Re: [RFC 1/3] abi_spec: basic definitions of constraints, args and syscalls

On Mon, Nov 21, 2016 at 10:41:02AM -0500, Steven Rostedt wrote: > On Wed, 16 Nov 2016 17:37:00 + > alexander.le...@verizon.com wrote: > > > This is a very simple definition of the syscall ABI we can build on. The > > idea > > is to have a generic description of syscalls, their arguments and

Re: [RFC 2/3] abi_spec: hooks into syscall to allow pre and post checking

On Mon, Nov 21, 2016 at 04:57:02PM +0100, Dmitry Vyukov wrote: > On Mon, Nov 21, 2016 at 4:54 PM, Steven Rostedt wrote: > > On Wed, 16 Nov 2016 17:37:01 + > > alexander.le...@verizon.com wrote: > >> #define __SYSCALL_DEFINEx(x, name, ...)

Re: [RFC 0/3] ABI spec - verification

On Mon, Nov 21, 2016 at 03:25:05PM +0100, Dmitry Vyukov wrote: > On Wed, Nov 16, 2016 at 6:37 PM, wrote: > > As discussed at plumbers, having a standard spec for the kernel's ABI has > > quite a few uses and enough people wanted it to get the ball rolling. > > > > We

Re: [RFC 1/3] abi_spec: basic definitions of constraints, args and syscalls

On Mon, Nov 21, 2016 at 03:48:17PM +0100, Dmitry Vyukov wrote: > Several observations based on my experience with syzkaller descriptions: > - there are 2 levels: physical and logical; >on physical level there are int, pointer, array, struct, union; >and that's pretty much it. >on

[RFC 2/3] abi_spec: hooks into syscall to allow pre and post checking

This is a simple way to be able to verify syscall parameters before the call to the actual syscall, and also verify the return value after the call. Signed-off-by: Sasha Levin --- include/linux/syscalls.h | 7 ++- kernel/Makefile | 2 ++

[RFC 0/3] ABI spec - verification

As discussed at plumbers, having a standard spec for the kernel's ABI has quite a few uses and enough people wanted it to get the ball rolling. We agreed that it's desirable to have something that can be used from code rather than just a spec on paper both for validation and allowing other users

[RFC 3/3] abi_spec: example spec for open(), placeholder for rest of syscalls

Signed-off-by: Sasha Levin --- kernel/abi_spec.c | 441 ++ 1 file changed, 441 insertions(+) diff --git a/kernel/abi_spec.c b/kernel/abi_spec.c index 7933c45..9378a533 100644 --- a/kernel/abi_spec.c +++

[RFC 1/3] abi_spec: basic definitions of constraints, args and syscalls

This is a very simple definition of the syscall ABI we can build on. The idea is to have a generic description of syscalls, their arguments and return values we can use to audit the kernel's implementation vs the specs. Signed-off-by: Sasha Levin ---

Re: version 3.18.44 to 3.18.45 introduced a bug in "drivers/scsi/megaraid/megaraid_sas_base.c"

On Tue, Dec 13, 2016 at 08:47:33AM -0800, Greg Kroah-Hartman wrote: > On Tue, Dec 13, 2016 at 08:43:41AM -0800, James Bottomley wrote: > > On Tue, 2016-12-13 at 08:33 -0800, Randy Dunlap wrote: > > > On 12/13/16 08:30, Greg Kroah-Hartman wrote: > > > > I don't maintain 3.18-stable :) > > > > > >

Re: [RFC 1/3] abi_spec: basic definitions of constraints, args and syscalls

On Wed, Dec 14, 2016 at 08:46:25PM +0100, Dmitry Vyukov wrote: > Here is my current prototype: > https://github.com/dvyukov/linux/commit/6200a9333e78bef393f8ead41205813b94d340f3 > > For now it can trace arguments of 4 system calls: > > [4.055483] [pid 1258] open(&7ffdefc023a0=[], 0x0,

Re: [RFC 1/3] abi_spec: basic definitions of constraints, args and syscalls

On Mon, Dec 12, 2016 at 11:29:35AM +0100, Dmitry Vyukov wrote: > On Wed, Nov 23, 2016 at 3:59 PM, wrote: > > On Mon, Nov 21, 2016 at 03:48:17PM +0100, Dmitry Vyukov wrote: > > I imagine that this will be handled by specific logical type handlers we'll > > need to

Re: [PATCH -v6 11/13] futex: Rework futex_lock_pi() to use rt_mutex_*_proxy_lock()

On Wed, Mar 22, 2017 at 11:35:58AM +0100, Peter Zijlstra wrote: > By changing futex_lock_pi() to use rt_mutex_*_proxy_lock() we arrive > at a point where all wait_list modifications are done under both > hb->lock and wait_lock. [...] Hey Peter, I'm seeing the following, which seems to be related

[PATCH] 9p: set page uptodate when required in write_end()

