[PATCH 4.4 51/80] KVM: arm/arm64: Skip updating PTE entry if no change

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Punit Agrawal commit 976d34e2dab10ece5ea8fe7090b7692913f89084 upstream. When there is contention on faulting in a particular page table entry at stage 2, the break-before-make requirement of th

[PATCH 4.4 52/80] KVM: arm/arm64: Skip updating PMD entry if no change

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Punit Agrawal commit 86658b819cd0a9aa584cd84453ed268a6f013770 upstream. Contention on updating a PMD entry by a large number of vcpus can lead to duplicate work when handling stage 2 page fault

[PATCH 4.4 48/80] ext4: sysfs: print ext4_super_block fields as little-endian

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Arnd Bergmann commit a4d2aadca184ece182418950d45ba4ffc7b652d2 upstream. While working on extended rand for last_error/first_error timestamps, I noticed that the endianess is wrong; we access th

[PATCH 4.4 55/80] x86/speculation/l1tf: Suggest what to do on systems with too much RAM

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Vlastimil Babka commit 6a012288d6906fee1dbc244050ade1dafe4a9c8d upstream. Two users have reported [1] that they have an "extremely unlikely" system with more than MAX_PA/2 memory and L1TF mitig

[PATCH 4.4 24/80] media: staging: omap4iss: Include asm/cacheflush.h after generic includes

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Guenter Roeck [ Upstream commit 0894da849f145af51bde88a6b84f95b9c9e0bc66 ] Including asm/cacheflush.h first results in the following build error when trying to build sparc32:allmodconfig, becau

[PATCH 4.4 54/80] x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Vlastimil Babka commit b0a182f875689647b014bc01d36b340217792852 upstream. Two users have reported [1] that they have an "extremely unlikely" system with more than MAX_PA/2 memory and L1TF mitig

[PATCH 4.4 27/80] fscache: Allow cancelled operations to be enqueued

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Kiran Kumar Modukuri [ Upstream commit d0eb06afe712b7b103b6361f40a9a0c638524669 ] Alter the state-check assertion in fscache_enqueue_operation() to allow cancelled operations to be given proces

[PATCH 4.4 56/80] x86/process: Re-export start_thread()

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Rian Hunter commit dc76803e57cc86589c4efcb5362918f9b0c0436f upstream. The consolidation of the start_thread() functions removed the export unintentionally. This breaks binfmt handlers built as

[PATCH 4.4 53/80] x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Vlastimil Babka commit 9df9516940a61d29aedf4d91b483ca6597e7d480 upstream. On 32bit PAE kernels on 64bit hardware with enough physical bits, l1tf_pfn_limit() will overflow unsigned long. This in

[PATCH 4.4 57/80] fuse: Dont access pipe->buffers without pipe_lock()

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Andrey Ryabinin commit a2477b0e67c52f4364a47c3ad70902bc2a61bd4c upstream. fuse_dev_splice_write() reads pipe->buffers to determine the size of 'bufs' array before taking the pipe_lock(). This i

[PATCH 4.4 25/80] bnx2x: Fix invalid memory access in rss hash config path.

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Sudarsana Reddy Kalluru [ Upstream commit ae2dcb28c24794a87e424a726a1cf1a61980f52d ] Rx hash/filter table configuration uses rss_conf_obj to configure filters in the hardware. This object is in

[PATCH 4.4 29/80] cachefiles: Wait rather than BUGing on "Unexpected object collision"

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Kiran Kumar Modukuri [ Upstream commit c2412ac45a8f8f1cd582723c1a139608694d410d ] If we meet a conflicting object that is marked FSCACHE_OBJECT_IS_LIVE in the active object tree, we have been e

[PATCH 4.4 26/80] net: axienet: Fix double deregister of mdio

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Shubhrajyoti Datta [ Upstream commit 03bc7cab7d7218088412a75e141696a89059ab00 ] If the registration fails then mdio_unregister is called. However at unbind the unregister ia attempted again res

