routine doesn't validate the input endpoint number
and uses to reference ep_in and ep_out arrays. Invalid endpoi
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Viktor Slavkovic
commit 443064cb0b1fb4569fe0a71209da7625129fb760 upstream.
A lock-unlock is missing in ASHMEM_SET_SIZE ioctl which can result in a
race condition when mmap is called. After the
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Mohamed Ghannam
commit c095508770aebf1b9218e77026e48345d719b17c upstream.
When args->nr_local is 0, nr_pages gets also 0 due some size
calculation via rds_rm_size(), which is later used to all
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Brian King
commit c4cb99185b4cc96c0a1c70104dc21ae14d7e7f28 upstream.
The original issue being fixed in this patch was seen with the ixgbe
driver, but the same issue exists with igb as well, as
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Brian King
commit ae0c585d93dfaf923d2c7eb44b2c3ab92854ea9b upstream.
The original issue being fixed in this patch was seen with the ixgbe
driver, but the same issue exists with ixgbevf as well
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Ben Seri
commit 06e7e776ca4d36547e503279aeff996cbb292c16 upstream.
In the function l2cap_parse_conf_rsp and in the function
l2cap_parse_conf_req the following variable is declared without
init
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Mauro Carvalho Chehab
commit 139d28826b8e2bc7a9232fde0d2f14812914f501 upstream.
The max number of interfaces was read from the wrong descriptor.
Signed-off-by: Mauro Carvalho Chehab
Signed-o
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Nadav Amit
commit c3eec59659cf25916647d2178c541302bb4822ad upstream.
rq_reqbuf is allocated using kvmalloc() but released in one occasion
using kfree() instead of kvfree().
The issue was foun
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Eric Dumazet
commit 2638fd0f92d4397884fd991d8f4925cb3f081901 upstream.
Denys provided an awesome KASAN report pointing to an use
after free in xt_TCPMSS
I have provided three patches to fix t
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Masami Hiramatsu
commit 12a78d43de767eaf8fb272facb7a7b6f2dc6a9df upstream.
The kbuild test robot reported this build warning:
Warning: arch/x86/tools/test_get_len found difference at
:
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Vijendar Mukunda
commit 9ceace3c9c18c67676e75141032a65a8e01f9a7a upstream.
This commit adds PCI ID for Raven platform
Signed-off-by: Vijendar Mukunda
Signed-off-by: Takashi Iwai
Signed-off-
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Theodore Ts'o
commit 51e3ae81ec58e95f10a98ef3dd6d7bce5d8e35a2 upstream.
If there are pending writes subject to delayed allocation, then i_size
will show size after the writes have completed, w
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Shuah Khan
commit be6123df1ea8f01ee2f896a16c2b7be3e4557a5a upstream.
stub_send_ret_submit() handles urb with a potential null transfer_buffer,
when it replays a packet with potential malicious
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Mohamed Ghannam
commit 7d11f77f84b27cef452cee332f4e469503084737 upstream.
set rm->atomic.op_active to 0 when rds_pin_pages() fails
or the user supplied address is invalid,
this prevents a NULL
3.16.54-rc1 review patch. If anyone has any objections, please let me know.
--
From: Gabriele Paoloni
commit 86acc790717fb60fb51ea3095084e331d8711c74 upstream.
Previously, if an non-fatal error was reported by an endpoint, we
called report_error_detected() for the endpoint, ev
201 - 300 of 441 matches
Mail list logo