From: Alexander Levin <alexander.le...@verizon.com> Commit 77469c3f570 prevented setting the page as uptodate when we wrote the right amount of data, fix that. Fixes: 77469c3f570 ("9p: saner ->write_end() on failing copy into non-uptodate page") Reviewed-by: Jan Kara <j..

af_packet: use after free in prb_retire_rx_blk_timer_expired

Hi all, I seem to be hitting this use-after-free on a -next kernel using trinity: [ 531.036054] BUG: KASAN: use-after-free in prb_retire_rx_blk_timer_expired (net/packet/af_packet.c:688) [ 531.036961] Read of size 8 at addr 88038c1fb0e8

Re: [patch 1/3] mm: protect set_page_dirty() from ongoing truncation

On Fri, Dec 05, 2014 at 09:52:44AM -0500, Johannes Weiner wrote: > Tejun, while reviewing the code, spotted the following race condition > between the dirtying and truncation of a page: > > __set_page_dirty_nobuffers() __delete_from_page_cache() > if (TestSetPageDirty(page)) >

Re: [patch 1/3] mm: protect set_page_dirty() from ongoing truncation

On Mon, Apr 10, 2017 at 02:06:38PM +0200, Jan Kara wrote: > On Mon 10-04-17 02:22:33, alexander.le...@verizon.com wrote: > > On Fri, Dec 05, 2014 at 09:52:44AM -0500, Johannes Weiner wrote: > > > Tejun, while reviewing the code, spotted the following race condition > > > between the dirtying and

Re: [PATCH -stable 4.1 0/4] perf/core: Fix dynamic interrupt throttle

On Mon, Mar 06, 2017 at 03:14:21PM +0800, Tan Xiaojun wrote: > These four patches are needed for stable 4.1. They fix function of dynamic > interrupt throttle. > > Kan Liang (1): > perf/core: Fix implicitly enable dynamic interrupt throttle > > Peter Zijlstra (2): > perf/core: Fix dynamic

Re: [PATCH v2 04/10] mm: make the try_to_munlock void function

On Wed, Mar 15, 2017 at 02:24:47PM +0900, Minchan Kim wrote: > try_to_munlock returns SWAP_MLOCK if the one of VMAs mapped > the page has VM_LOCKED flag. In that time, VM set PG_mlocked to > the page if the page is not pte-mapped THP which cannot be > mlocked, either. > > With that,

Re: Future of liblockdep

On Wed, May 03, 2017 at 09:13:57PM +0100, Ben Hutchings wrote: > liblockdep hasn't been buildable since (I think) Linux 4.6. I sent > Sasha fixes for that last June and he included these in a pull request > to Ingo, but somehow they never reached mainline. Linux 4.8 broke > liblockdep further,

Re: Future of liblockdep

On Wed, May 03, 2017 at 10:19:55PM +0100, Ben Hutchings wrote: > On Wed, 2017-05-03 at 21:00 +, alexander.le...@verizon.com wrote: > > On Wed, May 03, 2017 at 09:13:57PM +0100, Ben Hutchings wrote: > > > liblockdep hasn't been buildable since (I think) Linux 4.6.  I sent > > > Sasha fixes for

[PATCH 09/15] MAINTAINERS: update email for Sasha Levin

New position, new email address. Signed-off-by: Sasha Levin --- MAINTAINERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MAINTAINERS b/MAINTAINERS index 38d3e4ed7208..c67ad6fe6f6c 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -7450,7 +7450,7

[PATCH 15/15] tools: liblockdep: Use LDFLAGS

From: Ben Hutchings Signed-off-by: Ben Hutchings Signed-off-by: Sasha Levin --- tools/lib/lockdep/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/lib/lockdep/Makefile

[PATCH 11/15] tools: liblockdep: Don't mix fd-based and stream IO

From: Alexander Sverdlin Mixing fd-based and stream-base IO results in interleaved output like following: = [ BUG: bad unlock balance detected! ] liblockdep 4.7.6 - conopal/372 is trying to

[PATCH 04/15] liblockdep: Enable -Wall by default

From: Ben Hutchings Regressions in liblockdep may be missed because it doesn't enable warnings. Adding -Wall immediately introduces a lot of warnings, but those will be fixed by the following commits. Signed-off-by: Ben Hutchings Signed-off-by:

[PATCH 13/15] tools: liblockdep: Fix object file paths used in an out-of-tree build

From: Ben Hutchings Signed-off-by: Ben Hutchings Signed-off-by: Sasha Levin --- tools/lib/lockdep/Makefile | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tools/lib/lockdep/Makefile

[PATCH 07/15] liblockdep: Fix 'defined but not used' warning for init_utsname()

From: Ben Hutchings We define init_utsname() as static but not inline, resulting in a warning for every source file that includes lockdep.h but doesn't call it. Since it is only used by lockdep.c, define it in there. Signed-off-by: Ben Hutchings