[PATCH 4.4 28/80] cachefiles: Fix refcounting bug in backing-file read monitoring

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Kiran Kumar Modukuri [ Upstream commit 934140ab028713a61de8bca58c05332416d037d1 ] cachefiles_read_waiter() has the right to access a 'monitor' object by virtue of being called under the waitque

[PATCH 4.4 74/80] kprobes: Make list and blacklist root user read only

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Masami Hiramatsu commit f2a3ab36077222437b4826fc76111caa14562b7c upstream. Since the blacklist and list files on debugfs indicates a sensitive address information to reader, it should be restri

[PATCH 4.4 75/80] MIPS: Correct the 64-bit DSP accumulator register size

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Maciej W. Rozycki commit f5958b4cf4fc38ed4583ab83fb7c4cd1ab05f47b upstream. Use the `unsigned long' rather than `__u32' type for DSP accumulator registers, like with the regular MIPS multiply/d

[PATCH 4.4 73/80] s390/pci: fix out of bounds access during irq setup

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Sebastian Ott commit 866f3576a72b2233a76dffb80290f8086dc49e17 upstream. During interrupt setup we allocate interrupt vectors, walk the list of msi descriptors, and fill in the message data. Req

[PATCH 4.4 72/80] s390/qdio: reset old sbal_state flags

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Julian Wiedmann commit 64e03ff72623b8c2ea89ca3cb660094e019ed4ae upstream. When allocating a new AOB fails, handle_outbound() is still capable of transmitting the selected buffer (just without a

Re: [PATCH 3/5] drm: fix drm_mode_addfb() on big endian machines.

On 2018-09-03 6:45 p.m., Daniel Vetter wrote: > On Mon, Sep 03, 2018 at 12:57:54PM +0200, Gerd Hoffmann wrote: >> Userspace on big endian machhines typically expects the ADDFB ioctl >> returns a big endian framebuffer. drm_mode_addfb() will call >> drm_mode_addfb2() unconditionally with little end

[PATCH 4.4 71/80] s390: fix br_r1_trampoline for machines without exrl

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Martin Schwidefsky commit 26f843848bae973817b3587780ce6b7b0200d3e4 upstream. For machines without the exrl instruction the BFP jit generates code that uses an "br %r1" instruction located in th

[PATCH 4.4 59/80] fuse: fix unlocked access to processing queue

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Miklos Szeredi commit 45ff350bbd9d0f0977ff270a0d427c71520c0c37 upstream. fuse_dev_release() assumes that it's the only one referencing the fpq->processing list, but that's not true, since fuse_

[PATCH 4.4 70/80] x86/spectre: Add missing family 6 check to microcode check

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Andi Kleen commit 1ab534e85c93945f7862378d8c8adcf408205b19 upstream. The check for Spectre microcodes does not check for family 6, only the model numbers. Add a family 6 check to avoid ambigui

[PATCH 4.4 76/80] MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Paul Burton commit 690d9163bf4b8563a2682e619f938e6a0443947f upstream. Some versions of GCC suboptimally generate calls to the __multi3() intrinsic for MIPS64r6 builds, resulting in link failure

[PATCH 4.4 20/80] atl1c: reserve min skb headroom

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Florian Westphal [ Upstream commit 6e56830776828d8ca9897fc4429eeab47c3bb432 ] Got crash report with following backtrace: BUG: unable to handle kernel paging request at 8801869daffe RIP: 001

[PATCH 4.4 62/80] fuse: Add missed unlock_page() to fuse_readpages_fill()

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Kirill Tkhai commit 109728ccc5933151c68d1106e4065478a487a323 upstream. The above error path returns with page unlocked, so this place seems also to behave the same. Fixes: f8dbdf81821b ("fuse:

[PATCH 4.4 60/80] fuse: umount should wait for all requests

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Miklos Szeredi commit b8f95e5d13f5f0191dcb4b9113113d241636e7cb upstream. fuse_abort_conn() does not guarantee that all async requests have actually finished aborting (i.e. their ->end() functio