[PATCH 06/15] liblockdep: Fix 'set but not used' warnings

From: Ben Hutchings liblockdep defines trivial macros for working with interrupt flags, as interrupts are never disabled in userland. This results in warnings from gcc when -Wunused-but-set-variable is enabled, and it is enabled by -Wall. Fix this by evaluating the flags

[PATCH 05/15] liblockdep: Fix 'unused value' warnings

From: Ben Hutchings liblockdep defines various macros that may expand to an expression with no effect, while the in-kernel definition does have an effect. This results in warnings from gcc when -Wunused-value is enabled, and is is enabled by -Wall. Fix this by introducing

[PATCH 12/15] tools: liblockdep: fix compilation for 4.11

- More rcu stubs - New dummy headers due to sched header split - jhash2 included in due to kernel lockdep inclusion and usage Signed-off-by: Sasha Levin --- tools/include/linux/bitops.h | 10 ++ tools/include/linux/jhash.h |

[PATCH 03/15] liblockdep: Define the ARRAY_SIZE() macro

From: Ben Hutchings lockdep.c now uses ARRAY_SIZE(). Fixes: 75dd602a5198 ("lockdep: Fix lock_chain::base size") Signed-off-by: Ben Hutchings Signed-off-by: Sasha Levin --- tools/lib/lockdep/uinclude/linux/kernel.h | 2 ++ 1

[PATCH 02/15] liblockdep: Reduce MAX_LOCK_DEPTH to avoid overflowing lock_chain::depth

From: Ben Hutchings liblockdep has been broken since commit 75dd602a5198 ("lockdep: Fix lock_chain::base size"), as that adds a check that MAX_LOCK_DEPTH is within the range of lock_chain::depth and in liblockdep it is much too large. That should have resulted in a

[PATCH 08/15] liblockdep: Remove -lpthread compiler option

From: Vishal Thanki With -lpthread option, the test for ABBA_2threads was failing, and test passed if it was removed. Since -pthread compiler option is sufficient for linking to pthread libraries, this patch removes -lpthread. Signed-off-by: Vishal Thanki

[PATCH 10/15] tools: add install make target for liblockdep

From: Alexander Sverdlin Allow user to call "liblockdep_install" target. Also add liblockdep to "all" and "install" targets (as "help" command suggests). Signed-off-by: Alexander Sverdlin Cc: Arnaldo Carvalho de Melo

[PATCH 14/15] tools: liblockdep: Remove double-quotes from soname

From: Ben Hutchings Signed-off-by: Ben Hutchings Signed-off-by: Sasha Levin --- tools/lib/lockdep/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/lib/lockdep/Makefile

[PATCH 01/15] liblockdep: Fix undefined symbol prandom_u32

From: Ben Hutchings __lock_pin_lock() now calls prandom_u32() which is not defined in liblockdep. __lock_pin_lock() and its caller lock_pin_lock() are dead code in liblockdep, but we still need to provide a definition of prandom_u32() in case lazy binding is disabled.

Re: [GIT PULL] liblockdep for 4.12

Hey Ingo, Here it is, with all the headers required. The following changes since commit a351e9b9fc24e982ec2f0e76379a49826036da12: Linux 4.11 (2017-04-30 19:47:48 -0700) are available in the git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux.git liblockdep-fixes

Re: [GIT PULL] liblockdep for 4.12

On Fri, May 05, 2017 at 08:11:38AM +0200, Ingo Molnar wrote: > * alexander.le...@verizon.com wrote: > Could you please include all the patches as part of the pull request, so that > individual patches can be discussed? Sure, I'll resend. > In particular I'm

[GIT PULL] liblockdep for 4.12

Hi Ingo, Please pull fixes for liblockdep. === The following changes since commit a351e9b9fc24e982ec2f0e76379a49826036da12: Linux 4.11 (2017-04-30 19:47:48 -0700) are available in the git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux.git liblockdep-fixes for

[PATCH AUTOSEL for 4.9 45/56] netfilter: nft_queue: use raw_smp_processor_id()

From: Pablo Neira Ayuso [ Upstream commit c2e756ff9e699865d294cdc112acfc36419cf5cc ] Using smp_processor_id() causes splats with PREEMPT_RCU: [19379.552780] BUG: using smp_processor_id() in preemptible [] code: ping/32389 [19379.552793] caller is

[PATCH AUTOSEL for 4.9 46/56] netfilter: nf_tables: fix oob access

From: Florian Westphal [ Upstream commit 3e38df136e453aa69eb4472108ebce2fb00b1ba6 ] BUG: KASAN: slab-out-of-bounds in nf_tables_rule_destroy+0xf1/0x130 at addr 88006a4c35c8 Read of size 8 by task nft/1607 When we've destroyed last valid expr, nft_expr_next() returns an

[PATCH AUTOSEL for 4.9 31/56] ASoC: da7218: Set DAI output pin high impedance when not in use

From: Adam Thomson [ Upstream commit ac29a8f41740186aee601de99c729530e37ca77c ] For TDM mode, the I2S data out line can be shared between mutliple codecs. In this scenario, only the active codec should be using the line, and all others should be high

[PATCH AUTOSEL for 4.9 05/56] PCI: Apply _HPX settings only to relevant devices

From: Bjorn Helgaas [ Upstream commit 977509f7c5c6fb992ffcdf4291051af343b91645 ] Previously we didn't check the type of device before trying to apply Type 1 (PCI-X) or Type 2 (PCIe) Setting Records from _HPX. We don't support PCI-X Setting Records, so this was harmless,

[PATCH AUTOSEL for 4.9 06/56] drm/sun4i: Fix a return value in case of error

From: Christophe JAILLET [ Upstream commit 0f0861e31e3c59ca4bc1ec59d99260cfca79740e ] If 'sun4i_backend_drm_format_to_layer()' does not return 0, then 'val' is left unmodified. As it is not initialized either, the return value can be anything. It is likely that

[PATCH AUTOSEL for 4.9 35/56] drm/i915: Protect DSPARB registers with a spinlock

From: Ville Syrjälä [ Upstream commit 467a14d935c6d95b94e4197bf63e264eab4c5d06 ] Each DSPARB register can house bits for two separate pipes, hence we must protect the registers during reprogramming so that parallel FIFO reconfigurations happening simultaneosly on

[PATCH AUTOSEL for 4.9 25/56] ALSA: hda - Apply ALC269_FIXUP_NO_SHUTUP on HDA_FIXUP_ACT_PROBE

From: Gabriele Mazzotta [ Upstream commit 972aa2c708703c21f14eb958b37e82aae2530e44 ] Setting shutup when the action is HDA_FIXUP_ACT_PRE_PROBE might not have the desired effect since it could be overridden by another more generic shutup function. Prevent this by setting

[PATCH AUTOSEL for 3.18 08/16] mac80211: Remove invalid flag operations in mesh TSF synchronization

From: Masashi Honma [ Upstream commit 76f43b4c0a9337af22827d78de4f2b8fd5328489 ] mesh_sync_offset_adjust_tbtt() implements Extensible synchronization framework ([1] 13.13.2 Extensible synchronization framework). It shall not operate the flag "TBTT Adjusting subfield"

[PATCH AUTOSEL for 4.9 30/56] drm/atomic: Unconditionally call prepare_fb.

From: Maarten Lankhorst [ Upstream commit 0532be078a207d7dd6ad26ebd0834e258acc4ee7 ] Atomic drivers may set properties like rotation on the same fb, which may require a call to prepare_fb even when framebuffer stays identical. Instead of handling all the

[PATCH AUTOSEL for 4.9 47/56] ASoC: rsnd: don't double free kctrl

From: Colin Ian King [ Upstream commit 0ea617a298dcdc2251b4e10f83ac3f3e627b66e3 ] On an error, snd_ctl_add already free's kctrl, so calling snd_ctl_free_one to free it again leads to a double free error. Fix this by removing the extraneous snd_ctl_free_one call.

[PATCH AUTOSEL for 4.9 34/56] mac80211: Suppress NEW_PEER_CANDIDATE event if no room

From: Masashi Honma [ Upstream commit 11197d006bcfabf0173a7820a163fcaac420d10e ] Previously, kernel sends NEW_PEER_CANDIDATE event to user land even if the found peer does not have any room to accept other peer. This causes continuous connection trials. Signed-off-by:

[PATCH AUTOSEL for 4.9 22/56] pinctrl: sirf: atlas7: Add missing 'of_node_put()'

From: Christophe JAILLET [ Upstream commit 7af355e6715b325d8af29822f4c3dbecd7eeebec ] Reference to 'sys2pci_np' should be dropped in all cases here, not only in error handling path. Signed-off-by: Christophe JAILLET Signed-off-by:

[PATCH AUTOSEL for 4.9 41/56] drm/i915: Protect dev_priv->atomic_cdclk_freq with all the crtc locks

From: Ville Syrjälä [ Upstream commit 8d96561a0a31974fec33bd3f3853d6211b7ab738 ] A modeset on one pipe can update dev_priv->atomic_cdclk_freq without actually touching the hardware, in which case we won't force a modeset on all the pipes, and thus won't lock any

[PATCH AUTOSEL for 4.9 20/56] ath10k: ignore configuring the incorrect board_id

From: Ryan Hsu [ Upstream commit d2e202c06ca42d353d95df12437740921a6d05b5 ] With command to get board_id from otp, in the case of following boot get otp board id result 0x board_id 0 chip_id 0 boot using board name 'bus=pci,bmi-chip-id=0,bmi-board-id=0"

[PATCH AUTOSEL for 4.9 40/56] drm/i915: Assert no external observers when unwind a failed request alloc

From: Chris Wilson [ Upstream commit 1618bdb89b5d8b47edf42d9c6ea96ecf001ad625 ] Before we return the request back to the kmem_cache after a failed i915_gem_request_alloc(), we should assert that it has not been added to any global state tracking. Signed-off-by: Chris

[PATCH AUTOSEL for 4.9 21/56] ath10k: fix potential memory leak in ath10k_wmi_tlv_op_pull_fw_stats()

From: Christian Lamparter [ Upstream commit 097e46d2ae90265d1afe141ba6208ba598b79e01 ] ath10k_wmi_tlv_op_pull_fw_stats() uses tb = ath10k_wmi_tlv_parse_alloc(...) function, which allocates memory. If any of the three error-paths are taken, this tb needs to be freed.