[PATCH 4.4 80/80] cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Scott Bauer commit 8f3fafc9c2f0ece10832c25f7ffcb07c97a32ad4 upstream. Like d88b6d04: "cdrom: information leak in cdrom_ioctl_media_changed()" There is another cast from unsigned long to int wh

[PATCH 4.4 61/80] fuse: Fix oops at process_init_reply()

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Miklos Szeredi commit e8f3bd773d22f488724dffb886a1618da85c2966 upstream. syzbot is hitting NULL pointer dereference at process_init_reply(). This is because deactivate_locked_super() is called

[PATCH 4.4 79/80] iscsi target: fix session creation failure handling

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Mike Christie commit 26abc916a898d34c5ad159315a2f683def3c upstream. The problem is that iscsi_login_zero_tsih_s1 sets conn->sess early in iscsi_login_set_conn_values. If the function fails

[PATCH 4.4 63/80] udl-kms: change down_interruptible to down

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Mikulas Patocka commit 8456b99c16d193c4c3b7df305cf431e027f0189c upstream. If we leave urbs around, it causes not only leak, but also memory corruption. This patch fixes the function udl_free_ur

[PATCH 4.4 64/80] udl-kms: handle allocation failure

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Mikulas Patocka commit 542bb9788a1f485eb1a2229178f665d8ea166156 upstream. Allocations larger than PAGE_ALLOC_COSTLY_ORDER are unreliable and they may fail anytime. This patch fixes the udl kms

[PATCH 4.4 78/80] scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Bart Van Assche commit 0ee223b2e1f67cb2de9c0e3247c510d846e74d63 upstream. A long time ago the unfortunate decision was taken to add a self-deletion attribute to the sysfs SCSI device directory.

[PATCH 4.4 65/80] udl-kms: fix crash due to uninitialized memory

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Mikulas Patocka commit 09a00abe3a9941c2715ca83eb88172cd2f54d8fd upstream. We must use kzalloc when allocating the fb_deferred_io structure. Otherwise, the field first_io is undefined and it cau

[PATCH 4.9 001/107] vti6: fix PMTU caching and reporting on xmit

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Eyal Birger [ Upstream commit d6990976af7c5d8f55903bfb4289b6fb030bf754 ] When setting the skb->dst before doing the MTU check, the route PMTU caching and reporting is done on the new dst which

[PATCH 4.4 67/80] ASoC: sirf: Fix potential NULL pointer dereference

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Gustavo A. R. Silva commit ae1c696a480c67c45fb23b35162183f72c6be0e1 upstream. There is a potential execution path in which function platform_get_resource() returns NULL. If this happens, we wil

[PATCH 4.4 66/80] ASoC: dpcm: dont merge format from invalid codec dai

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Jerome Brunet commit 4febced15ac8ddb9cf3e603edb111842e4863d9a upstream. When merging codec formats, dpcm_runtime_base_format() should skip the codecs which are not supporting the current stream

[PATCH 4.4 58/80] fuse: fix double request_end()

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Miklos Szeredi commit 87114373ea507895a62afb10d2910bd9adac35a8 upstream. Refcounting of request is broken when fuse_abort_conn() is called and request is on the fpq->io list: - ref is taken t

[PATCH 4.9 014/107] usb: gadget: f_uac2: fix endianness of struct cntrl_*_lay3

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Eugeniu Rosca [ Upstream commit eec24f2a0d4dc3b1d95a3ccd2feb523ede3ba775 ] The list [1] of commits doing endianness fixes in USB subsystem is long due to below quote from USB spec Revision 2.0

[PATCH 4.9 015/107] bpf, ppc64: fix unexpected r0=0 exit path inside bpf_xadd

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Borkmann [ Upstream commit b9c1e60e7bf4e64ac1b4f4d6d593f0bb57886973 ] None of the JITs is allowed to implement exit paths from the BPF insn mappings other than BPF_JMP | BPF_EXIT. In the