[PATCH AUTOSEL for 4.4 05/28] net: Allow IP_MULTICAST_IF to set index to L3 slave

From: David Ahern [ Upstream commit 7bb387c5ab12aeac3d5eea28686489ff46b53ca9 ] IP_MULTICAST_IF fails if sk_bound_dev_if is already set and the new index does not match it. e.g., ntpd[15381]: setsockopt IP_MULTICAST_IF 192.168.1.23 fails: Invalid argument Relax

[PATCH AUTOSEL for 4.9 56/56] xen: xenbus driver must not accept invalid transaction ids

From: Juergen Gross [ Upstream commit 639b08810d6ad74ded2c5f6e233c4fcb9d147168 ] When accessing Xenstore in a transaction the user is specifying a transaction id which he normally obtained from Xenstore when starting the transaction. Xenstore is validating a transaction id

[PATCH AUTOSEL for 4.9 29/56] clk: qcom: ipq4019: Add all the frequencies for apss cpu

From: Abhishek Sahu [ Upstream commit 86c654d41a52e3d17e9bc2c2ba37f3c963e66a4a ] The APSS CPU clock does not contain all the frequencies in its frequency table so this patch adds the same. Signed-off-by: Abhishek Sahu Signed-off-by: Stephen Boyd

[PATCH AUTOSEL for 4.9 55/56] nvmet: fix KATO offset in Set Features

From: Daniel Verkamp [ Upstream commit 6c73f949300f17851f53fa80c9d1611ccd6909d3 ] The Set Features implementation for Keep Alive Timer was using the wrong structure when retrieving the KATO value; it was treating the Set Features command as a Property Set command. The

[PATCH AUTOSEL for 4.4 21/28] spi: SPI_FSL_DSPI should depend on HAS_DMA

From: Geert Uytterhoeven [ Upstream commit dadab2d4e3cf708ceba22ecddd94aedfecb39199 ] If NO_DMA=y: ERROR: "bad_dma_ops" [drivers/spi/spi-fsl-dspi.ko] undefined! Add a dependency on HAS_DMA to fix this. Signed-off-by: Geert Uytterhoeven

[PATCH AUTOSEL for 4.9 32/56] drm/mediatek: don't use drm_put_dev

From: Daniel Vetter [ Upstream commit ae9d2daecf086958a41ad216152ec208d70ba325 ] fsl is already fully demidlayered in the probe function, but for convenience stuck with drm_put_dev. Call the unregister/unref parts separately, to make sure this driver works correct. Cc:

[PATCH AUTOSEL for 4.9 36/56] drm/i915: Fix the level 0 max_wm hack on VLV/CHV

From: Ville Syrjälä [ Upstream commit 1be4d3793d5a93daddcd9be657c429b38ad750a3 ] The watermark should never exceed the FIFO size, so we need to check against the current FIFO size instead of the theoretical maximum when we clamp the level 0 watermark.

[PATCH AUTOSEL for 4.9 54/56] [media] cec: update log_addr[] before finishing configuration

From: Hans Verkuil [ Upstream commit 7af26f889eb67db272021a939f7d4a57e96dd961 ] The loop that sets the unused logical addresses to INVALID should be done before 'configured' is set to true. This ensures that cec_log_addrs is consistent before it will be used. Signed-off-by:

[PATCH AUTOSEL for 4.9 53/56] [media] cec: CEC_MSG_GIVE_FEATURES should abort for CEC version < 2

From: Hans Verkuil [ Upstream commit a24f56d47930492c94ef6875bf45adf7607ca1a4 ] This is a 2.0 only message, so it should return Feature Abort if the adapter is configured for CEC version 1.4. Right now it does nothing, which means that the sender will time out.

[PATCH AUTOSEL for 4.4 08/28] drm/armada: Fix compile fail

From: Daniel Vetter [ Upstream commit 7357f89954b6d005df6ab8929759e78d7d9a80f9 ] I reported the include issue for tracepoints a while ago, but nothing seems to have happened. Now it bit us, since the drm_mm_print conversion was broken for armada. Fix it, so I can

[PATCH AUTOSEL for 4.4 07/28] net: 3com: typhoon: typhoon_init_one: fix incorrect return values

From: Thomas Preisner [ Upstream commit 107fded7bf616ad6f46823d98b8ed6405d7adf2d ] In a few cases the err-variable is not set to a negative error code if a function call in typhoon_init_one() fails and thus 0 is returned instead. It may be better to set err to the

[PATCH AUTOSEL for 4.4 20/28] drm/i915/bxt: Correct dual-link MIPI port control.

From: Bob Paauwe [ Upstream commit 812b1d2fe527c3c68d04f379aef850dd02db5945 ] For BXT, there is only one bit that enables/disables dual-link mode and not different bits depending on which pipe is being used. Signed-off-by: Bob Paauwe Link:

[PATCH AUTOSEL for 4.9 33/56] mac80211: Remove invalid flag operations in mesh TSF synchronization

From: Masashi Honma [ Upstream commit 76f43b4c0a9337af22827d78de4f2b8fd5328489 ] mesh_sync_offset_adjust_tbtt() implements Extensible synchronization framework ([1] 13.13.2 Extensible synchronization framework). It shall not operate the flag "TBTT Adjusting subfield"

[PATCH AUTOSEL for 4.4 28/28] xen: xenbus driver must not accept invalid transaction ids

From: Juergen Gross [ Upstream commit 639b08810d6ad74ded2c5f6e233c4fcb9d147168 ] When accessing Xenstore in a transaction the user is specifying a transaction id which he normally obtained from Xenstore when starting the transaction. Xenstore is validating a transaction id

[PATCH AUTOSEL for 4.4 23/28] netfilter: nf_tables: fix oob access

From: Florian Westphal [ Upstream commit 3e38df136e453aa69eb4472108ebce2fb00b1ba6 ] BUG: KASAN: slab-out-of-bounds in nf_tables_rule_destroy+0xf1/0x130 at addr 88006a4c35c8 Read of size 8 by task nft/1607 When we've destroyed last valid expr, nft_expr_next() returns an

[PATCH AUTOSEL for 3.18 04/16] net: 3com: typhoon: typhoon_init_one: make return values more specific

From: Thomas Preisner [ Upstream commit 6b6bbb5922a4b1d4b58125a572da91010295fba3 ] In some cases the return value of a failing function is not being used and the function typhoon_init_one() returns another negative error code instead. Signed-off-by: Thomas

[PATCH AUTOSEL for 4.4 06/28] net: 3com: typhoon: typhoon_init_one: make return values more specific

From: Thomas Preisner [ Upstream commit 6b6bbb5922a4b1d4b58125a572da91010295fba3 ] In some cases the return value of a failing function is not being used and the function typhoon_init_one() returns another negative error code instead. Signed-off-by: Thomas

[PATCH AUTOSEL for 3.18 14/16] ASoC: wm_adsp: Don't overrun firmware file buffer when reading region data

From: Richard Fitzgerald [ Upstream commit 1cab2a84f470e15ecc8e5143bfe9398c6e888032 ] Protect against corrupt firmware files by ensuring that the length we get for the data in a region actually lies within the available firmware file data buffer.

[PATCH AUTOSEL for 4.4 18/28] iio: light: fix improper return value

From: Pan Bian [ Upstream commit db4e5376d058af8924fafd0520a0942d92538d0e ] In function cm3232_reg_init(), it returns 0 even if the last call to i2c_smbus_write_byte_data() returns a negative value (indicates error). As a result, the return value may be inconsistent with

[PATCH AUTOSEL for 4.4 15/28] mac80211: Remove invalid flag operations in mesh TSF synchronization

From: Masashi Honma [ Upstream commit 76f43b4c0a9337af22827d78de4f2b8fd5328489 ] mesh_sync_offset_adjust_tbtt() implements Extensible synchronization framework ([1] 13.13.2 Extensible synchronization framework). It shall not operate the flag "TBTT Adjusting subfield"

[PATCH AUTOSEL for 4.4 26/28] ASoC: wm_adsp: Don't overrun firmware file buffer when reading region data

From: Richard Fitzgerald [ Upstream commit 1cab2a84f470e15ecc8e5143bfe9398c6e888032 ] Protect against corrupt firmware files by ensuring that the length we get for the data in a region actually lies within the available firmware file data buffer.

[PATCH AUTOSEL for 4.4 11/28] ath10k: fix potential memory leak in ath10k_wmi_tlv_op_pull_fw_stats()

From: Christian Lamparter [ Upstream commit 097e46d2ae90265d1afe141ba6208ba598b79e01 ] ath10k_wmi_tlv_op_pull_fw_stats() uses tb = ath10k_wmi_tlv_parse_alloc(...) function, which allocates memory. If any of the three error-paths are taken, this tb needs to be freed.