[PATCH 4.9 011/107] usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Jia-Ju Bai [ Upstream commit f36b507c14c4b6e634463a610294e9cb0065c8ea ] The driver may sleep in an interrupt handler. The function call path (from bottom to top) in Linux-4.16.7 is: [FUNC] r8a

[PATCH 4.9 010/107] usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Jia-Ju Bai [ Upstream commit 0602088b10a7c0b4e044a810678ef93d7cc5bf48 ] The driver may sleep with holding a spinlock. The function call paths (from bottom to top) in Linux-4.16.7 are: [FUNC] m

[PATCH 4.9 012/107] usb/phy: fix PPC64 build errors in phy-fsl-usb.c

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Randy Dunlap [ Upstream commit a39ba90a1cc7010edb0a7132e1b67f3d80b994e9 ] Fix build errors when built for PPC64: These variables are only used on PPC32 so they don't need to be initialized for

[PATCH 4.9 018/107] qed: Fix possible race for the link state value.

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Sudarsana Reddy Kalluru [ Upstream commit 58874c7b246109d8efb2b0099d1aa296d6bfc3fa ] There's a possible race where driver can read link status in mid-transition and see that virtual-link is up

[PATCH 4.9 019/107] qed: Correct Multicast API to reflect existence of 256 approximate buckets.

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Sudarsana Reddy Kalluru [ Upstream commit 25c020a90919632b3425c19dc09188d56b9ed59a ] FW hsi contains 256 approximation buckets which are split in ramrod into eight u32 values, but driver is usi

[PATCH 4.9 026/107] bnx2x: Fix invalid memory access in rss hash config path.

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Sudarsana Reddy Kalluru [ Upstream commit ae2dcb28c24794a87e424a726a1cf1a61980f52d ] Rx hash/filter table configuration uses rss_conf_obj to configure filters in the hardware. This object is in

[PATCH 4.9 016/107] tools/power turbostat: fix -S on UP systems

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Len Brown [ Upstream commit 9d83601a9cc1884d1b5706ee2acc661d558c6838 ] The -S (system summary) option failed to print any data on a 1-processor system. Reported-by: Artem Bityutskiy Signed-of

[PATCH 4.9 017/107] net: caif: Add a missing rcu_read_unlock() in caif_flow_cb

4.9-stable review patch. If anyone has any objections, please let me know. -- From: YueHaibing [ Upstream commit 64119e05f7b31e83e2555f6782e6cdc8f81c63f4 ] Add a missing rcu_read_unlock in the error path Fixes: c95567c80352 ("caif: added check for potential null return") Sign

[PATCH 4.9 020/107] atl1c: reserve min skb headroom

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Florian Westphal [ Upstream commit 6e56830776828d8ca9897fc4429eeab47c3bb432 ] Got crash report with following backtrace: BUG: unable to handle kernel paging request at 8801869daffe RIP: 001

[PATCH 4.9 025/107] media: staging: omap4iss: Include asm/cacheflush.h after generic includes

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Guenter Roeck [ Upstream commit 0894da849f145af51bde88a6b84f95b9c9e0bc66 ] Including asm/cacheflush.h first results in the following build error when trying to build sparc32:allmodconfig, becau

[PATCH 4.9 024/107] perf/x86/amd/ibs: Dont access non-started event

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner [ Upstream commit d2753e6b4882a637a0e8fb3b9c2e15f33265300e ] Paul Menzel reported the following bug: > Enabling the undefined behavior sanitizer and building GNU/Linux 4.18-rc5

[PATCH 4.9 005/107] nl80211: Add a missing break in parse_station_flags

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Bernd Edlinger [ Upstream commit 5cf3006cc81d9aa09a10aa781fc065546b12919d ] I was looking at usually suppressed gcc warnings, [-Wimplicit-fallthrough=] in this case: The code definitely looks