[PATCH AUTOSEL for 4.9 51/56] s390/kbuild: enable modversions for symbols exported from asm

From: Heiko Carstens [ Upstream commit cabab3f9f5ca077535080b3252e6168935b914af ] s390 version of commit 334bb7738764 ("x86/kbuild: enable modversions for symbols exported from asm") so we get also rid of all these warnings: WARNING: EXPORT symbol "_mcount" [vmlinux]

[PATCH AUTOSEL for 4.9 52/56] [media] cec: when canceling a message, don't overwrite old status info

From: Hans Verkuil [ Upstream commit 120476123646ba3619c90db7bcbc6f8eea53c990 ] When a pending message was canceled (e.g. due to a timeout), then the old tx_status info was overwritten instead of ORed. The same happened with the tx_error_cnt field. So just modify them

[PATCH AUTOSEL for 4.9 03/56] RDS: RDMA: return appropriate error on rdma map failures

From: Santosh Shilimkar [ Upstream commit 584a8279a44a800dea5a5c1e9d53a002e03016b4 ] The first message to a remote node should prompt a new connection even if it is RDMA operation. For RDMA operation the MR mapping can fail because connections is not yet up. Since

[PATCH AUTOSEL for 4.9 08/56] clk: sunxi-ng: fix PLL_CPUX adjusting on A33

From: Icenowy Zheng [ Upstream commit 790d929b540661945d1c70652ffb602c5c06ad85 ] When adjusting PLL_CPUX on A33, the PLL is temporarily driven too high, and the system hangs. Add a notifier to avoid this situation by temporarily switching to a known stable 24 MHz oscillator.

[PATCH AUTOSEL for 4.9 10/56] fscrypt: use ENOKEY when file cannot be created w/o key

From: Eric Biggers [ Upstream commit 54475f531bb8d7078f63c159e5e0615d486c498c ] As part of an effort to clean up fscrypt-related error codes, make attempting to create a file in an encrypted directory that hasn't been "unlocked" fail with ENOKEY. Previously, several error

[PATCH AUTOSEL for 4.9 04/56] RDS: RDMA: fix the ib_map_mr_sg_zbva() argument

From: Santosh Shilimkar [ Upstream commit 3e56c2f856d7aba6a03feea834d68f9c05f7d0b6 ] Fixes warning: Using plain integer as NULL pointer Signed-off-by: Santosh Shilimkar Signed-off-by: Sasha Levin ---

[PATCH AUTOSEL for 4.9 01/56] ACPICA: Resources: Not a valid resource if buffer length too long

From: Bob Moore [ Upstream commit 57707a9a7780fab426b8ae9b4c7b65b912a748b3 ] ACPICA commit 9f76de2d249b18804e35fb55d14b1c2604d627a1 ACPICA commit b2e89d72ef1e9deefd63c3fd1dee90f893575b3a ACPICA commit 23b5bbe6d78afd3c5abf3adb91a1b098a3000b2e The declared buffer length

[PATCH AUTOSEL for 3.18 15/16] s390/kbuild: enable modversions for symbols exported from asm

From: Heiko Carstens [ Upstream commit cabab3f9f5ca077535080b3252e6168935b914af ] s390 version of commit 334bb7738764 ("x86/kbuild: enable modversions for symbols exported from asm") so we get also rid of all these warnings: WARNING: EXPORT symbol "_mcount" [vmlinux]

[PATCH AUTOSEL for 3.18 16/16] xen: xenbus driver must not accept invalid transaction ids

From: Juergen Gross [ Upstream commit 639b08810d6ad74ded2c5f6e233c4fcb9d147168 ] When accessing Xenstore in a transaction the user is specifying a transaction id which he normally obtained from Xenstore when starting the transaction. Xenstore is validating a transaction id

[PATCH AUTOSEL for 3.18 10/16] staging: iio: cdc: fix improper return value

From: Pan Bian [ Upstream commit 91ca1a8c584f55857b1f6ab20a1d3a1ce7a559bb ] At the end of function ad7150_write_event_config(), directly returns 0. As a result, the errors will be ignored by the callers. It may be better to return variable "ret". Signed-off-by: Pan Bian

[PATCH AUTOSEL for 4.4 10/28] ath10k: ignore configuring the incorrect board_id

From: Ryan Hsu [ Upstream commit d2e202c06ca42d353d95df12437740921a6d05b5 ] With command to get board_id from otp, in the case of following boot get otp board id result 0x board_id 0 chip_id 0 boot using board name 'bus=pci,bmi-chip-id=0,bmi-board-id=0"

[PATCH AUTOSEL for 4.9 43/56] spi: SPI_FSL_DSPI should depend on HAS_DMA

From: Geert Uytterhoeven [ Upstream commit dadab2d4e3cf708ceba22ecddd94aedfecb39199 ] If NO_DMA=y: ERROR: "bad_dma_ops" [drivers/spi/spi-fsl-dspi.ko] undefined! Add a dependency on HAS_DMA to fix this. Signed-off-by: Geert Uytterhoeven

[PATCH AUTOSEL for 3.18 11/16] netfilter: nft_queue: use raw_smp_processor_id()

From: Pablo Neira Ayuso [ Upstream commit c2e756ff9e699865d294cdc112acfc36419cf5cc ] Using smp_processor_id() causes splats with PREEMPT_RCU: [19379.552780] BUG: using smp_processor_id() in preemptible [] code: ping/32389 [19379.552793] caller is

[PATCH AUTOSEL for 3.18 09/16] mac80211: Suppress NEW_PEER_CANDIDATE event if no room

From: Masashi Honma [ Upstream commit 11197d006bcfabf0173a7820a163fcaac420d10e ] Previously, kernel sends NEW_PEER_CANDIDATE event to user land even if the found peer does not have any room to accept other peer. This causes continuous connection trials. Signed-off-by:

[PATCH AUTOSEL for 3.18 12/16] netfilter: nf_tables: fix oob access

From: Florian Westphal [ Upstream commit 3e38df136e453aa69eb4472108ebce2fb00b1ba6 ] BUG: KASAN: slab-out-of-bounds in nf_tables_rule_destroy+0xf1/0x130 at addr 88006a4c35c8 Read of size 8 by task nft/1607 When we've destroyed last valid expr, nft_expr_next() returns an

[PATCH AUTOSEL for 3.18 13/16] btrfs: return the actual error value from from btrfs_uuid_tree_iterate

From: Pan Bian [ Upstream commit 73ba39ab9307340dc98ec3622891314bbc09cc2e ] In function btrfs_uuid_tree_iterate(), errno is assigned to variable ret on errors. However, it directly returns 0. It may be better to return ret. This patch also removes the warning, because the

[PATCH AUTOSEL for 3.18 02/16] RDS: RDMA: return appropriate error on rdma map failures

From: Santosh Shilimkar [ Upstream commit 584a8279a44a800dea5a5c1e9d53a002e03016b4 ] The first message to a remote node should prompt a new connection even if it is RDMA operation. For RDMA operation the MR mapping can fail because connections is not yet up. Since

[PATCH AUTOSEL for 4.4 22/28] netfilter: nft_queue: use raw_smp_processor_id()

From: Pablo Neira Ayuso [ Upstream commit c2e756ff9e699865d294cdc112acfc36419cf5cc ] Using smp_processor_id() causes splats with PREEMPT_RCU: [19379.552780] BUG: using smp_processor_id() in preemptible [] code: ping/32389 [19379.552793] caller is

[PATCH AUTOSEL for 4.4 02/28] RDS: RDMA: return appropriate error on rdma map failures

From: Santosh Shilimkar [ Upstream commit 584a8279a44a800dea5a5c1e9d53a002e03016b4 ] The first message to a remote node should prompt a new connection even if it is RDMA operation. For RDMA operation the MR mapping can fail because connections is not yet up. Since

[PATCH AUTOSEL for 4.4 03/28] PCI: Apply _HPX settings only to relevant devices

From: Bjorn Helgaas [ Upstream commit 977509f7c5c6fb992ffcdf4291051af343b91645 ] Previously we didn't check the type of device before trying to apply Type 1 (PCI-X) or Type 2 (PCIe) Setting Records from _HPX. We don't support PCI-X Setting Records, so this was harmless,

[PATCH AUTOSEL for 4.9 44/56] ASoC: dwc: Fix PIO mode initialization

From: Jose Abreu [ Upstream commit 6fce983f9b3ef51d47e647b2cff15049ef803781 ] We can no longer rely on the return value of devm_snd_dmaengine_pcm_register(...) to check if the DMA handle is declared in the DT. Previously this check activated PIO mode but currently

[PATCH AUTOSEL for 4.4 09/28] ath10k: fix incorrect txpower set by P2P_DEVICE interface

From: Ryan Hsu [ Upstream commit 88407beb1b1462f706a1950a355fd086e1c450b6 ] Ath10k reports the phy capability that supports P2P_DEVICE interface. When we use the P2P supported wpa_supplicant to start connection, it'll create two interfaces, one is wlan0 (vdev_id=0)

[PATCH AUTOSEL for 4.4 24/28] ASoC: rsnd: don't double free kctrl

From: Colin Ian King [ Upstream commit 0ea617a298dcdc2251b4e10f83ac3f3e627b66e3 ] On an error, snd_ctl_add already free's kctrl, so calling snd_ctl_free_one to free it again leads to a double free error. Fix this by removing the extraneous snd_ctl_free_one call.

[PATCH AUTOSEL for 4.9 02/56] RDS: make message size limit compliant with spec

From: Avinash Repaka [ Upstream commit f9fb69adb6c7acca60977a4db5a5f95b8e66c041 ] RDS support max message size as 1M but the code doesn't check this in all cases. Patch fixes it for RDMA & non-RDMA and RDS MR size and its enforced irrespective of underlying transport.

  1   2   3   4   5   6   7   8   9   10   >