[PATCH 4.9 022/107] can: mpc5xxx_can: check of_iomap return before use

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Nicholas Mc Guire [ Upstream commit b5c1a23b17e563b656cc9bb76ce5323b997d90e8 ] of_iomap() can return NULL so that return needs to be checked and NULL treated as failure. While at it also take c

[PATCH 4.9 004/107] mac80211: add stations tied to AP_VLANs during hw reconfig

4.9-stable review patch. If anyone has any objections, please let me know. -- From: "mpubb...@codeaurora.org" [ Upstream commit 19103a4bfb42f320395daa5616ece3e89e759d63 ] As part of hw reconfig, only stations linked to AP interfaces are added back to the driver ignoring those

[PATCH 4.9 003/107] xfrm: free skb if nlsk pointer is NULL

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Florian Westphal [ Upstream commit 86126b77dcd551ce223e7293bb55854e3df05646 ] nlmsg_multicast() always frees the skb, so in case we cannot call it we must do that ourselves. Fixes: 21ee543edc0

[PATCH 4.9 021/107] net: prevent ISA drivers from building on PPC32

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Randy Dunlap [ Upstream commit c9ce1fa1c24b08e13c2a3b5b1f94a19c9eaa982c ] Prevent drivers from building on PPC32 if they use isa_bus_to_virt(), isa_virt_to_bus(), or isa_page_to_bus(), which ar

[PATCH 4.9 029/107] x86/boot: Fix if_changed build flip/flop bug

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Kees Cook [ Upstream commit 92a4728608a8fd228c572bc8ff50dd98aa0ddf2a ] Dirk Gouders reported that two consecutive "make" invocations on an already compiled tree will show alternating behaviors:

[PATCH 4.9 028/107] net: axienet: Fix double deregister of mdio

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Shubhrajyoti Datta [ Upstream commit 03bc7cab7d7218088412a75e141696a89059ab00 ] If the registration fails then mdio_unregister is called. However at unbind the unregister ia attempted again res

[PATCH 4.9 023/107] i2c: davinci: Avoid zero value of CLKH

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Alexander Sverdlin [ Upstream commit cc8de9a68599b261244ea453b38678229f06ada7 ] If CLKH is set to 0 I2C clock is not generated at all, so avoid this value and stretch the clock in this case. S

[PATCH 4.9 006/107] drm/bridge: adv7511: Reset registers on hotplug

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Sean Paul [ Upstream commit 5f3417569165a8ee57654217f73e0160312f409c ] The bridge loses its hw state when the cable is unplugged. If we detect this case in the hpd handler, reset its state. Re

[PATCH 4.9 008/107] drm/imx: imx-ldb: disable LDB on driver bind

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Lucas Stach [ Upstream commit b58262396fabd43dc869b576e3defdd23b32fe94 ] The LVDS signal integrity is only guaranteed when the correct enable sequence (first IPU DI, then LDB) is used. If the L

[PATCH 4.9 031/107] cachefiles: Fix refcounting bug in backing-file read monitoring

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Kiran Kumar Modukuri [ Upstream commit 934140ab028713a61de8bca58c05332416d037d1 ] cachefiles_read_waiter() has the right to access a 'monitor' object by virtue of being called under the waitque

[PATCH 4.9 000/107] 4.9.125-stable review

This is the start of the stable review cycle for the 4.9.125 release. There are 107 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed Sep 5 16:56:13 UTC 2018. Anything recei

[PATCH 4.9 040/107] arc: fix type warnings in arc/mm/cache.c

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Randy Dunlap [ Upstream commit ec837d620c750c0d4996a907c8c4f7febe1bbeee ] Fix type warnings in arch/arc/mm/cache.c. ../arch/arc/mm/cache.c: In function 'flush_anon_page': ../arch/arc/mm/cache.

[PATCH 4.9 007/107] scsi: libiscsi: fix possible NULL pointer dereference in case of TMF

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Varun Prakash [ Upstream commit a17037e7d59075053b522048742a08ac9500bde8 ] In iscsi_check_tmf_restrictions() task->hdr is dereferenced to print the opcode, it is possible that task->hdr is NULL

[PATCH 4.9 041/107] squashfs metadata 2: electric boogaloo

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Linus Torvalds [ Upstream commit cdbb65c4c7ead680ebe54f4f0d486e2847a500ea ] Anatoly continues to find issues with fuzzed squashfs images. This time, corrupt, missing, or undersized data for th

[PATCH 4.9 009/107] drm/imx: imx-ldb: check if channel is enabled before printing warning

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Lucas Stach [ Upstream commit c80d673b91a6c81d765864e10f2b15110ee900ad ] If the second LVDS channel has been disabled in the DT when using dual-channel mode we should not print a warning. Sign

[PATCH 4.9 044/107] memcg: remove memcg_cgroup::id from IDR on mem_cgroup_css_alloc() failure

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Kirill Tkhai [ Upstream commit 7e97de0b033bcac4fa9a35cef72e0c06e6a22c67 ] In case of memcg_online_kmem() failure, memcg_cgroup::id remains hashed in mem_cgroup_idr even after memcg memory is fr

[PATCH 4.9 046/107] scsi: fcoe: clear FC_RP_STARTED flags when receiving a LOGO

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Johannes Thumshirn [ Upstream commit 1550ec458e0cf1a40a170ab1f4c46e3f52860f65 ] When receiving a LOGO request we forget to clear the FC_RP_STARTED flag before starting the rport delete routine.

[PATCH 4.9 043/107] drivers: net: lmc: fix case value for target abort error

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Colin Ian King [ Upstream commit afb41bb039656f0cecb54eeb8b2e2088201295f5 ] Current value for a target abort error is 0x010, however, this value should in fact be 0x002. As it stands, the rang

[PATCH 4.9 045/107] scsi: fcoe: drop frames in ELS LOGO error path

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Johannes Thumshirn [ Upstream commit 63d0e3dffda311e77b9a8c500d59084e960a824a ] Drop the frames in the ELS LOGO error path instead of just returning an error. This fixes the following kmemleak

Re: [PATCH RFC LKMM 1/7] tools/memory-model: Add extra ordering for locks and remove it for ordinary release/acquire

On Fri, Aug 31, 2018 at 08:28:46PM +0200, Andrea Parri wrote: > > > Yes, it's true that implementing locks with atomic_cmpxchg_acquire > > > should be correct on all existing architectures. And Paul has invited > > > a patch to modify the LKMM accordingly. If you feel that such a change > > >

[PATCH 4.9 048/107] mm/memory.c: check return value of ioremap_prot

4.9-stable review patch. If anyone has any objections, please let me know. -- From: "jie@chenj...@huwei.com" [ Upstream commit 24eee1e4c47977bdfb71d6f15f6011e7b6188d04 ] ioremap_prot() can return NULL which could lead to an oops. Link: http://lkml.kernel.org/r/1533195441-585

[PATCH 4.9 032/107] cachefiles: Wait rather than BUGing on "Unexpected object collision"

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Kiran Kumar Modukuri [ Upstream commit c2412ac45a8f8f1cd582723c1a139608694d410d ] If we meet a conflicting object that is marked FSCACHE_OBJECT_IS_LIVE in the active object tree, we have been e

[PATCH 4.9 050/107] Cipso: cipso_v4_optptr enter infinite loop

4.9-stable review patch. If anyone has any objections, please let me know. -- From: yujuan.qi commit 40413955ee265a5e42f710940ec78f5450d49149 upstream. in for(),if((optlen > 0) && (optptr[1] == 0)), enter infinite loop. Test: receive a packet which the ip length > 20 and the

[PATCH 4.9 049/107] sched/sysctl: Check user input value of sysctl_sched_time_avg

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Ethan Zhao commit 5ccba44ba118a500050076b0344632459779 upstream. System will hang if user set sysctl_sched_time_avg to 0: [root@XXX ~]# sysctl kernel.sched_time_avg_ms=0 Stack traceba

[PATCH 4.9 056/107] smb3: dont request leases in symlink creation and query

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Steve French commit 22783155f4bf956c346a81624ec9258930a6fe06 upstream. Fixes problem pointed out by Pavel in discussions about commit 729c0c9dd55204f0c9a823ac8a7bfa83d36c7e78 Signed-off-by: Pa

[PATCH 4.9 059/107] s390/kvm: fix deadlock when killed by oom

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Claudio Imbrenda commit 306d6c49ac9ded4cb53b0925da52f2c2ada1 upstream. When the oom killer kills a userspace process in the page fault handler while in guest context, the fault handler fail

[PATCH 4.9 051/107] mei: dont update offset in write

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Alexander Usyskin commit a103af1b64d74853a5e08ca6c86aeb0e5c6ca4f1 upstream. MEI enables writes of complete messages only while read can be performed in parts, hence write should not update the

[PATCH 4.9 052/107] cifs: add missing debug entries for kconfig options

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Steve French commit 950132afd59385caf6e2b84e5235d069fa10681d upstream. /proc/fs/cifs/DebugData displays the features (Kconfig options) used to build cifs.ko but it was missing some, and needed

[PATCH 4.9 033/107] selftests/ftrace: Add snapshot and tracing_on test case

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Masami Hiramatsu [ Upstream commit 82f4f3e69c5c29bce940dd87a2c0f16c51d48d17 ] Add a testcase for checking snapshot and tracing_on relationship. This ensures that the snapshotting doesn't affect

[PATCH 4.9 053/107] cifs: check kmalloc before use

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Nicholas Mc Guire commit 126c97f4d0d1b5b956e8b0740c81a2b2a2ae548c upstream. The kmalloc was not being checked - if it fails issue a warning and return -ENOMEM to the caller. Signed-off-by: Nic

[PATCH 4.9 058/107] arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Greg Hackmann commit 5ad356eabc47d26a92140a0c4b20eba471c10de3 upstream. ARM64's pfn_valid() shifts away the upper PAGE_SHIFT bits of the input before seeing if the PFN is valid. This leads to

[PATCH 4.9 057/107] kprobes/arm64: Fix %p uses in error messages

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Masami Hiramatsu commit 0722867dcbc28cc9b269b57acd847c7c1aa638d6 upstream. Fix %p uses in error messages by removing it because those are redundant or meaningless. Signed-off-by: Masami Hirama

[PATCH 4.9 062/107] ext4: reset error code in ext4_find_entry in fallback

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Eric Sandeen commit f39b3f45dbcb0343822cce31ea7636ad66e60bc2 upstream. When ext4_find_entry() falls back to "searching the old fashioned way" due to a corrupt dx dir, it needs to reset the erro

[PATCH 4.9 060/107] ext4: check for NUL characters in extended attributes name

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit 7d95178c77014dbd8dce36ee40bbbc5e6c121ff5 upstream. Extended attribute names are defined to be NUL-terminated, so the name must not contain a NUL character. This is importa

[PATCH 4.9 061/107] ext4: sysfs: print ext4_super_block fields as little-endian

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Arnd Bergmann commit a4d2aadca184ece182418950d45ba4ffc7b652d2 upstream. While working on extended rand for last_error/first_error timestamps, I noticed that the endianess is wrong; we access th

[PATCH 4.9 055/107] smb3: Do not send SMB3 SET_INFO if nothing changed

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Steve French commit fd09b7d3b352105f08b8e02f7afecf7e816380ef upstream. An earlier commit had a typo which prevented the optimization from working: commit 18dd8e1a65dd ("Do not send SMB3 SET_IN

[PATCH 4.9 054/107] smb3: enumerating snapshots was leaving part of the data off end

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Steve French commit e02789a53d71334b067ad72eee5d4e88a0158083 upstream. When enumerating snapshots, the last few bytes of the final snapshot could be left off since we were miscalculating the le

[PATCH 4.9 063/107] staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Greg Hackmann This patch is 4.9.y only. Kernels 4.12 and later are unaffected, since all the underlying ion_handle infrastructure has been ripped out. The ION_IOC_{MAP,SHARE} ioctls drop and r

[PATCH 4.9 034/107] zswap: re-check zswap_is_full() after do zswap_shrink()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Li Wang [ Upstream commit 16e536ef47f567289a5699abee9ff7bb304bc12d ] /sys/../zswap/stored_pages keeps rising in a zswap test with "zswap.max_pool_percent=0" parameter. But it should not compre

[PATCH 4.9 035/107] tools/power turbostat: Read extended processor family from CPUID

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Calvin Walton [ Upstream commit 5aa3d1a20a233d4a5f1ec3d62da3f19d9afea682 ] This fixes the reported family on modern AMD processors (e.g. Ryzen, which is family 0x17). Previously these processor

[PATCH 4.9 037/107] enic: handle mtu change for vf properly

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Govindarajulu Varadarajan [ Upstream commit ab123fe071c9aa9680ecd62eb080eb26cff4892c ] When driver gets notification for mtu change, driver does not handle it for all RQs. It handles only RQ[0]

[PATCH 4.9 030/107] fscache: Allow cancelled operations to be enqueued

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Kiran Kumar Modukuri [ Upstream commit d0eb06afe712b7b103b6361f40a9a0c638524669 ] Alter the state-check assertion in fscache_enqueue_operation() to allow cancelled operations to be given proces

[PATCH 4.9 038/107] arc: [plat-eznps] fix data type errors in platform headers

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Randy Dunlap [ Upstream commit b1f32ce1c3d2c11959b7e6a2c58dc5197c581966 ] Add to fix build errors. Both ctop.h and use u32 types and cause many errors. Examples: ../include/soc/nps/common.h:

[PATCH 4.9 065/107] KVM: arm/arm64: Skip updating PMD entry if no change

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Punit Agrawal commit 86658b819cd0a9aa584cd84453ed268a6f013770 upstream. Contention on updating a PMD entry by a large number of vcpus can lead to duplicate work when handling stage 2 page fault

[PATCH 4.9 039/107] arc: fix build errors in arc/include/asm/delay.h

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Randy Dunlap [ Upstream commit 2423665ec53f2a29191b35382075e9834288a975 ] Fix build errors in arch/arc/'s delay.h: - add "extern unsigned long loops_per_jiffy;" - add for "u64" In file includ

[PATCH 4.9 074/107] fuse: fix initial parallel dirops

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Miklos Szeredi commit 63576c13bd17848376c8ba4a98f5d5151140c4ac upstream. If parallel dirops are enabled in FUSE_INIT reply, then first operation may leave fi->mutex held. Reported-by: syzbot

[PATCH 4.9 075/107] fuse: fix double request_end()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Miklos Szeredi commit 87114373ea507895a62afb10d2910bd9adac35a8 upstream. Refcounting of request is broken when fuse_abort_conn() is called and request is on the fpq->io list: - ref is taken t

[PATCH 4.9 082/107] udl-kms: fix crash due to uninitialized memory

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Mikulas Patocka commit 09a00abe3a9941c2715ca83eb88172cd2f54d8fd upstream. We must use kzalloc when allocating the fb_deferred_io structure. Otherwise, the field first_io is undefined and it cau

[PATCH 4.9 078/107] fuse: Fix oops at process_init_reply()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Miklos Szeredi commit e8f3bd773d22f488724dffb886a1618da85c2966 upstream. syzbot is hitting NULL pointer dereference at process_init_reply(). This is because deactivate_locked_super() is called

<    1   2   3   4   5   6   7   8   9   10   >